DxeCore currently protects protectable (i.e. such that are aligned and have only W^X sections) PE images with one of two permission modes, RX or RW[1]. Some images contain .rodata or .rdata sections however, which are read-only data. To enhance security and debugging, more granular permissions such as R should be supported. [1] https://github.com/tianocore/edk2/blob/2072c22a0d63c780b0cc6377f6d4ffb116ad6144/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c#L263-L280
Marvin, you can continue to provide the proposal.
Marvin: have you any update?
Well, from my side this would be implicitly resolved by the new PE loader (I will not contribute to anything related to the current solution), and one of its most basic prerequisite patches has been stuck since August despite positive review with no reaction to pings: https://edk2.groups.io/g/devel/message/83931 For multiple reasons (including but not limited to this), I won’t pursue any progress on this for at least the next couple of months.
