summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
index c36612a..46d8846 100644
--- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
+++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -533,7 +533,15 @@ ProtectUefiImageCommon (
Name[7]
));
- if ((Section[Index].Characteristics & EFI_IMAGE_SCN_CNT_CODE) != 0) {
+ //
+ // Instead of assuming that a PE/COFF section of type EFI_IMAGE_SCN_CNT_CODE
+ // can always be mapped read-only, classify a section as a code section only
+ // if it has the executable attribute set and the writable attribute cleared.
+ //
+ // This adheres more closely to the PE/COFF spec, and avoids issues with
+ // Linux OS loaders that may consist of a single read/write/execute section.
+ //
+ if ((Section[Index].Characteristics & (EFI_IMAGE_SCN_MEM_WRITE | EFI_IMAGE_SCN_MEM_EXECUTE)) == EFI_IMAGE_SCN_MEM_EXECUTE) {
DEBUG ((DEBUG_VERBOSE, " VirtualSize - 0x%08x\n", Section[Index].Misc.VirtualSize));
DEBUG ((DEBUG_VERBOSE, " VirtualAddress - 0x%08x\n", Section[Index].VirtualAddress));
DEBUG ((DEBUG_VERBOSE, " SizeOfRawData - 0x%08x\n", Section[Index].SizeOfRawData));
generated by cgit v1.1 at 2024-07-30 03:13:23 +0000