sysadmin/ipxe
1
0
Fork 0
mirror of https://github.com/ipxe/ipxe synced 2025-12-09 10:50:28 +03:00
Code Issues Packages Projects Releases Wiki Activity

[efi] Mark PE .reloc and .debug sections as discardable

Browse Source 
After a PE image is fully loaded and relocated, the loader code may
opt to zero discardable sections for security reasons.  This includes
relocation and debug information, as both contain hints about specific
locations within the binary.  Mark both generated sections as
discardable, which follows the PE specification.

Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
This commit is contained in:
Marvin Häuser
2021-04-05 16:45:07 +02:00
committed by Michael Brown
parent f1e9e2b062
commit 94245624e4
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/util/elf2efi.c
View File

@@ -758,6 +758,7 @@ create_reloc_section ( struct pe_header *pe_header,
reloc->hdr.VirtualAddress = pe_header->nt.OptionalHeader.SizeOfImage;
reloc->hdr.SizeOfRawData = section_filesz;
reloc->hdr.Characteristics = ( EFI_IMAGE_SCN_CNT_INITIALIZED_DATA |
EFI_IMAGE_SCN_MEM_DISCARDABLE |
EFI_IMAGE_SCN_MEM_NOT_PAGED |
EFI_IMAGE_SCN_MEM_READ );
@@ -822,6 +823,7 @@ create_debug_section ( struct pe_header *pe_header, const char *filename ) {
debug->hdr.VirtualAddress = pe_header->nt.OptionalHeader.SizeOfImage;
debug->hdr.SizeOfRawData = section_filesz;
debug->hdr.Characteristics = ( EFI_IMAGE_SCN_CNT_INITIALIZED_DATA |
EFI_IMAGE_SCN_MEM_DISCARDABLE |
EFI_IMAGE_SCN_MEM_NOT_PAGED |
EFI_IMAGE_SCN_MEM_READ );
debug->fixup = fixup_debug_section;