On Thu, Dec 07, 2023 at 11:06:03AM +0100, Ard Biesheuvel wrote: > From: Ard Biesheuvel <a...@kernel.org> > > Shim's PE loader uses the EFI memory attributes protocol in a way that > results in an immediate crash when invoking the loaded image, unless the > base and size of its executable segment are both aligned to 4k. > > If this is not the case, it will strip the memory allocation of its > executable permissions, but fail to add them back for the executable > region, resulting in non-executable code. Unfortunately, the PE loader > does not even bother invoking the protocol in this case (as it notices > the misalignment), making it very hard for system firmware to work > around this by attempting to infer the intent of the caller. > > So let's introduce a QEMU command line option to indicate that the > protocol should not be exposed at all on the first boot, which is when > the issue is triggered. (fbaa64.efi is broken but grubaa64.efi boots > fine) > > -fw_cfg opt/org.tianocore/UninstallMemAttrProtocolOnFirstBoot,string=y > > Also introduce a fixed boolean PCD that sets the default.
Did some more testing meanwhile with latest shim. Noticed things can explode in other ways as well in case the memory attribute protocol is present. Specifically rhel-9.3 grub on aa64 crashes with latest shim. Which I suspect is that grub version not being NX-clean, and shim setting page permissions via memory attribute protocol triggers that bug. Didn't analyze it yet though. So, while I'd love to see some automatic way here I suspect trying to be too clever does more harm than good. take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112275): https://edk2.groups.io/g/devel/message/112275 Mute This Topic: https://groups.io/mt/103031504/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
