On 09/09/2015 13:07, Ian Campbell wrote: > I have a question: What attack vector is setting the stack as Nx in OVMF > (or even UEFI generally) trying to protect against? Or is this being done > for a reason other than security? > > I understand why it is done for kernels and apps, but where does the > untrusted element which is being protected against come from when running > UEFI?
I guess something could attack shim.efi or GRUB, and subvert secure boot's chain of trust. Paolo _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel

