[v1] RFC: increased memory protection

[edk2] [RFC PATCH 3/4] MdeModulePkg/DxeCore: lift non-exec permissions on loaded images

Posted by Ard Biesheuvel 7 years, 8 months ago

To ensure that loaded PE/COFF images are executable regardless of
the protection policy and the section alignment, clear all permission
restrictions when loading PE/COFF images.

Subsequently, permissions may be restricted again if the protection
policy and section alignment allow it.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
 MdeModulePkg/Core/Dxe/Image/Image.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c
index 652da8bf1075..cab06e821e39 100644
--- a/MdeModulePkg/Core/Dxe/Image/Image.c
+++ b/MdeModulePkg/Core/Dxe/Image/Image.c
@@ -644,6 +644,14 @@ CoreLoadPeImage (
   InvalidateInstructionCacheRange ((VOID *)(UINTN)Image->ImageContext.ImageAddress, (UINTN)Image->ImageContext.ImageSize);
 
   //
+  // Remove any permission restrictions.
+  //
+  if (gCpu != NULL) {
+    gCpu->SetMemoryAttributes (gCpu, Image->ImageContext.ImageAddress,
+            Image->ImageContext.ImageSize, 0);
+  }
+
+  //
   // Copy the machine type from the context to the image private data. This
   // is needed during image unload to know if we should call an EBC protocol
   // to unload the image.
-- 
2.7.4

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

[edk2] [RFC PATCH 1/4] MdeModulePkg/DxeCore: allow BootServicesData->BootServicesCode conversion
[edk2] [RFC PATCH 2/4] MdeModulePkg/DxeCore: convert the DxeCore memory region to BootServicesCode
[edk2] [RFC PATCH 3/4] MdeModulePkg/DxeCore: lift non-exec permissions on loaded images
[edk2] [RFC PATCH 4/4] ArmPkg/CpuDxe: remap all data regions non-executable