mirror of https://github.com/acidanthera/audk.git
ArmPkg/UncachedMemoryAllocationLib: map uncached allocations non-executable
The primary use case for UncachedMemoryAllocationLib is non-coherent DMA, which implies that such regions are not used to fetch instructions from. So let's map them as non-executable, to avoid creating a security hole when the rest of the platform may be enforcing strict memory permissions on ordinary allocations. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
This commit is contained in:
parent
25549bda46
commit
e7b24ec978
|
@ -154,7 +154,8 @@ AllocatePagesFromList (
|
||||||
return Status;
|
return Status;
|
||||||
}
|
}
|
||||||
|
|
||||||
Status = gDS->SetMemorySpaceAttributes (Memory, EFI_PAGES_TO_SIZE (Pages), EFI_MEMORY_WC);
|
Status = gDS->SetMemorySpaceAttributes (Memory, EFI_PAGES_TO_SIZE (Pages),
|
||||||
|
EFI_MEMORY_WC | EFI_MEMORY_XP);
|
||||||
if (EFI_ERROR (Status)) {
|
if (EFI_ERROR (Status)) {
|
||||||
gBS->FreePages (Memory, Pages);
|
gBS->FreePages (Memory, Pages);
|
||||||
return Status;
|
return Status;
|
||||||
|
|
Loading…
Reference in New Issue