Comment # 7 on bug 1207095 from Joey Lee

(In reply to Paolo Stivanin from comment #4)
> I've tested the fix provided by Debian, and it works fine.
> I've pushed an SR to ovmf: https://build.opensuse.org/request/show/1059503

Thanks for Paolo's help. Fedora has the same patch:

https://src.fedoraproject.org/rpms/edk2/blob/f36/f/0017-Revert-ArmVirtPkg-make-EFI_LOADER_DATA-non-executabl.patch

Before apply this patch to openSUSE TW. I want to check  with our grub2 expert
for the status. Because the original patch said:

commit 2997ae38739756ecba9b0de19e86032ebc689ef9
Author: Ard Biesheuvel <ardb@kernel.org>
Date:   Tue Aug 2 11:48:04 2022 +0200

    ArmVirtPkg: make EFI_LOADER_DATA non-executable

    When the memory protections were implemented and enabled on ArmVirtQemu
    5+ years ago, we had to work around the fact that GRUB at the time
    expected EFI_LOADER_DATA to be executable, as that is the memory type it
    allocates when loading its modules.

    This has been fixed in GRUB in August 2017, so by now, we should be able
    to tighten this, and remove execute permissions from EFI_LOADER_DATA
    allocations.

    Signed-off-by: Ard Biesheuvel <ardb@kernel.org>

Hi Michael, Gary, 

Do you know the status of non-executable of EFI_LOADER_DATA regions in grub2?

Thanks!