-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
CentOS Stream 10
-
None
-
None
-
None
-
rhel-virt-confidential-firmware
-
None
-
False
-
False
-
-
None
-
None
-
None
-
None
-
Unspecified
-
Unspecified
-
Unspecified
-
None
AMD is seeking to comply to the October 2025 Microsoft UEFI signing requirements[1]. As part of the requirements [2]:
"One key requirement added is that the binary layout must allow to enforce memory attributes with page tables, i.e. PE binary sections must be aligned to page size (4k). Sections also can't be both writable and executable. And the application must be able to deal with data section being mapped as not executable (NX_COMPAT)."
The edk2 fix will be for Venice onward.
Below is the link for edk2 tianocore upstream changes.
https://github.com/tianocore/edk2/pull/5939
[1]https://techcommunity.microsoft.com/blog/hardware-dev-center/updated-microsoft-uefi-signing-requirements/1062916
[2]https://www.kraxel.org/blog/2023/12/uefi-nx-linux-boot/