On Sun, 2017-07-30 at 00:16 -0600, Jan Beulich wrote: > > > > > > > > > > > > > David Woodhouse <dw...@infradead.org> 07/20/17 5:22 PM >>> > > This includes stuff lke the hypercall tables which we really want > > to be read-only. And they were going into .data.read-mostly. > Yes, we'd like them to be read-only, but what if EFI properly assigned r/o > permissions to the .rodata section when loading xen.efi? We'd then be > unable to apply relocations when switching from 1:1 to virtual mappings > (see efi_arch_relocate_image()).
FWIW it does look like TianoCore has gained the ability to mark sections as read-only, in January of this year: https://github.com/tianocore/edk2/commit/d0e92aad46 It doesn't actually seem to be complete — even with subsequent fixes since that commit, it doesn't look like it catches the case of data sections without EFI_IMAGE_SCN_MEM_WRITE, such as .rodata. And even if/when that gets fixed you'll note that the protection is deliberately torn down in ExitBootServices(), specifically for the case you're concerned about below — because you'll need to do the relocations. So I don't think there should be a problem here.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
