From patchwork Tue May 30 18:36:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 100732 Delivered-To: patch@linaro.org Received: by 10.140.96.100 with SMTP id j91csp352738qge; Tue, 30 May 2017 11:37:28 -0700 (PDT) X-Received: by 10.99.109.73 with SMTP id i70mr27503479pgc.62.1496169448894; Tue, 30 May 2017 11:37:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1496169448; cv=none; d=google.com; s=arc-20160816; b=IZvkfTgYz1uVkFK47es1a2O28yzThf912o3viVE8R9NzSf4YRj3TLMjzX4H4Lp+9RV C+YjuLWFqyVmsh8h5sj4w99nB+i5fm//mYpIrLt1p8aG4ZChnAMl5JFgkOc7l0FxvSca uMEjYPV2UtGzx7JJRVzv5iLqfEZOJborFwnaYJd0N9RdpD3/c8oRJ4hEHpZvDKx6HSKJ 1NEvBoLWdKwuih9g5ErrizobEXJYl/n5SZcofs9ci5CT5/T6AMa5lyIAteil6iDgFGr9 YzIto01izvOdpI8XJfoxMBgFm5HwNO+aWA+J2WxFVM5FXyht3gqTmeeRAwKsGV1B3lst Dbyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:message-id:date:subject:cc:to:from :dkim-signature:arc-authentication-results; bh=lmeHCcZ9MpNFjGO9t8oarcbLJxN9Y5y3UXvpxALTG5E=; b=DNsqfIIElRhMAnedwm3hCVFW4U3+eEAzBMCFjXI8+mKDf+V2o/bS3NJNCT1el9PqbY Jw88Wpkv0+1HwUpf0LJL+9yX95KpqKxV9HFO9W40GL4o8A++taT5DJn917zZMaUcg7l8 y2laI1Cf4kdpLOiwPZgo7NaHQEZWzsyXWd1vrLdV6TBryV/R9WeZmh7/ZmwOlXu5J0dc wAZ/SYgsg3AwL02lrnWoztbn0CHc1zjROdVki0RWm7VfI8oxKjubu16/XmU+J4Qlynty LmQW6v4a5G3UmdrmcupczEdMmq0KrBA6Vb/u7tLG+HqxwxaxVzyh4MYBWsG8xt8HT1/x PuCA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 33si44904691plf.190.2017.05.30.11.37.28; Tue, 30 May 2017 11:37:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751198AbdE3Sh1 (ORCPT + 2 others); Tue, 30 May 2017 14:37:27 -0400 Received: from mail-wr0-f178.google.com ([209.85.128.178]:33250 "EHLO mail-wr0-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751175AbdE3ShH (ORCPT ); Tue, 30 May 2017 14:37:07 -0400 Received: by mail-wr0-f178.google.com with SMTP id v104so5596280wrb.0 for ; Tue, 30 May 2017 11:36:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=2Arqyo4bs6aMnQkb6XtHTK7gSNj6BBR/Ff1n6gWxTP8=; b=hptl/K9V7xtC46WxbUTrav/t/hSJ4cndN/djDgylKnFBCJQJ5DnPG/9Nw2eFksIgaA F0aiS7Ye3e5H8/Pxs7w/m1YnKgHkDQLkFnIcYRNPwOAxYdNZgLzkbcrjQ2zU5YqaffFL cEgPPzKt2nI4AingSUJL0tufIW0ZQFVHUob34= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=2Arqyo4bs6aMnQkb6XtHTK7gSNj6BBR/Ff1n6gWxTP8=; b=VyFZ8Fro4tPbWdrr4KGlz9Gl3/MJZKCq0mMDFsmps4FCuWuodnBJ6cZM6jHpYsgMSO iSWg2IKS9i66nqLMAhC3q7RcBGi5sgHCjvP/kQKtHAfxaB7tm2RIKgeKOz34H0315cWD Zwc44LoDJc48iZ6SoSYz2LIe8zW8U2/wUw7aF+KpEcqFcoP2O8jsd2+zsjFG771drr5e uYGSOUH2khfzYtct9eHeC8kTzj8JlHZS5hMLub298H7IAp+gaxt+HTj6ODxF8CloBqk5 i3m8QLrzRasuSAsimTvIFkCY5xoSnIQb7fi9fqW6b6lerR6A4xo4yTjEjLKdYZp1a9I+ t2BQ== X-Gm-Message-State: AODbwcDPAZgayCUYnh6PkXhM1bFRyOn5Zuh6zHfhjAGWAiZMeme7+tkF m134qN2IaHTlMhTzNKxiIQ== X-Received: by 10.223.157.11 with SMTP id k11mr14767584wre.71.1496169415805; Tue, 30 May 2017 11:36:55 -0700 (PDT) Received: from localhost.localdomain ([154.144.49.177]) by smtp.gmail.com with ESMTPSA id b8sm15935997wrb.7.2017.05.30.11.36.54 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 30 May 2017 11:36:55 -0700 (PDT) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux@armlinux.org.uk Cc: linux-arm-kernel@lists.infradead.org, matt@codeblueprint.co.uk, leif.lindholm@linaro.org, Ard Biesheuvel Subject: [PATCH 0/7] ARM: efi: PE/COFF cleanup/hardening Date: Tue, 30 May 2017 18:36:40 +0000 Message-Id: <20170530183647.28557-1-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.9.3 Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org This is the ARM counterpart of the changes now in v4.12 to clean up the PE/COFF header that makes the kernel zImage loadable directly from UEFI, and to enhance it with hardening and debug features. First of all, the cleanup consists of making the header comply with the PE/COFF spec (#1), removing the .reloc section (#2) and replacing all open coded constants with #defines from linux/pe.h Patch #4 is a standalone patch that removes ksymtab/kcrctab sections that may get pulled in inadvertently when the decompressor is built with EFI support. Note that these sections are tiny and harmless by themselves, but the linker may dump them in unexpected places if they are not placed explicitly, which may interfere with the image layout. This is especially important when signing zImages for UEFI secure boot. Patch #5 changes the description of the decompressor in memory, so that the UEFI firmware can apply strict ro/nx protections, resulting in a more secure execution environment for the UEFI stub. Patch #6 splits the decompressor .start and .text output sections, so that the ELF view aligns with the PE/COFF view of the binary. This is useful for debugging, but has no other benefits (or downsides, for that matter) Patch #7 enhances the decompressor binary with a NB10 Codeview debug entry referring to the path to arch/arm/boot/compressed/vmlinux on the build host. This is another debug feature that allows seamless source level single step debugging of the UEFI stub while executing in the context of the firmware. Ard Biesheuvel (7): arm: efi: remove forbidden values from the PE/COFF header arm: efi: remove pointless dummy .reloc section arm: efi: replace open coded constants with symbolic ones arm: compressed: discard ksymtab/kcrctab sections arm: efi: split zImage code and data into separate PE/COFF sections arm: compressed: put zImage header and EFI header in dedicated section arm: efi: add PE/COFF debug table to EFI header arch/arm/boot/compressed/Makefile | 4 + arch/arm/boot/compressed/efi-header.S | 247 ++++++++++++-------- arch/arm/boot/compressed/vmlinux.lds.S | 39 +++- 3 files changed, 180 insertions(+), 110 deletions(-) -- 2.9.3 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html