From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ard.biesheuvel@linaro.org>
Received: from mail-io0-x235.google.com (mail-io0-x235.google.com
 [IPv6:2607:f8b0:4001:c06::235])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id E1597820E7
 for <edk2-devel@lists.01.org>; Sun, 26 Feb 2017 06:00:32 -0800 (PST)
Received: by mail-io0-x235.google.com with SMTP id l7so4721541ioe.3
 for <edk2-devel@lists.01.org>; Sun, 26 Feb 2017 06:00:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=9WCM6trqgOIu+Qyg4eON5YQO+wxIiNXWSqXfrmf+1Ko=;
 b=HVzSfIoDmBaC/aigK4aFz6Lcb4eLCS9pQdrZwZbSLb9zuSOG+HrCpnwsnU7hxN2UEN
 B12I/zC5YDYww+keJy0K7XbKiZ030Tly9Q28rHZqKooJz8yAls/PTgBG74mwVKEnOCFC
 4+tn8liaKPdsJoMyBPS5AIiYCZODtWZw2TvmI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=9WCM6trqgOIu+Qyg4eON5YQO+wxIiNXWSqXfrmf+1Ko=;
 b=twOdoMo2fbMqk/F9GwV/7cIsb4rDuFr0YYOTSI3hf/MlSE3jN2hvv80OO1qUdgoc7d
 eZ63sB7FPMClm0dHwpsKjdVPA6vhNfNvaqiXn0HkfGAjBmMFpJbPScCKtq5JGQKWgOoL
 MKLaf3/LZ/gcF4nha8lg88LZCzRhDYozQx2TNrW9bl/TS6AXuPV/O99hHhO74Io6IH25
 wBU67VmDO3mk4k/EpS5+0WuJME3VQzoc7W5lFOylx6AYLl4JtFs0cIu8oYNbTte0I3qF
 MG39HRIVx8mquy6YBGwjjBYFV6mom+XzqdRzxC+XLrReBjRaikuu1nA5cyPBHTuwzgny
 E6sA==
X-Gm-Message-State: AMke39lhqCM6xWfJ31Y+s28cv0ZjnpyeNK1DesxVnIL2zEcHvA9AfnRQ5GhUpeJe0ZntAG6HyLptWQuzeOeQ6k6a
X-Received: by 10.107.13.130 with SMTP id 124mr9631758ion.83.1488117632009;
 Sun, 26 Feb 2017 06:00:32 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.198.134 with HTTP; Sun, 26 Feb 2017 06:00:31 -0800 (PST)
In-Reply-To: <74D8A39837DF1E4DA445A8C0B3885C503A8F5385@shsmsx102.ccr.corp.intel.com>
References: <1487958664-10707-1-git-send-email-ard.biesheuvel@linaro.org>
 <74D8A39837DF1E4DA445A8C0B3885C503A8F5385@shsmsx102.ccr.corp.intel.com>
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Sun, 26 Feb 2017 14:00:31 +0000
Message-ID: <CAKv+Gu86Aq+u1n8tkE6Bw1BOWR6y+qAC2j_UVEA58iURzTBuOQ@mail.gmail.com>
To: "Yao, Jiewen" <jiewen.yao@intel.com>
Cc: "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>, "Gao,
 Liming" <liming.gao@intel.com>
Subject: Re: [PATCH] MdeModulePkg/DxeCore: base code protection on permission attributes
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Feb 2017 14:00:33 -0000
Content-Type: text/plain; charset=UTF-8

On 25 February 2017 at 04:04, Yao, Jiewen <jiewen.yao@intel.com> wrote:
> Hi Ard
> I agree with you on this enhancement.
>
> I prefer to adding the description as comment in the code, so that people
> can get clear picture when he/she reads the code.
>
> //
> // Instead of assuming that a PE/COFF section of type EFI_IMAGE_SCN_CNT_CODE
> // can always be mapped read-only, classify a section as a code section only
> // if it has the executable attribute set and the writable attribute
> cleared.
> //
> // This adheres more closely to the PE/COFF spec, and avoids issues with
> // Linux OS loaders that consists of a single read/write/execute section.
> //
> if ((Section[Index].Characteristics & (EFI_IMAGE_SCN_MEM_WRITE |
> EFI_IMAGE_SCN_MEM_EXECUTE)) == EFI_IMAGE_SCN_MEM_EXECUTE) {
>
> With comment update, reviewed-by: Jiewen.yao@intel.com
>

Thanks Jiewen

Pushed as a2ed40c02bf2

>> -----Original Message-----
>> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
>> Sent: Saturday, February 25, 2017 1:51 AM
>> To: edk2-devel@lists.01.org; Yao, Jiewen <jiewen.yao@intel.com>
>> Cc: Gao, Liming <liming.gao@intel.com>; Ard Biesheuvel
>> <ard.biesheuvel@linaro.org>
>> Subject: [PATCH] MdeModulePkg/DxeCore: base code protection on permission
>> attributes
>
>
>>
>> Instead of assuming that a PE/COFF section of type EFI_IMAGE_SCN_CNT_CODE
>> can always be mapped read-only, classify a section as a code section only
>> if it has the executable attribute set and the writable attribute cleared.
>>
>> This adheres more closely to the PE/COFF spec, and avoids issues with
>> Linux OS loaders that consists of a single read/write/execute section.
>>
>> Contributed-under: TianoCore Contribution Agreement 1.0
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> ---
>>  MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
>> b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
>> index 1142dcc5a83d..3e037607a6be 100644
>> --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
>> +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
>> @@ -533,7 +533,7 @@ ProtectUefiImageCommon (
>>        Name[7]
>>        ));
>>
>> -    if ((Section[Index].Characteristics & EFI_IMAGE_SCN_CNT_CODE) != 0) {
>> +    if ((Section[Index].Characteristics & (EFI_IMAGE_SCN_MEM_WRITE |
>> EFI_IMAGE_SCN_MEM_EXECUTE)) == EFI_IMAGE_SCN_MEM_EXECUTE) {
>>        DEBUG ((DEBUG_VERBOSE, "  VirtualSize          - 0x%08x\n",
>> Section[Index].Misc.VirtualSize));
>>        DEBUG ((DEBUG_VERBOSE, "  VirtualAddress       - 0x%08x\n",
>> Section[Index].VirtualAddress));
>>        DEBUG ((DEBUG_VERBOSE, "  SizeOfRawData        - 0x%08x\n",
>> Section[Index].SizeOfRawData));
>> --
>> 2.7.4