narenas
/
opengnsys_ipxe
mirror of https://github.com/ipxe/ipxe.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[efi] Mark PE .reloc and .debug sections as discardable 

After a PE image is fully loaded and relocated, the loader code may
opt to zero discardable sections for security reasons.  This includes
relocation and debug information, as both contain hints about specific
locations within the binary.  Mark both generated sections as
discardable, which follows the PE specification.

Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
pull/329/head
Marvin Häuser 2021-04-05 16:45:07 +02:00 committed by Michael Brown
parent f1e9e2b062
commit 94245624e4
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/util/elf2efi.c
View File

@ -758,6 +758,7 @@ create_reloc_section ( struct pe_header *pe_header,
reloc->hdr.VirtualAddress = pe_header->nt.OptionalHeader.SizeOfImage;
reloc->hdr.SizeOfRawData = section_filesz;
reloc->hdr.Characteristics = ( EFI_IMAGE_SCN_CNT_INITIALIZED_DATA |
EFI_IMAGE_SCN_MEM_DISCARDABLE |
EFI_IMAGE_SCN_MEM_NOT_PAGED |
EFI_IMAGE_SCN_MEM_READ );
@ -822,6 +823,7 @@ create_debug_section ( struct pe_header *pe_header, const char *filename ) {
debug->hdr.VirtualAddress = pe_header->nt.OptionalHeader.SizeOfImage;
debug->hdr.SizeOfRawData = section_filesz;
debug->hdr.Characteristics = ( EFI_IMAGE_SCN_CNT_INITIALIZED_DATA |
EFI_IMAGE_SCN_MEM_DISCARDABLE |
EFI_IMAGE_SCN_MEM_NOT_PAGED |
EFI_IMAGE_SCN_MEM_READ );
debug->fixup = fixup_debug_section;