diff options
| author | Ard Biesheuvel <ardb@kernel.org> | 2022-08-02 11:48:04 +0200 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2022-10-26 17:28:39 +0000 |
| commit | 2997ae38739756ecba9b0de19e86032ebc689ef9 (patch) | |
| tree | 586aceb7aef18c97fc1f6b321c99205ac194a004 /ArmVirtPkg | |
| parent | 9e2c88b16ed3444ea9dfffb39a91d6c17071835d (diff) | |
| download | edk2-2997ae38739756ecba9b0de19e86032ebc689ef9.tar.gz edk2-2997ae38739756ecba9b0de19e86032ebc689ef9.tar.bz2 edk2-2997ae38739756ecba9b0de19e86032ebc689ef9.zip | |
ArmVirtPkg: make EFI_LOADER_DATA non-executable
When the memory protections were implemented and enabled on ArmVirtQemu
5+ years ago, we had to work around the fact that GRUB at the time
expected EFI_LOADER_DATA to be executable, as that is the memory type it
allocates when loading its modules.
This has been fixed in GRUB in August 2017, so by now, we should be able
to tighten this, and remove execute permissions from EFI_LOADER_DATA
allocations.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Diffstat (limited to 'ArmVirtPkg')
| -rw-r--r-- | ArmVirtPkg/ArmVirt.dsc.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index 34575585ad..462073517a 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -368,7 +368,7 @@ # reserved ones, with the exception of LoaderData regions, of which OS loaders
# (i.e., GRUB) may assume that its contents are executable.
#
- gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD1
+ gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xC000000000007FD5
[Components.common]
#
|