grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v3 07/10] nx: set the nx compatible flag in EFI grub images


From: Mate Kukri
Subject: [PATCH v3 07/10] nx: set the nx compatible flag in EFI grub images
Date: Mon, 3 Jun 2024 10:02:05 +0100

For NX, we need the grub binary to announce that it is compatible with
the NX feature.  This implies that when loading the executable grub
image, several attributes are true:

- the binary doesn't need an executable stack
- the binary doesn't need sections to be both executable and writable
- the binary knows how to use the EFI Memory Attributes protocol on code
  it is loading.

This patch
- adds a definition for the PE DLL Characteristics flag GRUB_PE32_NX_COMPAT
- changes grub-mkimage to set that flag.

Original-Author: Peter Jones <pjones@redhat.com>
Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
---
 include/grub/efi/pe32.h | 2 ++
 util/mkimage.c          | 1 +
 2 files changed, 3 insertions(+)

diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h
index 4e6e9d254..9887e14b2 100644
--- a/include/grub/efi/pe32.h
+++ b/include/grub/efi/pe32.h
@@ -231,6 +231,8 @@ struct grub_pe64_optional_header
 
 #define GRUB_PE32_SUBSYSTEM_EFI_APPLICATION    10
 
+#define GRUB_PE32_NX_COMPAT    0x0100
+
 #define GRUB_PE32_NUM_DATA_DIRECTORIES 16
 
 struct grub_pe32_section_table
diff --git a/util/mkimage.c b/util/mkimage.c
index 4237383ac..9b4720e21 100644
--- a/util/mkimage.c
+++ b/util/mkimage.c
@@ -1403,6 +1403,7 @@ grub_install_generate_image (const char *dir, const char 
*prefix,
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wdangling-pointer"
 #endif
+       PE_OHDR (o32, o64, dll_characteristics) = grub_host_to_target16 
(GRUB_PE32_NX_COMPAT);
        PE_OHDR (o32, o64, header_size) = grub_host_to_target32 (header_size);
        PE_OHDR (o32, o64, entry_addr) = grub_host_to_target32 
(layout.start_address);
        PE_OHDR (o32, o64, image_base) = 0;
-- 
2.39.2




reply via email to

[Prev in Thread] Current Thread [Next in Thread]