On Tue, 12 Dec 2023 at 11:08, Gerd Hoffmann <kra...@redhat.com> wrote: > > On Tue, Dec 12, 2023 at 09:36:00AM +0100, Ard Biesheuvel wrote: > > From: Ard Biesheuvel <a...@kernel.org> > > > > Shim's PE loader uses the EFI memory attributes protocol in a way that > > results in an immediate crash when invoking the loaded image, unless the > > base and size of its executable segment are both aligned to 4k. > > > > If this is not the case, it will strip the memory allocation of its > > executable permissions, but fail to add them back for the executable > > region, resulting in non-executable code. Unfortunately, the PE loader > > does not even bother invoking the protocol in this case (as it notices > > the misalignment), making it very hard for system firmware to work > > around this by attempting to infer the intent of the caller. > > > > So let's introduce a QEMU command line option to indicate that the > > protocol should not be exposed at all, and a PCD to set the default for > > this option when it is omitted. > > > > -fw_cfg opt/org.tianocore/UninstallMemAttrProtocol,string=y > > Tested-by: Gerd Hoffmann <kra...@redhat.com> > Reviewed-by: Gerd Hoffmann <kra...@redhat.com> >
Thanks all - I've queued this up now. -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112388): https://edk2.groups.io/g/devel/message/112388 Mute This Topic: https://groups.io/mt/103126734/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-