tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdePkg: Add PCD to remove X perm from image sections with WX perms 

This feature is useful for images created by old Apple mtoc utility.

Signed-off-by: Vitaly Cheptsov <vit9696@protonmail.com>
This commit is contained in:
Mikhail Krichanov 2023-04-20 11:03:03 +03:00
parent a98a96336f
commit a986e4f61e
5 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
MdePkg/Library/BasePeCoffLib2/BasePeCoffLib2.inf
View File

@ -46,3 +46,4 @@
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderProhibitTe
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderAllowMisalignedOffset
gEfiMdePkgTokenSpaceGuid.PcdDebugRaisePropertyMask
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderRemoveXForWX

2
MdePkg/Library/BasePeCoffLib2/PeCoffInit.c
View File

@ -126,7 +126,7 @@ InternalVerifySections (
// Verify the Image section adheres to the W^X principle, if the policy
// demands it.
//
if (PcdGetBool (PcdImageLoaderWXorX)) {
if (PcdGetBool (PcdImageLoaderWXorX) && !PcdGetBool (PcdImageLoaderRemoveXForWX)) {
if ((Sections[SectionIndex].Characteristics & (EFI_IMAGE_SCN_MEM_EXECUTE | EFI_IMAGE_SCN_MEM_WRITE)) == (EFI_IMAGE_SCN_MEM_EXECUTE | EFI_IMAGE_SCN_MEM_WRITE)) {
DEBUG_RAISE ();
return RETURN_VOLUME_CORRUPTED;

1
MdePkg/Library/BaseUefiImageLib/BaseUefiImageLibPeCoff.inf
View File

@ -39,3 +39,4 @@
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderLoadHeader
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderProhibitTe
gEfiMdePkgTokenSpaceGuid.PcdDebugRaisePropertyMask
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderRemoveXForWX

4
MdePkg/Library/BaseUefiImageLib/PeCoffSupport.c
View File

@ -37,6 +37,10 @@ InternalCharacteristicsToAttributes (
{
UINT32 Attributes;
if (PcdGetBool (PcdImageLoaderRemoveXForWX) && (Characteristics & (EFI_IMAGE_SCN_MEM_EXECUTE | EFI_IMAGE_SCN_MEM_WRITE)) == (EFI_IMAGE_SCN_MEM_EXECUTE | EFI_IMAGE_SCN_MEM_WRITE)) {
Characteristics &= ~EFI_IMAGE_SCN_MEM_EXECUTE;
}
Attributes = 0;
if ((Characteristics & EFI_IMAGE_SCN_MEM_READ) == 0) {
Attributes |= EFI_MEMORY_RP;

9
MdePkg/MdePkg.dec
View File

@ -2308,6 +2308,15 @@
# @Prompt Allow Misaligned Offset.
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderAllowMisalignedOffset|FALSE|BOOLEAN|0x40001020
## Indicates whether Image sections that do not adhere to the W^X principle
# by mistake will have their X permission removed at load time.<BR><BR>
# TRUE - Image sections with WX permissions will have X permission removed.<BR>
# FALSE - Image sections with WX permissions will be treated by PcdImageLoaderWXorX.<BR>
# This feature is only useful for images created by old Apple mtoc utility. Do not enable
# it unless such images need to be supported.
# @Prompt Remove X permission from WX sections.
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderRemoveXForWX|FALSE|BOOLEAN|0x40001021
[PcdsFixedAtBuild,PcdsPatchableInModule]
## Indicates the maximum length of unicode string used in the following
# BaseLib functions: StrLen(), StrSize(), StrCmp(), StrnCmp(), StrCpy(), StrnCpy()<BR><BR>