diff options
author | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2017-02-28 12:13:12 +0000 |
---|---|---|
committer | Ard Biesheuvel <ard.biesheuvel@linaro.org> | 2017-03-08 09:50:18 +0100 |
commit | e7b24ec9785d206f1d3faf8f646e63a1b540d6a5 (patch) | |
tree | 75fbabac098a5272c9f1e02cd4f786473fe11b41 /ArmPkg | |
parent | 25549bda46c581271a303840fb266539c00ede71 (diff) | |
download | edk2-platforms-e7b24ec9785d206f1d3faf8f646e63a1b540d6a5.tar.xz |
ArmPkg/UncachedMemoryAllocationLib: map uncached allocations non-executable
The primary use case for UncachedMemoryAllocationLib is non-coherent DMA,
which implies that such regions are not used to fetch instructions from.
So let's map them as non-executable, to avoid creating a security hole
when the rest of the platform may be enforcing strict memory permissions
on ordinary allocations.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Diffstat (limited to 'ArmPkg')
-rw-r--r-- | ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c b/ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c index 0d8abad234..b4fbfbcb36 100644 --- a/ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c +++ b/ArmPkg/Library/UncachedMemoryAllocationLib/UncachedMemoryAllocationLib.c @@ -154,7 +154,8 @@ AllocatePagesFromList ( return Status;
}
- Status = gDS->SetMemorySpaceAttributes (Memory, EFI_PAGES_TO_SIZE (Pages), EFI_MEMORY_WC);
+ Status = gDS->SetMemorySpaceAttributes (Memory, EFI_PAGES_TO_SIZE (Pages),
+ EFI_MEMORY_WC | EFI_MEMORY_XP);
if (EFI_ERROR (Status)) {
gBS->FreePages (Memory, Pages);
return Status;
|