From 94245624e449d4d65223c00055be3d7ea04983f9 Mon Sep 17 00:00:00 2001 From: Marvin Häuser Date: Mon, 5 Apr 2021 16:45:07 +0200 Subject: [efi] Mark PE .reloc and .debug sections as discardable MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit After a PE image is fully loaded and relocated, the loader code may opt to zero discardable sections for security reasons. This includes relocation and debug information, as both contain hints about specific locations within the binary. Mark both generated sections as discardable, which follows the PE specification. Signed-off-by: Marvin Häuser --- src/util/elf2efi.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/util') diff --git a/src/util/elf2efi.c b/src/util/elf2efi.c index b0d546645..5542b99f8 100644 --- a/src/util/elf2efi.c +++ b/src/util/elf2efi.c @@ -758,6 +758,7 @@ create_reloc_section ( struct pe_header *pe_header, reloc->hdr.VirtualAddress = pe_header->nt.OptionalHeader.SizeOfImage; reloc->hdr.SizeOfRawData = section_filesz; reloc->hdr.Characteristics = ( EFI_IMAGE_SCN_CNT_INITIALIZED_DATA | + EFI_IMAGE_SCN_MEM_DISCARDABLE | EFI_IMAGE_SCN_MEM_NOT_PAGED | EFI_IMAGE_SCN_MEM_READ ); @@ -822,6 +823,7 @@ create_debug_section ( struct pe_header *pe_header, const char *filename ) { debug->hdr.VirtualAddress = pe_header->nt.OptionalHeader.SizeOfImage; debug->hdr.SizeOfRawData = section_filesz; debug->hdr.Characteristics = ( EFI_IMAGE_SCN_CNT_INITIALIZED_DATA | + EFI_IMAGE_SCN_MEM_DISCARDABLE | EFI_IMAGE_SCN_MEM_NOT_PAGED | EFI_IMAGE_SCN_MEM_READ ); debug->fixup = fixup_debug_section; -- cgit