[PATCH 08/15] nx: set the nx compatible flag in EFI grub images

[Mate Kukri]

From: Peter Jones <pjones@redhat.com>

For NX, we need the grub binary to announce that it is compatible with
the NX feature.  This implies that when loading the executable grub
image, several attributes are true:

- the binary doesn't need an executable stack
- the binary doesn't need sections to be both executable and writable
- the binary knows how to use the EFI Memory Attributes protocol on code
  it is loading.

This patch adds a definition for the PE DLL Characteristics flag
GRUB_PE32_NX_COMPAT, and changes grub-mkimage to set that flag.

Signed-off-by: Peter Jones <pjones@redhat.com>
(cherry picked from commit a9ec858bd62b004c331cad9b5b00071d3081b626)
Signed-off-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>

 Conflicts:
        util/mkimage.c

Signed-off-by: Mate Kukri <mate.kukri@canonical.com>
---
 util/mkimage.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/util/mkimage.c b/util/mkimage.c
index 4237383ac..9b4720e21 100644
--- a/util/mkimage.c
+++ b/util/mkimage.c
@@ -1403,6 +1403,7 @@ grub_install_generate_image (const char *dir, const char 
*prefix,
 #pragma GCC diagnostic push
 #pragma GCC diagnostic ignored "-Wdangling-pointer"
 #endif
+       PE_OHDR (o32, o64, dll_characteristics) = grub_host_to_target16 
(GRUB_PE32_NX_COMPAT);
        PE_OHDR (o32, o64, header_size) = grub_host_to_target32 (header_size);
        PE_OHDR (o32, o64, entry_addr) = grub_host_to_target32 
(layout.start_address);
        PE_OHDR (o32, o64, image_base) = 0;
-- 
2.39.2