|
 |
b35c50 |
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
b35c50 |
From: Peter Jones <pjones@redhat.com>
|
|
|
b35c50 |
Date: Tue, 22 Mar 2022 10:57:20 -0400
|
|
|
b35c50 |
Subject: [PATCH] nx: set the nx compatible flag in EFI grub images
|
|
|
b35c50 |
|
|
|
b35c50 |
For NX, we need the grub binary to announce that it is compatible with
|
|
|
b35c50 |
the NX feature. This implies that when loading the executable grub
|
|
|
b35c50 |
image, several attributes are true:
|
|
|
b35c50 |
|
|
|
b35c50 |
- the binary doesn't need an executable stack
|
|
|
b35c50 |
- the binary doesn't need sections to be both executable and writable
|
|
|
b35c50 |
- the binary knows how to use the EFI Memory Attributes protocol on code
|
|
|
b35c50 |
it is loading.
|
|
|
b35c50 |
|
|
|
b35c50 |
This patch adds a definition for the PE DLL Characteristics flag
|
|
|
b35c50 |
GRUB_PE32_NX_COMPAT, and changes grub-mkimage to set that flag.
|
|
|
b35c50 |
|
|
|
b35c50 |
Signed-off-by: Peter Jones <pjones@redhat.com>
|
|
|
b35c50 |
---
|
|
|
b35c50 |
util/mkimage.c | 1 +
|
|
|
b35c50 |
1 file changed, 1 insertion(+)
|
|
|
b35c50 |
|
|
|
b35c50 |
diff --git a/util/mkimage.c b/util/mkimage.c
|
|
|
b35c50 |
index 8319e8dfbd..c3d33aaac8 100644
|
|
|
b35c50 |
--- a/util/mkimage.c
|
|
|
b35c50 |
+++ b/util/mkimage.c
|
|
|
b35c50 |
@@ -1418,6 +1418,7 @@ grub_install_generate_image (const char *dir, const char *prefix,
|
|
|
b35c50 |
section = (struct grub_pe32_section_table *)(o64 + 1);
|
|
|
b35c50 |
}
|
|
|
b35c50 |
|
|
|
b35c50 |
+ PE_OHDR (o32, o64, dll_characteristics) = grub_host_to_target16 (GRUB_PE32_NX_COMPAT);
|
|
|
b35c50 |
PE_OHDR (o32, o64, header_size) = grub_host_to_target32 (header_size);
|
|
|
b35c50 |
PE_OHDR (o32, o64, entry_addr) = grub_host_to_target32 (layout.start_address);
|
|
|
b35c50 |
PE_OHDR (o32, o64, image_base) = 0;
|