From 39fbfaa0e498507f53f9f7152be1715b2ebf0add Mon Sep 17 00:00:00 2001
From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Date: Fri, 15 Sep 2023 17:16:17 +0200
Subject: [PATCH] edk2: disable NX protection feature

Revert ("ArmVirtPkg: make EFI_LOADER_DATA non-executable") from edk2:
https://github.com/tianocore/edk2/commit/2997ae38739756ecba9b0de19e86032ebc689ef9
this commit breaks secure boot completely and also affects non-secure boot systems

Old shim, grub2 versions, linux kernel versions are not compatible
with this feature and effectively it breaks almost everything on arm64.

Fixes https://github.com/canonical/lxd/issues/12211

Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
---
 ...sable-EFI-memory-attributes-protocol.patch | 30 -------------------
 snapcraft.yaml                                |  3 +-
 2 files changed, 2 insertions(+), 31 deletions(-)
 delete mode 100644 patches/edk2-0006-disable-EFI-memory-attributes-protocol.patch

diff --git a/patches/edk2-0006-disable-EFI-memory-attributes-protocol.patch b/patches/edk2-0006-disable-EFI-memory-attributes-protocol.patch
deleted file mode 100644
index b666ed0ca..000000000
--- a/patches/edk2-0006-disable-EFI-memory-attributes-protocol.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From cb5e0080ffd3f522f83b8e9273eac10e132ce7c7 Mon Sep 17 00:00:00 2001
-From: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
-Date: Thu, 7 Sep 2023 09:07:08 +0200
-Subject: [PATCH] edk2: disable EFI memory attributes protocol
-
-https://github.com/canonical/lxd/issues/12211
-
-Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
----
- ArmPkg/Drivers/CpuDxe/CpuDxe.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.c b/ArmPkg/Drivers/CpuDxe/CpuDxe.c
-index d04958e79e..c01d571379 100644
---- a/ArmPkg/Drivers/CpuDxe/CpuDxe.c
-+++ b/ArmPkg/Drivers/CpuDxe/CpuDxe.c
-@@ -244,8 +244,8 @@ CpuDxeInitialize (
-                   &mCpuHandle,
-                   &gEfiCpuArchProtocolGuid,
-                   &mCpu,
--                  &gEfiMemoryAttributeProtocolGuid,
--                  &mMemoryAttribute,
-+//                  &gEfiMemoryAttributeProtocolGuid,
-+//                  &mMemoryAttribute,
-                   NULL
-                   );
- 
--- 
-2.34.1
-
diff --git a/snapcraft.yaml b/snapcraft.yaml
index 4deecf740..6ee634366 100644
--- a/snapcraft.yaml
+++ b/snapcraft.yaml
@@ -322,7 +322,8 @@ parts:
       patch -p1 < "${CRAFT_PROJECT_DIR}/patches/edk2-0003-boot-delay.patch"
       patch -p1 < "${CRAFT_PROJECT_DIR}/patches/edk2-0004-gcc-errors.patch"
       patch --binary -p1 < "${CRAFT_PROJECT_DIR}/patches/edk2-0005-disable-dynamic-mmio-winsize.patch"
-      patch --binary -p1 < "${CRAFT_PROJECT_DIR}/patches/edk2-0006-disable-EFI-memory-attributes-protocol.patch"
+      # revert "ArmVirtPkg: make EFI_LOADER_DATA non-executable" as it breaks almost everything
+      git revert 2997ae38739756ecba9b0de19e86032ebc689ef9
 
       # Setup CSM blob
       if [ "$(uname -m)" = "x86_64" ]; then