From patchwork Wed Feb 8 11:55:34 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93618 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2649014qgi; Wed, 8 Feb 2017 04:05:33 -0800 (PST) X-Received: by 10.99.98.193 with SMTP id w184mr26723150pgb.223.1486555533034; Wed, 08 Feb 2017 04:05:33 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f6si6935575plj.124.2017.02.08.04.05.32; Wed, 08 Feb 2017 04:05:33 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752943AbdBHMFc (ORCPT + 2 others); Wed, 8 Feb 2017 07:05:32 -0500 Received: from mail-wm0-f50.google.com ([74.125.82.50]:33067 "EHLO mail-wm0-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753307AbdBHMET (ORCPT ); Wed, 8 Feb 2017 07:04:19 -0500 Received: by mail-wm0-f50.google.com with SMTP id t18so49729485wmt.0 for ; Wed, 08 Feb 2017 04:03:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=b3LWh/5bZp8EpTSQV3Qy0mCLpe+4yoZ8KEavqdbd8Bo=; b=FvdKtQ+KmkxCPqutGsS3CdG830UD8+Ge4V8/aq9DtwUrUHbMnzJxNh01SVww+VphSP kP2XaE78n9S49XJly5ipgrTLwBelvCVOjbhdq/ZnaQnpNfRvV6vb/L8jlSE2mQ7AY7PR eA/A2tPzkWn/2bYa1/3u613J728x/oFYDKUwY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=b3LWh/5bZp8EpTSQV3Qy0mCLpe+4yoZ8KEavqdbd8Bo=; b=JK7yWV+hRVVe5TXkOjcV2jIZ/xlHacDHRNEzpFNAulzqY+3NAM9v4fHkkWoZQM7F0p SPdAnRI7jw01Su8J/wKM/lSY2mIx9fdEI85WTJDsebl7MgSIXjntLPneGxZ9D9zPKGxV 0QcyZsF7dUxPbywT55nIRlKuZkQfeqQjeOlDbf9+sDWov5JUmfQ1Znv3EmqRdxwmmOca 7HgVVn7PnpysK082MeKGLWjtIy3CdjlnkyDYflSlQa0PnG0/jTtOS/adqRyT2lyz5zna 4fPoPUMUQ6bl/yKfq+puVmwii6XcH1kmgQ/X6rt1KFOcCMTQ1rbkAHxbDEJj72aR+O/o k2rg== X-Gm-Message-State: AMke39lVui7YY6GjDT6zmEGi8aRD4+jESMtd/MiB6voT1BCgmR8+fdLqwcUPRqj6v3HU03kL X-Received: by 10.28.128.205 with SMTP id b196mr16743173wmd.21.1486554964274; Wed, 08 Feb 2017 03:56:04 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.01 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:03 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 01/14] include: pe.h: allow for use in assembly Date: Wed, 8 Feb 2017 11:55:34 +0000 Message-Id: <1486554947-3964-2-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Mark Rutland Some of the definitions in include/linux/pe.h would be useful for the EFI stub headers, where values are currently open-coded. Unfortunately they cannot be used as some structures are also defined in pe.h without !__ASSEMBLY__ guards. This patch moves the structure definitions into an #ifdef __ASSEMBLY__ block, so that the common value definitions can be used from assembly. Signed-off-by: Mark Rutland Signed-off-by: Ard Biesheuvel --- include/linux/pe.h | 174 ++++++++++---------- 1 file changed, 89 insertions(+), 85 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/include/linux/pe.h b/include/linux/pe.h index e170b95e763b..a8a594117df3 100644 --- a/include/linux/pe.h +++ b/include/linux/pe.h @@ -23,34 +23,6 @@ #define MZ_MAGIC 0x5a4d /* "MZ" */ -struct mz_hdr { - uint16_t magic; /* MZ_MAGIC */ - uint16_t lbsize; /* size of last used block */ - uint16_t blocks; /* pages in file, 0x3 */ - uint16_t relocs; /* relocations */ - uint16_t hdrsize; /* header size in "paragraphs" */ - uint16_t min_extra_pps; /* .bss */ - uint16_t max_extra_pps; /* runtime limit for the arena size */ - uint16_t ss; /* relative stack segment */ - uint16_t sp; /* initial %sp register */ - uint16_t checksum; /* word checksum */ - uint16_t ip; /* initial %ip register */ - uint16_t cs; /* initial %cs relative to load segment */ - uint16_t reloc_table_offset; /* offset of the first relocation */ - uint16_t overlay_num; /* overlay number. set to 0. */ - uint16_t reserved0[4]; /* reserved */ - uint16_t oem_id; /* oem identifier */ - uint16_t oem_info; /* oem specific */ - uint16_t reserved1[10]; /* reserved */ - uint32_t peaddr; /* address of pe header */ - char message[64]; /* message to print */ -}; - -struct mz_reloc { - uint16_t offset; - uint16_t segment; -}; - #define PE_MAGIC 0x00004550 /* "PE\0\0" */ #define PE_OPT_MAGIC_PE32 0x010b #define PE_OPT_MAGIC_PE32_ROM 0x0107 @@ -98,17 +70,6 @@ struct mz_reloc { #define IMAGE_FILE_UP_SYSTEM_ONLY 0x4000 #define IMAGE_FILE_BYTES_REVERSED_HI 0x8000 -struct pe_hdr { - uint32_t magic; /* PE magic */ - uint16_t machine; /* machine type */ - uint16_t sections; /* number of sections */ - uint32_t timestamp; /* time_t */ - uint32_t symbol_table; /* symbol table offset */ - uint32_t symbols; /* number of symbols */ - uint16_t opt_hdr_size; /* size of optional header */ - uint16_t flags; /* flags */ -}; - #define IMAGE_FILE_OPT_ROM_MAGIC 0x107 #define IMAGE_FILE_OPT_PE32_MAGIC 0x10b #define IMAGE_FILE_OPT_PE32_PLUS_MAGIC 0x20b @@ -134,6 +95,93 @@ struct pe_hdr { #define IMAGE_DLLCHARACTERISTICS_WDM_DRIVER 0x2000 #define IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE 0x8000 +/* they actually defined 0x00000000 as well, but I think we'll skip that one. */ +#define IMAGE_SCN_RESERVED_0 0x00000001 +#define IMAGE_SCN_RESERVED_1 0x00000002 +#define IMAGE_SCN_RESERVED_2 0x00000004 +#define IMAGE_SCN_TYPE_NO_PAD 0x00000008 /* don't pad - obsolete */ +#define IMAGE_SCN_RESERVED_3 0x00000010 +#define IMAGE_SCN_CNT_CODE 0x00000020 /* .text */ +#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 /* .data */ +#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 /* .bss */ +#define IMAGE_SCN_LNK_OTHER 0x00000100 /* reserved */ +#define IMAGE_SCN_LNK_INFO 0x00000200 /* .drectve comments */ +#define IMAGE_SCN_RESERVED_4 0x00000400 +#define IMAGE_SCN_LNK_REMOVE 0x00000800 /* .o only - scn to be rm'd*/ +#define IMAGE_SCN_LNK_COMDAT 0x00001000 /* .o only - COMDAT data */ +#define IMAGE_SCN_RESERVED_5 0x00002000 /* spec omits this */ +#define IMAGE_SCN_RESERVED_6 0x00004000 /* spec omits this */ +#define IMAGE_SCN_GPREL 0x00008000 /* global pointer referenced data */ +/* spec lists 0x20000 twice, I suspect they meant 0x10000 for one of them */ +#define IMAGE_SCN_MEM_PURGEABLE 0x00010000 /* reserved for "future" use */ +#define IMAGE_SCN_16BIT 0x00020000 /* reserved for "future" use */ +#define IMAGE_SCN_LOCKED 0x00040000 /* reserved for "future" use */ +#define IMAGE_SCN_PRELOAD 0x00080000 /* reserved for "future" use */ +/* and here they just stuck a 1-byte integer in the middle of a bitfield */ +#define IMAGE_SCN_ALIGN_1BYTES 0x00100000 /* it does what it says on the box */ +#define IMAGE_SCN_ALIGN_2BYTES 0x00200000 +#define IMAGE_SCN_ALIGN_4BYTES 0x00300000 +#define IMAGE_SCN_ALIGN_8BYTES 0x00400000 +#define IMAGE_SCN_ALIGN_16BYTES 0x00500000 +#define IMAGE_SCN_ALIGN_32BYTES 0x00600000 +#define IMAGE_SCN_ALIGN_64BYTES 0x00700000 +#define IMAGE_SCN_ALIGN_128BYTES 0x00800000 +#define IMAGE_SCN_ALIGN_256BYTES 0x00900000 +#define IMAGE_SCN_ALIGN_512BYTES 0x00a00000 +#define IMAGE_SCN_ALIGN_1024BYTES 0x00b00000 +#define IMAGE_SCN_ALIGN_2048BYTES 0x00c00000 +#define IMAGE_SCN_ALIGN_4096BYTES 0x00d00000 +#define IMAGE_SCN_ALIGN_8192BYTES 0x00e00000 +#define IMAGE_SCN_LNK_NRELOC_OVFL 0x01000000 /* extended relocations */ +#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 /* scn can be discarded */ +#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 /* cannot be cached */ +#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 /* not pageable */ +#define IMAGE_SCN_MEM_SHARED 0x10000000 /* can be shared */ +#define IMAGE_SCN_MEM_EXECUTE 0x20000000 /* can be executed as code */ +#define IMAGE_SCN_MEM_READ 0x40000000 /* readable */ +#define IMAGE_SCN_MEM_WRITE 0x80000000 /* writeable */ + +#ifndef __ASSEMBLY__ + +struct mz_hdr { + uint16_t magic; /* MZ_MAGIC */ + uint16_t lbsize; /* size of last used block */ + uint16_t blocks; /* pages in file, 0x3 */ + uint16_t relocs; /* relocations */ + uint16_t hdrsize; /* header size in "paragraphs" */ + uint16_t min_extra_pps; /* .bss */ + uint16_t max_extra_pps; /* runtime limit for the arena size */ + uint16_t ss; /* relative stack segment */ + uint16_t sp; /* initial %sp register */ + uint16_t checksum; /* word checksum */ + uint16_t ip; /* initial %ip register */ + uint16_t cs; /* initial %cs relative to load segment */ + uint16_t reloc_table_offset; /* offset of the first relocation */ + uint16_t overlay_num; /* overlay number. set to 0. */ + uint16_t reserved0[4]; /* reserved */ + uint16_t oem_id; /* oem identifier */ + uint16_t oem_info; /* oem specific */ + uint16_t reserved1[10]; /* reserved */ + uint32_t peaddr; /* address of pe header */ + char message[64]; /* message to print */ +}; + +struct mz_reloc { + uint16_t offset; + uint16_t segment; +}; + +struct pe_hdr { + uint32_t magic; /* PE magic */ + uint16_t machine; /* machine type */ + uint16_t sections; /* number of sections */ + uint32_t timestamp; /* time_t */ + uint32_t symbol_table; /* symbol table offset */ + uint32_t symbols; /* number of symbols */ + uint16_t opt_hdr_size; /* size of optional header */ + uint16_t flags; /* flags */ +}; + /* the fact that pe32 isn't padded where pe32+ is 64-bit means union won't * work right. vomit. */ struct pe32_opt_hdr { @@ -243,52 +291,6 @@ struct section_header { uint32_t flags; }; -/* they actually defined 0x00000000 as well, but I think we'll skip that one. */ -#define IMAGE_SCN_RESERVED_0 0x00000001 -#define IMAGE_SCN_RESERVED_1 0x00000002 -#define IMAGE_SCN_RESERVED_2 0x00000004 -#define IMAGE_SCN_TYPE_NO_PAD 0x00000008 /* don't pad - obsolete */ -#define IMAGE_SCN_RESERVED_3 0x00000010 -#define IMAGE_SCN_CNT_CODE 0x00000020 /* .text */ -#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 /* .data */ -#define IMAGE_SCN_CNT_UNINITIALIZED_DATA 0x00000080 /* .bss */ -#define IMAGE_SCN_LNK_OTHER 0x00000100 /* reserved */ -#define IMAGE_SCN_LNK_INFO 0x00000200 /* .drectve comments */ -#define IMAGE_SCN_RESERVED_4 0x00000400 -#define IMAGE_SCN_LNK_REMOVE 0x00000800 /* .o only - scn to be rm'd*/ -#define IMAGE_SCN_LNK_COMDAT 0x00001000 /* .o only - COMDAT data */ -#define IMAGE_SCN_RESERVED_5 0x00002000 /* spec omits this */ -#define IMAGE_SCN_RESERVED_6 0x00004000 /* spec omits this */ -#define IMAGE_SCN_GPREL 0x00008000 /* global pointer referenced data */ -/* spec lists 0x20000 twice, I suspect they meant 0x10000 for one of them */ -#define IMAGE_SCN_MEM_PURGEABLE 0x00010000 /* reserved for "future" use */ -#define IMAGE_SCN_16BIT 0x00020000 /* reserved for "future" use */ -#define IMAGE_SCN_LOCKED 0x00040000 /* reserved for "future" use */ -#define IMAGE_SCN_PRELOAD 0x00080000 /* reserved for "future" use */ -/* and here they just stuck a 1-byte integer in the middle of a bitfield */ -#define IMAGE_SCN_ALIGN_1BYTES 0x00100000 /* it does what it says on the box */ -#define IMAGE_SCN_ALIGN_2BYTES 0x00200000 -#define IMAGE_SCN_ALIGN_4BYTES 0x00300000 -#define IMAGE_SCN_ALIGN_8BYTES 0x00400000 -#define IMAGE_SCN_ALIGN_16BYTES 0x00500000 -#define IMAGE_SCN_ALIGN_32BYTES 0x00600000 -#define IMAGE_SCN_ALIGN_64BYTES 0x00700000 -#define IMAGE_SCN_ALIGN_128BYTES 0x00800000 -#define IMAGE_SCN_ALIGN_256BYTES 0x00900000 -#define IMAGE_SCN_ALIGN_512BYTES 0x00a00000 -#define IMAGE_SCN_ALIGN_1024BYTES 0x00b00000 -#define IMAGE_SCN_ALIGN_2048BYTES 0x00c00000 -#define IMAGE_SCN_ALIGN_4096BYTES 0x00d00000 -#define IMAGE_SCN_ALIGN_8192BYTES 0x00e00000 -#define IMAGE_SCN_LNK_NRELOC_OVFL 0x01000000 /* extended relocations */ -#define IMAGE_SCN_MEM_DISCARDABLE 0x02000000 /* scn can be discarded */ -#define IMAGE_SCN_MEM_NOT_CACHED 0x04000000 /* cannot be cached */ -#define IMAGE_SCN_MEM_NOT_PAGED 0x08000000 /* not pageable */ -#define IMAGE_SCN_MEM_SHARED 0x10000000 /* can be shared */ -#define IMAGE_SCN_MEM_EXECUTE 0x20000000 /* can be executed as code */ -#define IMAGE_SCN_MEM_READ 0x40000000 /* readable */ -#define IMAGE_SCN_MEM_WRITE 0x80000000 /* writeable */ - enum x64_coff_reloc_type { IMAGE_REL_AMD64_ABSOLUTE = 0, IMAGE_REL_AMD64_ADDR64, @@ -445,4 +447,6 @@ struct win_certificate { uint16_t cert_type; }; +#endif /* !__ASSEMBLY__ */ + #endif /* __LINUX_PE_H */ From patchwork Wed Feb 8 11:55:35 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93630 Delivered-To: patch@linaro.org Received: by 10.182.3.34 with SMTP id 2csp2703710obz; Wed, 8 Feb 2017 04:27:45 -0800 (PST) X-Received: by 10.84.214.150 with SMTP id j22mr33683222pli.23.1486556865165; Wed, 08 Feb 2017 04:27:45 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a21si6972489pgi.248.2017.02.08.04.27.45; Wed, 08 Feb 2017 04:27:45 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752910AbdBHM1o (ORCPT + 2 others); Wed, 8 Feb 2017 07:27:44 -0500 Received: from mail-wm0-f51.google.com ([74.125.82.51]:33659 "EHLO mail-wm0-f51.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753307AbdBHM1l (ORCPT ); Wed, 8 Feb 2017 07:27:41 -0500 Received: by mail-wm0-f51.google.com with SMTP id t18so49886936wmt.0 for ; Wed, 08 Feb 2017 04:27:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=QdfkNBEiiYaJ5xy2NsClNrboFOb+kCZKahEn/Hd/UY0=; b=Jy/c4O51M2e2UkpHpl5XOFXtlnSb5Ln7JSR2eq3mFHxO6lUyJWAZaR9pQZiZG7ZwkR TM9GtbxP89QtUWbb/F46vGMhqNTHNYUbPZdfp4Wk0tqXuCyCn7QqKeotyHBtWgE7TyDq L+CFlnceuYIDSFdMSbzUuyIqRExoaGzlSOe8A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=QdfkNBEiiYaJ5xy2NsClNrboFOb+kCZKahEn/Hd/UY0=; b=roegyS9pqzRjMFd0fCAdJCB9Rihnta8D+BJFRF+wEE56XfqSUrFY33+WZQV9LnIzC0 7gEH2tePKIUYip9Vz5V0v6LtEK7+fePMlSUfjiWe1W3itaA4UAh9RDTiyZ6I24EsL35U 2HR8MrV0hF210uhPYz0Drgr8vd8ZMR+kT82r3EL3uJx5aIrKyp9ha7E9xT/l2ZRV5Czn IR6F4oCnYi4qpYediGpcN5psSTEnEEYrvIMuEAG1mEHCZeyfC1ShZg/nc4s6ZdAFsWNO AmrYf7Vi8kM7DahWxEAAMQYfC7d3Rp5TUP8SxaS7jr1Bc1btSrey/aMeiKXH3qUlzju5 QEZw== X-Gm-Message-State: AMke39m9i0C2nYWzIwasifdUMJbzmnCBoOzj1H1+1ynr6P6z6JEusIGan0aWAHj1mYLCpF94 X-Received: by 10.28.170.213 with SMTP id t204mr16328720wme.29.1486554967592; Wed, 08 Feb 2017 03:56:07 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.04 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:06 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 02/14] include: pe.h: add some missing definitions Date: Wed, 8 Feb 2017 11:55:35 +0000 Message-Id: <1486554947-3964-3-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org From: Mark Rutland Add the missing IMAGE_FILE_MACHINE_ARM64 and IMAGE_DEBUG_TYPE_CODEVIEW definitions. We'll need them for the arm64 EFI stub... Signed-off-by: Mark Rutland [ardb: add IMAGE_DEBUG_TYPE_CODEVIEW as well] Signed-off-by: Ard Biesheuvel --- include/linux/pe.h | 3 +++ 1 file changed, 3 insertions(+) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/include/linux/pe.h b/include/linux/pe.h index a8a594117df3..143ce75be5f0 100644 --- a/include/linux/pe.h +++ b/include/linux/pe.h @@ -34,6 +34,7 @@ #define IMAGE_FILE_MACHINE_AMD64 0x8664 #define IMAGE_FILE_MACHINE_ARM 0x01c0 #define IMAGE_FILE_MACHINE_ARMV7 0x01c4 +#define IMAGE_FILE_MACHINE_ARM64 0xaa64 #define IMAGE_FILE_MACHINE_EBC 0x0ebc #define IMAGE_FILE_MACHINE_I386 0x014c #define IMAGE_FILE_MACHINE_IA64 0x0200 @@ -141,6 +142,8 @@ #define IMAGE_SCN_MEM_READ 0x40000000 /* readable */ #define IMAGE_SCN_MEM_WRITE 0x80000000 /* writeable */ +#define IMAGE_DEBUG_TYPE_CODEVIEW 2 + #ifndef __ASSEMBLY__ struct mz_hdr { From patchwork Wed Feb 8 11:55:36 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93620 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2649287qgi; Wed, 8 Feb 2017 04:06:07 -0800 (PST) X-Received: by 10.99.101.131 with SMTP id z125mr26333786pgb.218.1486555567165; Wed, 08 Feb 2017 04:06:07 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e5si6944883pgg.25.2017.02.08.04.06.07; Wed, 08 Feb 2017 04:06:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932622AbdBHMFa (ORCPT + 2 others); Wed, 8 Feb 2017 07:05:30 -0500 Received: from mail-wm0-f45.google.com ([74.125.82.45]:35881 "EHLO mail-wm0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753378AbdBHMET (ORCPT ); Wed, 8 Feb 2017 07:04:19 -0500 Received: by mail-wm0-f45.google.com with SMTP id c85so194489330wmi.1 for ; Wed, 08 Feb 2017 04:04:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=fOJdAcdx6RI/V8BuswNDVngm2AKv/u/Z8gjJ7OLGr1Q=; b=HshLzGRgdDHU8/jNIBOi952BoD4I+LVBx8Q4z4Vgj++8wGb8Hs0fpyHqO7sK2pmjmY uhGHtfV8Yh9RUKomYRuvPi6JoIeZ4n8sm81erolvfwYyBexjLUV/RTRbIoNu7fgxyjiq wCAhVxCqhnozz10jjiw8Syl+pJ03jYGT7xN9k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=fOJdAcdx6RI/V8BuswNDVngm2AKv/u/Z8gjJ7OLGr1Q=; b=Nb33fpXB60vA2ZssKsMNz7X+jD+otG0ccTs20s1gw224DblvZF9GgE9QrrYsdFKFN7 oGaoBOtyk+UsdynLwBUZoLQdQe1a7u/mWiZEwPdkzEdXZmJpiW34lOwgyDuRkNTNt8wW xUkZwZog6lWkgRsk8OeiIpmHSPHqb+lnnR3R72Ybuwoui7ZD5JfEAirD9J9rR0pC5JSY kOGJJoUZZWCPCOoeNZ7rPsfJS7iejwpsaxUsPJv9hFAMnE9zFcsoKOMxvq6DiOYoNQRX MUl2XsStSMCXXOZzP1CLenNi1hXC18ecRNw/DXdJ14C5KXx/zXn3KDraoD0RkVL6YHOx Zrxg== X-Gm-Message-State: AMke39llgT2utZoF9UDsayZuPTCnLQZwvgp7pYSHFovpCzIRs8auFu29J7zN/9TKqGmgi4E4 X-Received: by 10.28.88.6 with SMTP id m6mr16894318wmb.4.1486554970573; Wed, 08 Feb 2017 03:56:10 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.07 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:09 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 03/14] arm64: efi: move EFI header and related data to a separate .S file Date: Wed, 8 Feb 2017 11:55:36 +0000 Message-Id: <1486554947-3964-4-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org In preparation of yet another round of modifications to the PE/COFF header, macroize it and move the definition into a separate source file. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/efi-header.S | 158 ++++++++++++++++++++ arch/arm64/kernel/head.S | 150 +------------------ 2 files changed, 161 insertions(+), 147 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Acked-by: Mark Rutland diff --git a/arch/arm64/kernel/efi-header.S b/arch/arm64/kernel/efi-header.S new file mode 100644 index 000000000000..9b24ce130afb --- /dev/null +++ b/arch/arm64/kernel/efi-header.S @@ -0,0 +1,158 @@ +/* + * Copyright (C) 2013 - 2017 Linaro, Ltd. + * Copyright (C) 2013, 2014 Red Hat, Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + + .macro __EFI_PE_HEADER + .ascii "PE" + .short 0 +coff_header: + .short 0xaa64 // AArch64 + .short 2 // nr_sections + .long 0 // TimeDateStamp + .long 0 // PointerToSymbolTable + .long 1 // NumberOfSymbols + .short section_table - optional_header // SizeOfOptionalHeader + .short 0x206 // Characteristics. + // IMAGE_FILE_DEBUG_STRIPPED | + // IMAGE_FILE_EXECUTABLE_IMAGE | + // IMAGE_FILE_LINE_NUMS_STRIPPED +optional_header: + .short 0x20b // PE32+ format + .byte 0x02 // MajorLinkerVersion + .byte 0x14 // MinorLinkerVersion + .long _end - efi_header_end // SizeOfCode + .long 0 // SizeOfInitializedData + .long 0 // SizeOfUninitializedData + .long __efistub_entry - _head // AddressOfEntryPoint + .long efi_header_end - _head // BaseOfCode + +extra_header_fields: + .quad 0 // ImageBase + .long 0x1000 // SectionAlignment + .long PECOFF_FILE_ALIGNMENT // FileAlignment + .short 0 // MajorOperatingSystemVersion + .short 0 // MinorOperatingSystemVersion + .short 0 // MajorImageVersion + .short 0 // MinorImageVersion + .short 0 // MajorSubsystemVersion + .short 0 // MinorSubsystemVersion + .long 0 // Win32VersionValue + + .long _end - _head // SizeOfImage + + // Everything before the kernel image is considered part of the header + .long efi_header_end - _head // SizeOfHeaders + .long 0 // CheckSum + .short 0xa // Subsystem (EFI application) + .short 0 // DllCharacteristics + .quad 0 // SizeOfStackReserve + .quad 0 // SizeOfStackCommit + .quad 0 // SizeOfHeapReserve + .quad 0 // SizeOfHeapCommit + .long 0 // LoaderFlags + .long (section_table - .) / 8 // NumberOfRvaAndSizes + + .quad 0 // ExportTable + .quad 0 // ImportTable + .quad 0 // ResourceTable + .quad 0 // ExceptionTable + .quad 0 // CertificationTable + .quad 0 // BaseRelocationTable + +#ifdef CONFIG_DEBUG_EFI + .long efi_debug_table - _head // DebugTable + .long efi_debug_table_size +#endif + + // Section table +section_table: + + /* + * The EFI application loader requires a relocation section + * because EFI applications must be relocatable. This is a + * dummy section as far as we are concerned. + */ + .ascii ".reloc" + .byte 0 + .byte 0 // end of 0 padding of section name + .long 0 + .long 0 + .long 0 // SizeOfRawData + .long 0 // PointerToRawData + .long 0 // PointerToRelocations + .long 0 // PointerToLineNumbers + .short 0 // NumberOfRelocations + .short 0 // NumberOfLineNumbers + .long 0x42100040 // Characteristics (section flags) + + + .ascii ".text" + .byte 0 + .byte 0 + .byte 0 // end of 0 padding of section name + .long _end - efi_header_end // VirtualSize + .long efi_header_end - _head // VirtualAddress + .long _edata - efi_header_end // SizeOfRawData + .long efi_header_end - _head // PointerToRawData + + .long 0 // PointerToRelocations + .long 0 // PointerToLineNumbers + .short 0 // NumberOfRelocations + .short 0 // NumberOfLineNumbers + .long 0xe0500020 // Characteristics + +#ifdef CONFIG_DEBUG_EFI + /* + * The debug table is referenced via its Relative Virtual Address (RVA), + * which is only defined for those parts of the image that are covered + * by a section declaration. Since this header is not covered by any + * section, the debug table must be emitted elsewhere. So stick it in + * the .init.rodata section instead. + * + * Note that the EFI debug entry itself may legally have a zero RVA, + * which means we can simply put it right after the section headers. + */ + __INITRODATA + + .align 2 +efi_debug_table: + // EFI_IMAGE_DEBUG_DIRECTORY_ENTRY + .long 0 // Characteristics + .long 0 // TimeDateStamp + .short 0 // MajorVersion + .short 0 // MinorVersion + .long 2 // Type == EFI_IMAGE_DEBUG_TYPE_CODEVIEW + .long efi_debug_entry_size // SizeOfData + .long 0 // RVA + .long efi_debug_entry - _head // FileOffset + + .set efi_debug_table_size, . - efi_debug_table + .previous + +efi_debug_entry: + // EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY + .ascii "NB10" // Signature + .long 0 // Unknown + .long 0 // Unknown2 + .long 0 // Unknown3 + + .asciz VMLINUX_PATH + + .set efi_debug_entry_size, . - efi_debug_entry +#endif + + /* + * EFI will load .text onwards at the 4k section alignment + * described in the PE/COFF header. To ensure that instruction + * sequences using an adrp and a :lo12: immediate will function + * correctly at this alignment, we must ensure that .text is + * placed at a 4k boundary in the Image to begin with. + */ + .align 12 +efi_header_end: + .endm diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S index c6cc82ec190b..f779a7483736 100644 --- a/arch/arm64/kernel/head.S +++ b/arch/arm64/kernel/head.S @@ -42,6 +42,8 @@ #include #include +#include "efi-header.S" + #define __PHYS_OFFSET (KERNEL_START - TEXT_OFFSET) #if (TEXT_OFFSET & 0xfff) != 0 @@ -102,153 +104,7 @@ _head: #ifdef CONFIG_EFI .align 3 pe_header: - .ascii "PE" - .short 0 -coff_header: - .short 0xaa64 // AArch64 - .short 2 // nr_sections - .long 0 // TimeDateStamp - .long 0 // PointerToSymbolTable - .long 1 // NumberOfSymbols - .short section_table - optional_header // SizeOfOptionalHeader - .short 0x206 // Characteristics. - // IMAGE_FILE_DEBUG_STRIPPED | - // IMAGE_FILE_EXECUTABLE_IMAGE | - // IMAGE_FILE_LINE_NUMS_STRIPPED -optional_header: - .short 0x20b // PE32+ format - .byte 0x02 // MajorLinkerVersion - .byte 0x14 // MinorLinkerVersion - .long _end - efi_header_end // SizeOfCode - .long 0 // SizeOfInitializedData - .long 0 // SizeOfUninitializedData - .long __efistub_entry - _head // AddressOfEntryPoint - .long efi_header_end - _head // BaseOfCode - -extra_header_fields: - .quad 0 // ImageBase - .long 0x1000 // SectionAlignment - .long PECOFF_FILE_ALIGNMENT // FileAlignment - .short 0 // MajorOperatingSystemVersion - .short 0 // MinorOperatingSystemVersion - .short 0 // MajorImageVersion - .short 0 // MinorImageVersion - .short 0 // MajorSubsystemVersion - .short 0 // MinorSubsystemVersion - .long 0 // Win32VersionValue - - .long _end - _head // SizeOfImage - - // Everything before the kernel image is considered part of the header - .long efi_header_end - _head // SizeOfHeaders - .long 0 // CheckSum - .short 0xa // Subsystem (EFI application) - .short 0 // DllCharacteristics - .quad 0 // SizeOfStackReserve - .quad 0 // SizeOfStackCommit - .quad 0 // SizeOfHeapReserve - .quad 0 // SizeOfHeapCommit - .long 0 // LoaderFlags - .long (section_table - .) / 8 // NumberOfRvaAndSizes - - .quad 0 // ExportTable - .quad 0 // ImportTable - .quad 0 // ResourceTable - .quad 0 // ExceptionTable - .quad 0 // CertificationTable - .quad 0 // BaseRelocationTable - -#ifdef CONFIG_DEBUG_EFI - .long efi_debug_table - _head // DebugTable - .long efi_debug_table_size -#endif - - // Section table -section_table: - - /* - * The EFI application loader requires a relocation section - * because EFI applications must be relocatable. This is a - * dummy section as far as we are concerned. - */ - .ascii ".reloc" - .byte 0 - .byte 0 // end of 0 padding of section name - .long 0 - .long 0 - .long 0 // SizeOfRawData - .long 0 // PointerToRawData - .long 0 // PointerToRelocations - .long 0 // PointerToLineNumbers - .short 0 // NumberOfRelocations - .short 0 // NumberOfLineNumbers - .long 0x42100040 // Characteristics (section flags) - - - .ascii ".text" - .byte 0 - .byte 0 - .byte 0 // end of 0 padding of section name - .long _end - efi_header_end // VirtualSize - .long efi_header_end - _head // VirtualAddress - .long _edata - efi_header_end // SizeOfRawData - .long efi_header_end - _head // PointerToRawData - - .long 0 // PointerToRelocations (0 for executables) - .long 0 // PointerToLineNumbers (0 for executables) - .short 0 // NumberOfRelocations (0 for executables) - .short 0 // NumberOfLineNumbers (0 for executables) - .long 0xe0500020 // Characteristics (section flags) - -#ifdef CONFIG_DEBUG_EFI - /* - * The debug table is referenced via its Relative Virtual Address (RVA), - * which is only defined for those parts of the image that are covered - * by a section declaration. Since this header is not covered by any - * section, the debug table must be emitted elsewhere. So stick it in - * the .init.rodata section instead. - * - * Note that the EFI debug entry itself may legally have a zero RVA, - * which means we can simply put it right after the section headers. - */ - __INITRODATA - - .align 2 -efi_debug_table: - // EFI_IMAGE_DEBUG_DIRECTORY_ENTRY - .long 0 // Characteristics - .long 0 // TimeDateStamp - .short 0 // MajorVersion - .short 0 // MinorVersion - .long 2 // Type == EFI_IMAGE_DEBUG_TYPE_CODEVIEW - .long efi_debug_entry_size // SizeOfData - .long 0 // RVA - .long efi_debug_entry - _head // FileOffset - - .set efi_debug_table_size, . - efi_debug_table - .previous - -efi_debug_entry: - // EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY - .ascii "NB10" // Signature - .long 0 // Unknown - .long 0 // Unknown2 - .long 0 // Unknown3 - - .asciz VMLINUX_PATH - - .set efi_debug_entry_size, . - efi_debug_entry -#endif - - /* - * EFI will load .text onwards at the 4k section alignment - * described in the PE/COFF header. To ensure that instruction - * sequences using an adrp and a :lo12: immediate will function - * correctly at this alignment, we must ensure that .text is - * placed at a 4k boundary in the Image to begin with. - */ - .align 12 -efi_header_end: + __EFI_PE_HEADER #endif __INIT From patchwork Wed Feb 8 11:55:37 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93613 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2648637qgi; Wed, 8 Feb 2017 04:04:46 -0800 (PST) X-Received: by 10.98.51.70 with SMTP id z67mr25676938pfz.68.1486555486049; Wed, 08 Feb 2017 04:04:46 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z126si6908390pfz.272.2017.02.08.04.04.45; Wed, 08 Feb 2017 04:04:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754370AbdBHME0 (ORCPT + 2 others); Wed, 8 Feb 2017 07:04:26 -0500 Received: from mail-wm0-f45.google.com ([74.125.82.45]:38317 "EHLO mail-wm0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751674AbdBHMET (ORCPT ); Wed, 8 Feb 2017 07:04:19 -0500 Received: by mail-wm0-f45.google.com with SMTP id r141so184316690wmg.1 for ; Wed, 08 Feb 2017 04:03:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=nYLQ/TWjzdTocZ/APHH9ZMeWcOS9zJzl3JkWnBGDSYg=; b=Fe2JZmfJkyudM3/oXlU67msTnCZSQsZ7suUuD+neHBFc2vbFyFwUfIeb3NgMNSwQht sRX6rGByyD44chFHEVMTFp9vSZTqvBMq5n5rByo85kHFFRSiWMukqc9QBNkJs3DAA6/5 NHSaOcdUwNZb0zO/6R0kWdCxgZlH/aVp2RBq8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=nYLQ/TWjzdTocZ/APHH9ZMeWcOS9zJzl3JkWnBGDSYg=; b=ci4tPfGPwrW25s7R3uoJdM7gJu1HNM0kwqeQC2pOImRu31P5JwxeZ1/KNGzIcBLIOD BgAKWqB08IgMk+ZwUcbRHyikTWhwKoVdkKbjSdBCrS4ujhucFvnkvi8sXBFSsfawkM1l ijn8LZPfzvf0VWikuEUS3O0NuvbKG+a8O+8tV1obREyHwrXWz5I013CLW2uJk0+zYhDh mA9dJMJHpXuCva3DjdDzb8F70JAkQEwqlCvBoygqnTme6FZXyy+lFcaBTBlCcbMq8wlJ fOFs3KO82pw6Q4v+JdvKnYE6itvnwvsJs8pOz0A1I3AbxJYSqtvbeEE3n5T96uiTEXlK o8LA== X-Gm-Message-State: AMke39nCE6pOnQBtWLe4PKAWMJt5z1Lt0er/S5wtQu932UdgxZXQRZJbHo19RRuOS3iPfe5k X-Received: by 10.28.191.79 with SMTP id p76mr16806845wmf.21.1486554973357; Wed, 08 Feb 2017 03:56:13 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:12 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 04/14] arm64: efi: clean up Image header after PE header has been split off Date: Wed, 8 Feb 2017 11:55:37 +0000 Message-Id: <1486554947-3964-5-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org After having split off the PE header, clean up the bits that remain: use .long consistently, merge two adjacent #ifdef CONFIG_EFI blocks, fix the offset of the PE header pointer and remove the redundant .align that follows it. Also, since we will be eliminating all open coded constants from the EFI header in subsequent patches, let's replace the open coded "ARM\x64" magic number with its .ascii equivalent. No changes to the resulting binary image are intended. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/head.S | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S index f779a7483736..aa8f6cd8c33f 100644 --- a/arch/arm64/kernel/head.S +++ b/arch/arm64/kernel/head.S @@ -91,20 +91,19 @@ _head: .quad 0 // reserved .quad 0 // reserved .quad 0 // reserved - .byte 0x41 // Magic number, "ARM\x64" - .byte 0x52 - .byte 0x4d - .byte 0x64 + .ascii "ARM\x64" // Magic number #ifdef CONFIG_EFI + /* + * PE/COFF requires the offset to the PE header + * to be stored at offset 0x3c into the file. + */ + .org _head + 0x3c .long pe_header - _head // Offset to the PE header. -#else - .word 0 // reserved -#endif -#ifdef CONFIG_EFI - .align 3 pe_header: __EFI_PE_HEADER +#else + .long 0 // reserved #endif __INIT From patchwork Wed Feb 8 11:55:38 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93625 Delivered-To: patch@linaro.org Received: by 10.182.3.34 with SMTP id 2csp2701334obz; Wed, 8 Feb 2017 04:21:25 -0800 (PST) X-Received: by 10.99.2.151 with SMTP id 145mr26552113pgc.5.1486556485053; Wed, 08 Feb 2017 04:21:25 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a19si6961019pgk.243.2017.02.08.04.21.24; Wed, 08 Feb 2017 04:21:25 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754109AbdBHMVY (ORCPT + 2 others); Wed, 8 Feb 2017 07:21:24 -0500 Received: from mail-wm0-f45.google.com ([74.125.82.45]:36777 "EHLO mail-wm0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753903AbdBHMVI (ORCPT ); Wed, 8 Feb 2017 07:21:08 -0500 Received: by mail-wm0-f45.google.com with SMTP id c85so195033608wmi.1 for ; Wed, 08 Feb 2017 04:21:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=3C0zk52+iNOJeJWj1xjjbSjNickSISnKR1I2EtOLjpY=; b=RumH88hEhNusA6mNEZEzXspqLHeC6CphcxOBcoJDpMXbsA0CjeWQO0u+K8/0vqp5is uzbqh5U4pHD529mGgysvY5JF835QwxWCkHQKbzGCKssfRemgLFd0VD+UfQLirw5O1/S2 60mi4z4kB036ecyhGkDox7s9ZexgtkYgH9GoI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=3C0zk52+iNOJeJWj1xjjbSjNickSISnKR1I2EtOLjpY=; b=MS9fVFCuzS1MvXolJFmiCzzbaDaG28t3drisTu4M3PinIwmzwGYDG6EGeQG08hpbJL xQ0kVxUuraHx1vT2TkTWK21woxceC5/aulyw9yDZuBX0Nwew1NoJRWMuGx9svxrURuMk 0uFWbBkIgDDwTWftU47Hcempfzx7S85jI1X5AqNsM3suiduA7EEy/FHafnIpg7/SpVVM 5VS6PdxTIYNQX5gGgN4b70Z8fLA6FO8JBsEkL6B0DMNC1uDLDp7+efwyo78k7pdE2DDn uCyhsa1UkBSZpszwdvllijAhczVbrH2A6QPM1vaQ86pcpAseSSn8Z1jbq1eHb+sbVT5u SfvQ== X-Gm-Message-State: AMke39lT29IKwGpD+90kbbO4scYduELXHR7Eh8DabmXayaA1HqI4/mhdmD4LHeHLzKhHsCjf X-Received: by 10.28.149.199 with SMTP id x190mr16753086wmd.91.1486554976084; Wed, 08 Feb 2017 03:56:16 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:15 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 05/14] arm64: efi: remove forbidden values from the PE/COFF header Date: Wed, 8 Feb 2017 11:55:38 +0000 Message-Id: <1486554947-3964-6-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Bring the PE/COFF header in line with the PE/COFF spec, by setting NumberOfSymbols to 0, and removing the section alignment flags. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/efi-header.S | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Acked-by: Mark Rutland diff --git a/arch/arm64/kernel/efi-header.S b/arch/arm64/kernel/efi-header.S index 9b24ce130afb..515624bbfcd0 100644 --- a/arch/arm64/kernel/efi-header.S +++ b/arch/arm64/kernel/efi-header.S @@ -15,7 +15,7 @@ coff_header: .short 2 // nr_sections .long 0 // TimeDateStamp .long 0 // PointerToSymbolTable - .long 1 // NumberOfSymbols + .long 0 // NumberOfSymbols .short section_table - optional_header // SizeOfOptionalHeader .short 0x206 // Characteristics. // IMAGE_FILE_DEBUG_STRIPPED | @@ -88,7 +88,7 @@ section_table: .long 0 // PointerToLineNumbers .short 0 // NumberOfRelocations .short 0 // NumberOfLineNumbers - .long 0x42100040 // Characteristics (section flags) + .long 0x42000040 // Characteristics (section flags) .ascii ".text" @@ -104,7 +104,7 @@ section_table: .long 0 // PointerToLineNumbers .short 0 // NumberOfRelocations .short 0 // NumberOfLineNumbers - .long 0xe0500020 // Characteristics + .long 0xe0000020 // Characteristics #ifdef CONFIG_DEBUG_EFI /* From patchwork Wed Feb 8 11:55:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93615 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2648888qgi; Wed, 8 Feb 2017 04:05:18 -0800 (PST) X-Received: by 10.84.225.148 with SMTP id u20mr32865615plj.93.1486555518711; Wed, 08 Feb 2017 04:05:18 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 72si6933694pfj.150.2017.02.08.04.05.18; Wed, 08 Feb 2017 04:05:18 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932378AbdBHME5 (ORCPT + 2 others); Wed, 8 Feb 2017 07:04:57 -0500 Received: from mail-wr0-f172.google.com ([209.85.128.172]:34308 "EHLO mail-wr0-f172.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932289AbdBHME4 (ORCPT ); Wed, 8 Feb 2017 07:04:56 -0500 Received: by mail-wr0-f172.google.com with SMTP id o16so59330046wra.1 for ; Wed, 08 Feb 2017 04:04:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=SrLACJRtqeqes8x8zbhltXJF5VJs3kD4d+gHL4SAfIg=; b=IsHNNrdZoUx3LMTpmQRZaxhgiLlvNe/1ueD27be3UjfjKh7EqKykVM4Ryevui9Gt6Z dSHAUcc1h0zdgVfRcE49O5SmFgHrzl92SM623N5vOAVLNlmbWLuKvOtxkJ6b3XfbuKA/ co6P/YsFYRDxvfqZHY1pwdINGY3/ubJQPcBmg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=SrLACJRtqeqes8x8zbhltXJF5VJs3kD4d+gHL4SAfIg=; b=HRInunMfmo6H20Z52k6iLH8y7XnxgvneP4jSvpgHIO9vbCNhZfNN0n0V+uoigiu0Go ihGASBIzeE55bxd/HM6pcPaKL66uYnlPKhFoc7NR9p3KiGpNXET9cMjj9h1GWnlcZ+Q9 XJpBoHEwFP0FvzAXJtCI4i0e34YdcOhXRWK6gGnbTXuWu+JTWTb/ReeJcKdmeYaZUWqZ erk3vWS9RU0DGhQ0QNWV2N5EwWbu1X2JSLgk0ieZqdafiw5uqV2+aiux0RfH/WGXv1FQ bcVrfodR2Q0GK5xxYeS61FwCWySVoHYmy7bjhZypNwba4pYYWD5I6Bja8knjtGM0qtoi Tq7w== X-Gm-Message-State: AIkVDXL1valT7Eq6IK2gdq2ncSekuZ1JnsZvDgSISdppF2GTTtuJL8rhnW9u9K4fdoLMTo9q X-Received: by 10.223.133.131 with SMTP id 3mr18743211wrt.161.1486554978965; Wed, 08 Feb 2017 03:56:18 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:18 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 06/14] arm64: efi: remove pointless dummy .reloc section Date: Wed, 8 Feb 2017 11:55:39 +0000 Message-Id: <1486554947-3964-7-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The kernel's EFI PE/COFF header contains a dummy .reloc section, and an explanatory comment that claims that this is required for the EFI application loader to accept the Image as a relocatable image (i.e., one that can be loaded at any offset and fixed up in place) This was inherited from the x86 implementation, which has elaborate host tooling to mangle the PE/COFF header post-link time, and which populates the .reloc section with a single dummy base relocation. On ARM, no such tooling exists, and the .reloc section remains empty, and is never even exposed via the BaseRelocationTable directory entry, which is where the PE/COFF loader looks for it. The PE/COFF spec is unclear about relocatable images that do not require any fixups, but the EDK2 implementation, which is the de facto reference for PE/COFF in the UEFI space, clearly does not care, and explicitly mentions (in a comment) that relocatable images with no base relocations are perfectly fine, as long as they don't have the RELOCS_STRIPPED attribute set (which is not the case for our PE/COFF image) So simply remove the .reloc section altogether. Acked-by: Mark Rutland Acked-by: Peter Jones Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/efi-header.S | 22 +------------------- 1 file changed, 1 insertion(+), 21 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm64/kernel/efi-header.S b/arch/arm64/kernel/efi-header.S index 515624bbfcd0..8786d58af2df 100644 --- a/arch/arm64/kernel/efi-header.S +++ b/arch/arm64/kernel/efi-header.S @@ -12,7 +12,7 @@ .short 0 coff_header: .short 0xaa64 // AArch64 - .short 2 // nr_sections + .short 1 // nr_sections .long 0 // TimeDateStamp .long 0 // PointerToSymbolTable .long 0 // NumberOfSymbols @@ -71,26 +71,6 @@ extra_header_fields: // Section table section_table: - - /* - * The EFI application loader requires a relocation section - * because EFI applications must be relocatable. This is a - * dummy section as far as we are concerned. - */ - .ascii ".reloc" - .byte 0 - .byte 0 // end of 0 padding of section name - .long 0 - .long 0 - .long 0 // SizeOfRawData - .long 0 // PointerToRawData - .long 0 // PointerToRelocations - .long 0 // PointerToLineNumbers - .short 0 // NumberOfRelocations - .short 0 // NumberOfLineNumbers - .long 0x42000040 // Characteristics (section flags) - - .ascii ".text" .byte 0 .byte 0 From patchwork Wed Feb 8 11:55:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93619 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2649284qgi; Wed, 8 Feb 2017 04:06:07 -0800 (PST) X-Received: by 10.84.136.75 with SMTP id 69mr33947442plk.172.1486555567010; Wed, 08 Feb 2017 04:06:07 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id e5si6944883pgg.25.2017.02.08.04.06.06; Wed, 08 Feb 2017 04:06:07 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932748AbdBHMFb (ORCPT + 2 others); Wed, 8 Feb 2017 07:05:31 -0500 Received: from mail-wr0-f177.google.com ([209.85.128.177]:33052 "EHLO mail-wr0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754111AbdBHMET (ORCPT ); Wed, 8 Feb 2017 07:04:19 -0500 Received: by mail-wr0-f177.google.com with SMTP id i10so59292525wrb.0 for ; Wed, 08 Feb 2017 04:04:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=0cK7+Ar28vcoVuW/0Wuc/om69UhlFVxMa0GtSvxNHl0=; b=Ye7p26xVb9HSbT+TmLocgUr7EaVCiqcaRf1jmc6Nd9kjLeL+uu0PV3SuBHMhLTw+8b grKZPUc+aGi5wH2shGeVYkdfRhsrDctHiVkKpjE+bbmxYwDqGx+JEwd+nNhvLnwin9FQ 8fDmNeU75vcSluh0VnO5S9b+st64QlUpIuaWM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=0cK7+Ar28vcoVuW/0Wuc/om69UhlFVxMa0GtSvxNHl0=; b=C6HIja6wI9vIz9N/A8NZ8C3fH1q4GoNT8YioZLhvxc3AIHgJGzdq3Z6mo5yNCvnhzu btguiSBFAQoUIQdYyjBwjaTVsL9Y9hFs05gYSrS0fCDWDBx8TCIcKK7sv/7lxlLyaEsK lg1SLgt9Fuh+kDDJJSfe9dkgWFN5MYsvRJI22oVhQ8n27gUSf1hHTfA3OdMueINianpN 3+wdil64NSqB9fjTLX3IMvVptClmwxjqYgGMEQfvfqCtR1bwnZjIvjENOHmTx5EuVVXx CSH+KmplkWnkhfwFKjPmTraphNIBmHiJNY/Rgw0W4GNAx4Bw8Vr3oBCjeI2oxx+kUPwG j1JQ== X-Gm-Message-State: AIkVDXJNK0cpuqOT0gZ8eLijQX9pnrb9Pb8ZKX4gdfAAm9iBIcLX3wTSkb0RjG4/2fz90ity X-Received: by 10.223.154.114 with SMTP id z105mr18662738wrb.89.1486554981376; Wed, 08 Feb 2017 03:56:21 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.19 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:20 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 07/14] arm64: efi: replace open coded constants with symbolic ones Date: Wed, 8 Feb 2017 11:55:40 +0000 Message-Id: <1486554947-3964-8-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Replace open coded constants with symbolic ones throughout the Image and the EFI headers. No binary level changes are intended. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/efi-header.S | 38 +++++++++++--------- 1 file changed, 21 insertions(+), 17 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Acked-by: Mark Rutland diff --git a/arch/arm64/kernel/efi-header.S b/arch/arm64/kernel/efi-header.S index 8786d58af2df..7637226ea9ca 100644 --- a/arch/arm64/kernel/efi-header.S +++ b/arch/arm64/kernel/efi-header.S @@ -7,22 +7,24 @@ * published by the Free Software Foundation. */ +#include +#include + .macro __EFI_PE_HEADER - .ascii "PE" - .short 0 + .long PE_MAGIC coff_header: - .short 0xaa64 // AArch64 - .short 1 // nr_sections + .short IMAGE_FILE_MACHINE_ARM64 // Machine + .short section_count // NumberOfSections .long 0 // TimeDateStamp .long 0 // PointerToSymbolTable .long 0 // NumberOfSymbols .short section_table - optional_header // SizeOfOptionalHeader - .short 0x206 // Characteristics. - // IMAGE_FILE_DEBUG_STRIPPED | - // IMAGE_FILE_EXECUTABLE_IMAGE | - // IMAGE_FILE_LINE_NUMS_STRIPPED + .short IMAGE_FILE_DEBUG_STRIPPED | \ + IMAGE_FILE_EXECUTABLE_IMAGE | \ + IMAGE_FILE_LINE_NUMS_STRIPPED // Characteristics + optional_header: - .short 0x20b // PE32+ format + .short PE_OPT_MAGIC_PE32PLUS // PE32+ format .byte 0x02 // MajorLinkerVersion .byte 0x14 // MinorLinkerVersion .long _end - efi_header_end // SizeOfCode @@ -33,7 +35,7 @@ optional_header: extra_header_fields: .quad 0 // ImageBase - .long 0x1000 // SectionAlignment + .long SZ_4K // SectionAlignment .long PECOFF_FILE_ALIGNMENT // FileAlignment .short 0 // MajorOperatingSystemVersion .short 0 // MinorOperatingSystemVersion @@ -48,7 +50,7 @@ extra_header_fields: // Everything before the kernel image is considered part of the header .long efi_header_end - _head // SizeOfHeaders .long 0 // CheckSum - .short 0xa // Subsystem (EFI application) + .short IMAGE_SUBSYSTEM_EFI_APPLICATION // Subsystem .short 0 // DllCharacteristics .quad 0 // SizeOfStackReserve .quad 0 // SizeOfStackCommit @@ -71,10 +73,7 @@ extra_header_fields: // Section table section_table: - .ascii ".text" - .byte 0 - .byte 0 - .byte 0 // end of 0 padding of section name + .ascii ".text\0\0\0" .long _end - efi_header_end // VirtualSize .long efi_header_end - _head // VirtualAddress .long _edata - efi_header_end // SizeOfRawData @@ -84,7 +83,12 @@ section_table: .long 0 // PointerToLineNumbers .short 0 // NumberOfRelocations .short 0 // NumberOfLineNumbers - .long 0xe0000020 // Characteristics + .long IMAGE_SCN_CNT_CODE | \ + IMAGE_SCN_MEM_EXECUTE | \ + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_WRITE // Characteristics + + .set section_count, (. - section_table) / 40 #ifdef CONFIG_DEBUG_EFI /* @@ -106,7 +110,7 @@ efi_debug_table: .long 0 // TimeDateStamp .short 0 // MajorVersion .short 0 // MinorVersion - .long 2 // Type == EFI_IMAGE_DEBUG_TYPE_CODEVIEW + .long IMAGE_DEBUG_TYPE_CODEVIEW // Type .long efi_debug_entry_size // SizeOfData .long 0 // RVA .long efi_debug_entry - _head // FileOffset From patchwork Wed Feb 8 11:55:41 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93639 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2689313qgi; Wed, 8 Feb 2017 05:44:42 -0800 (PST) X-Received: by 10.98.89.195 with SMTP id k64mr26162043pfj.126.1486561482595; Wed, 08 Feb 2017 05:44:42 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z43si7118737plh.253.2017.02.08.05.44.42; Wed, 08 Feb 2017 05:44:42 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753604AbdBHNom (ORCPT + 2 others); Wed, 8 Feb 2017 08:44:42 -0500 Received: from mail-wm0-f41.google.com ([74.125.82.41]:34904 "EHLO mail-wm0-f41.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752739AbdBHNol (ORCPT ); Wed, 8 Feb 2017 08:44:41 -0500 Received: by mail-wm0-f41.google.com with SMTP id v186so48009120wmd.0 for ; Wed, 08 Feb 2017 05:44:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=T6phON+cw6Yvguzp/2IUEoYgMcUEfBfLYE98/QgxkE8=; b=feYqr/bH147jWz2N4+TfsgH47OZbwr6mxrsFZb315dz4URxOYxh9esuCFBtleZFw8c qk2d+3taREaehE4O6H0gzQYgklaAa14HffQ/B7u2GLn29ikJXpaFteCClZ+vXCApzfLp cMMnqJXmNaQrYH3upSV0aUeKR/J3HB9JlV4Gk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=T6phON+cw6Yvguzp/2IUEoYgMcUEfBfLYE98/QgxkE8=; b=oCjDgSIVOnRK1hagbsEb/GN7f9NbGgMR7mRc/7Z7FLsd5eM6XXMMyGioi9I38iHpNj 2RvqfFGibQVwaUCAuqo/kV8KkJ4kiE1r92lCwv4dxon4yaNsSTGabxR4MfGonNsBy6Yx si5nA4b4iIeGtnxrmzmYrFh+8CQkJY242/92q+EHR2QrM+pwFjFqK2NZDzwyKAuyaQEP TVaOAiX8VjmfZTW3pTU4ZPC2TBxosOW+AOkOx7V6dx+rasnlNxFTwtuoFrYks80pXFL5 05jUaBRzP/3bEo6mjyo1LH9Y7W6WypWDnBX12o4cKQlQI1GW6GaTKnGXqMqYe3Ybmac5 p4Bw== X-Gm-Message-State: AMke39m4kB8hkcQXmEorxYfE8e9guyyMkYTbqW586BMA1GGiJKu4fmkq3QiYnHelIeGiA0yI X-Received: by 10.28.52.19 with SMTP id b19mr18080283wma.134.1486554983540; Wed, 08 Feb 2017 03:56:23 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.21 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:22 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 08/14] arm64: efi: split Image code and data into separate PE/COFF sections Date: Wed, 8 Feb 2017 11:55:41 +0000 Message-Id: <1486554947-3964-9-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org To prevent unintended modifications to the kernel text (malicious or otherwise) while running the EFI stub, describe the kernel image as two separate sections: a .text section with read-execute permissions, covering .text, .rodata and .init.text, and a .data section with read-write permissions, covering .init.data, .data and .bss. This relies on the firmware to actually take the section permission flags into account, but this is something that is currently being implemented in EDK2, which means we will likely start seeing it in the wild between one and two years from now. Signed-off-by: Ard Biesheuvel --- arch/arm64/kernel/efi-header.S | 23 +++++++++++++++----- arch/arm64/kernel/vmlinux.lds.S | 5 +++++ 2 files changed, 23 insertions(+), 5 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm64/kernel/efi-header.S b/arch/arm64/kernel/efi-header.S index 7637226ea9ca..5870bd611498 100644 --- a/arch/arm64/kernel/efi-header.S +++ b/arch/arm64/kernel/efi-header.S @@ -27,8 +27,8 @@ optional_header: .short PE_OPT_MAGIC_PE32PLUS // PE32+ format .byte 0x02 // MajorLinkerVersion .byte 0x14 // MinorLinkerVersion - .long _end - efi_header_end // SizeOfCode - .long 0 // SizeOfInitializedData + .long __pecoff_data_start - efi_header_end // SizeOfCode + .long __pecoff_data_size // SizeOfInitializedData .long 0 // SizeOfUninitializedData .long __efistub_entry - _head // AddressOfEntryPoint .long efi_header_end - _head // BaseOfCode @@ -74,9 +74,9 @@ extra_header_fields: // Section table section_table: .ascii ".text\0\0\0" - .long _end - efi_header_end // VirtualSize + .long __pecoff_data_start - efi_header_end // VirtualSize .long efi_header_end - _head // VirtualAddress - .long _edata - efi_header_end // SizeOfRawData + .long __pecoff_data_start - efi_header_end // SizeOfRawData .long efi_header_end - _head // PointerToRawData .long 0 // PointerToRelocations @@ -84,7 +84,20 @@ section_table: .short 0 // NumberOfRelocations .short 0 // NumberOfLineNumbers .long IMAGE_SCN_CNT_CODE | \ - IMAGE_SCN_MEM_EXECUTE | \ + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_EXECUTE // Characteristics + + .ascii ".data\0\0\0" + .long __pecoff_data_size // VirtualSize + .long __pecoff_data_start - _head // VirtualAddress + .long __pecoff_data_rawsize // SizeOfRawData + .long __pecoff_data_start - _head // PointerToRawData + + .long 0 // PointerToRelocations + .long 0 // PointerToLineNumbers + .short 0 // NumberOfRelocations + .short 0 // NumberOfLineNumbers + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ IMAGE_SCN_MEM_READ | \ IMAGE_SCN_MEM_WRITE // Characteristics diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S index b8deffa9e1bf..a93cc2b6f50b 100644 --- a/arch/arm64/kernel/vmlinux.lds.S +++ b/arch/arm64/kernel/vmlinux.lds.S @@ -149,6 +149,9 @@ SECTIONS ARM_EXIT_KEEP(EXIT_TEXT) } + . = ALIGN(SZ_4K); + __pecoff_data_start = .; + .init.data : { INIT_DATA INIT_SETUP(16) @@ -206,6 +209,7 @@ SECTIONS } PECOFF_EDATA_PADDING + __pecoff_data_rawsize = ABSOLUTE(. - __pecoff_data_start); _edata = .; BSS_SECTION(0, 0, 0) @@ -221,6 +225,7 @@ SECTIONS . += RESERVED_TTBR0_SIZE; #endif + __pecoff_data_size = ABSOLUTE(. - __pecoff_data_start); _end = .; STABS_DEBUG From patchwork Wed Feb 8 11:55:42 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93611 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2648513qgi; Wed, 8 Feb 2017 04:04:29 -0800 (PST) X-Received: by 10.99.152.65 with SMTP id l1mr26955606pgo.28.1486555469136; Wed, 08 Feb 2017 04:04:29 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y1si1704114plb.306.2017.02.08.04.04.29; Wed, 08 Feb 2017 04:04:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754310AbdBHMEY (ORCPT + 2 others); Wed, 8 Feb 2017 07:04:24 -0500 Received: from mail-wr0-f169.google.com ([209.85.128.169]:32932 "EHLO mail-wr0-f169.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753153AbdBHMET (ORCPT ); Wed, 8 Feb 2017 07:04:19 -0500 Received: by mail-wr0-f169.google.com with SMTP id i10so59287292wrb.0 for ; Wed, 08 Feb 2017 04:03:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=h01jl4h5+6rqqV1YOcmGNstoQ+p0VtSbBR0atMg53sw=; b=KbPtpOwoURsZRX0WSI3CkDOkfeus0ptp0SHjlfGSRXizo+S1xAJJIsxD5tdVKTt/tA 6KTf5laCUchkhuPOUF/H6AB12kCbpJOtEjurj1oa8QOcOSGpexmHjaoh89R2sPOPgvmx bniJGBztsnds/CRsIX0ekOdke+TQCBgcAE43c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=h01jl4h5+6rqqV1YOcmGNstoQ+p0VtSbBR0atMg53sw=; b=FtaL9zc9kFTus6+z44r1C2bPN5/tUvYq9onxba4XaZIANhta+L0tzdmELDRncUq4Uf aey+icsa2bQiQiJenU6JHcAI/CG11bDcyttKAoVqNM0bpVflYDwkV+1QyyNFo0lw0d3Z ylWuUiACrTXQ6pxV8LP4EW/D7ikISBvk6WDlkhrXDsoj/aYCFZs6zZXoLTmp6wA9g6xW 9d+J7yejnXXDYUu+GJGl1T8BN0jGLPneDgsMLeWgVJVZ9CX+axpaKcIeBh3lOUlTUTdn Q6ofajmnyjVyMi++ur8x63vi9WHviQNr7CAUqC5HQAGmAMp55qeYz3jd49blDPbDKz8Q lOOg== X-Gm-Message-State: AMke39lOqgTdRvFEGIBKDbAwG5vFABrcgwWGUZAtyMQAcOo+goshlHdF9vDIWaYnZtN7t9f2 X-Received: by 10.223.130.170 with SMTP id 39mr4529784wrc.34.1486554985864; Wed, 08 Feb 2017 03:56:25 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:25 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel , Dave Martin Subject: [PATCH v2 09/14] arm: compressed: put zImage header and EFI header in dedicated section Date: Wed, 8 Feb 2017 11:55:42 +0000 Message-Id: <1486554947-3964-10-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org To align the PE/COFF and the ELF headers of the decompressor binary, put the zImage header and the EFI header in a separate .head.text section, and emit it at the start of the Image. This change is necessary for UEFI based debug tooling to be able to use the vmlinux ELF binary, since it gets confused if the PE/COFF .text section and the ELF .text section live at different offsets. This requires a tweak of the initial jump, because (b)adr does not reach across a section boundary. Other than that, and a few bytes of padding at the beginning of .start, this change does not affect the binary image. Cc: Dave Martin Signed-off-by: Ard Biesheuvel --- arch/arm/boot/compressed/efi-header.S | 2 -- arch/arm/boot/compressed/head.S | 14 +++++++++----- arch/arm/boot/compressed/vmlinux.lds.S | 5 ++++- 3 files changed, 13 insertions(+), 8 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S index 9d5dc4fda3c1..1d26a9d0a9e8 100644 --- a/arch/arm/boot/compressed/efi-header.S +++ b/arch/arm/boot/compressed/efi-header.S @@ -23,8 +23,6 @@ .macro __EFI_HEADER #ifdef CONFIG_EFI_STUB - b __efi_start - .set start_offset, __efi_start - start .org start + 0x3c @ diff --git a/arch/arm/boot/compressed/head.S b/arch/arm/boot/compressed/head.S index fc6d541549a2..42ba2f557791 100644 --- a/arch/arm/boot/compressed/head.S +++ b/arch/arm/boot/compressed/head.S @@ -114,7 +114,7 @@ #endif .endm - .section ".start", #alloc, #execinstr + .section ".head.text", #alloc, #execinstr /* * sort out different calling conventions */ @@ -132,17 +132,21 @@ start: .endr ARM( mov r0, r0 ) ARM( b 1f ) - THUMB( badr r12, 1f ) - THUMB( bx r12 ) +AR_CLASS(THUMB( sub pc, pc, #3 )) @ A/R: switch to Thumb2 mode + M_CLASS( nop.w ) @ M: already in Thumb2 mode + THUMB( .thumb ) + THUMB( b.w 1f ) .word _magic_sig @ Magic numbers to help the loader .word _magic_start @ absolute load/run zImage address .word _magic_end @ zImage end address .word 0x04030201 @ endianness flag - THUMB( .thumb ) -1: __EFI_HEADER + __EFI_HEADER + .section ".start", #alloc, #execinstr + .align +1: ARM_BE8( setend be ) @ go BE8 if compiled for BE8 AR_CLASS( mrs r9, cpsr ) #ifdef CONFIG_ARM_VIRT_EXT diff --git a/arch/arm/boot/compressed/vmlinux.lds.S b/arch/arm/boot/compressed/vmlinux.lds.S index 81c493156ce8..5d50daea466a 100644 --- a/arch/arm/boot/compressed/vmlinux.lds.S +++ b/arch/arm/boot/compressed/vmlinux.lds.S @@ -34,8 +34,11 @@ SECTIONS . = TEXT_START; _text = .; - .text : { + .head.text : { _start = .; + *(.head.text) + } + .text : { *(.start) *(.text) *(.text.*) From patchwork Wed Feb 8 11:55:43 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93640 Delivered-To: patch@linaro.org Received: by 10.182.3.34 with SMTP id 2csp2758673obz; Wed, 8 Feb 2017 06:31:17 -0800 (PST) X-Received: by 10.84.169.36 with SMTP id g33mr34087213plb.36.1486564277872; Wed, 08 Feb 2017 06:31:17 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id j5si7182908pgh.413.2017.02.08.06.31.17; Wed, 08 Feb 2017 06:31:17 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753307AbdBHOa6 (ORCPT + 2 others); Wed, 8 Feb 2017 09:30:58 -0500 Received: from mail-wr0-f175.google.com ([209.85.128.175]:36128 "EHLO mail-wr0-f175.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753874AbdBHOaz (ORCPT ); Wed, 8 Feb 2017 09:30:55 -0500 Received: by mail-wr0-f175.google.com with SMTP id k90so61401430wrc.3 for ; Wed, 08 Feb 2017 06:30:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YGQ8pGFuCiQ1MOjA0xOzoU+jiIxrYtxdloFfQce6ROI=; b=hyoxiKrNgsH2/BeSIVzUnZ35kMynNE5SffzMgdvE1Idu+5utKvZ4V0Auq7PHv5yT7i dGVQHMTZOvnzi7k3b7xW9/xXMXPL+VguzKIy4ifULG3V6UGkordfJTXVQKWYzkSMHaLF gjyacRh6LWAf8Tx5f1q7mUHJA79tZgj1NW5TU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YGQ8pGFuCiQ1MOjA0xOzoU+jiIxrYtxdloFfQce6ROI=; b=NcaVO+67DNY6Mjf6FsaQGgr3iO1mUrDDiP4YfhDgFA3qNsHDuoEYELemeCzm8LPoOh 0MpDP8dI4Mq88W72cQ0fV+uqtCtWdDHMNtv/X27FgIm1iiK+ZghBdYWhytj1NzxR2q4Q KosmxUXVmJb47Tt/VvZoDgyZ1zub0ufQL1+q3RQA+AMSIGy/Fq5unbupQnO1RpQsqu63 nePFQhFoI/9a/UTC+ondt/ppTggq7K+Gjc+lr7yHU/adq2l/2won8UCGCE3DBDHCnJ3z wnX+NcOJP2RLXa31du/ATvpYWuT8QQArZA8iP5ExNpUK2hg63J6KeGa/LmOSn+UCBxM8 Rj7g== X-Gm-Message-State: AIkVDXJgRUVxxNqou2zHbcX3uq4/uilx3j7Dy+SkrEp4mrokB077itrGvhxlj7o2ZwR1yN7x X-Received: by 10.223.169.112 with SMTP id u103mr18389675wrc.166.1486554988732; Wed, 08 Feb 2017 03:56:28 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.26 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:28 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 10/14] arm: efi: remove forbidden values from the PE/COFF header Date: Wed, 8 Feb 2017 11:55:43 +0000 Message-Id: <1486554947-3964-11-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Bring the PE/COFF header in line with the PE/COFF spec, by setting NumberOfSymbols to 0, and removing the section alignment flags. Signed-off-by: Ard Biesheuvel --- arch/arm/boot/compressed/efi-header.S | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S index 1d26a9d0a9e8..50eff3bbc57c 100644 --- a/arch/arm/boot/compressed/efi-header.S +++ b/arch/arm/boot/compressed/efi-header.S @@ -43,7 +43,7 @@ coff_header: .short 2 @ nr_sections .long 0 @ TimeDateStamp .long 0 @ PointerToSymbolTable - .long 1 @ NumberOfSymbols + .long 0 @ NumberOfSymbols .short section_table - optional_header @ SizeOfOptionalHeader .short 0x306 @ Characteristics. @@ -109,7 +109,7 @@ section_table: .long 0 @ PointerToLineNumbers .short 0 @ NumberOfRelocations .short 0 @ NumberOfLineNumbers - .long 0x42100040 @ Characteristics + .long 0x42000040 @ Characteristics .ascii ".text\0\0\0" .long _end - __efi_start @ VirtualSize @@ -120,7 +120,7 @@ section_table: .long 0 @ PointerToLineNumbers .short 0 @ NumberOfRelocations .short 0 @ NumberOfLineNumbers - .long 0xe0500020 @ Characteristics + .long 0xe0000020 @ Characteristics .align 9 __efi_start: From patchwork Wed Feb 8 11:55:44 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93617 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2648892qgi; Wed, 8 Feb 2017 04:05:19 -0800 (PST) X-Received: by 10.98.223.66 with SMTP id u63mr25715072pfg.39.1486555519045; Wed, 08 Feb 2017 04:05:19 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 72si6933694pfj.150.2017.02.08.04.05.18; Wed, 08 Feb 2017 04:05:19 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932099AbdBHMFG (ORCPT + 2 others); Wed, 8 Feb 2017 07:05:06 -0500 Received: from mail-wm0-f52.google.com ([74.125.82.52]:36405 "EHLO mail-wm0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932096AbdBHMEw (ORCPT ); Wed, 8 Feb 2017 07:04:52 -0500 Received: by mail-wm0-f52.google.com with SMTP id c85so194513255wmi.1 for ; Wed, 08 Feb 2017 04:04:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=B9AA5JhlhklbDBxypnaXasxNRovST2QF7QshWwi2npA=; b=R1Ax7ARTHMu2XeV0BQJW75IGdZ3Kpi2HG/g7VVJBix+AqAKZWSlHf2arwyriw6TtdV soDwba/3+SCcenE0OLFMYt/xveLO1i/HytFnj+LiFUJIokzdylQtC/17H2v2rndj2rXl nzukSg+Dl3uLzDFrp+HlcWMga9F16nMghkp+A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=B9AA5JhlhklbDBxypnaXasxNRovST2QF7QshWwi2npA=; b=EUoC+LUeVb0jUBCCclEtu2Ghcc/g9iHcqLX/sg7f9ucO/y/LEe7hECX0L00md+J0v0 HmNLAOhMfrAQE6k+MonpLBzUfQRjGt/oLTE2uefseWtb2O1pJCDWwrHifvcLAWwiSV1w oQqzSH2e09GqplbjSlIqat8SFsx0piHRisSobtz0lbP4YkEicsE/rEUCUzndHA1z5S9s 8DBSsn81XGQjG4wgFNKBwqGiohr/8UCxt6BVoggqyGKooBJKw0VcqQEbOsbF0PERqPo5 tJVeOCTNRGW+k8Pk8hRZc+FjuHS3Z5uGEidLD4QJ1H2bX0k+OpbGO7A345B98KXJskrS Cm8Q== X-Gm-Message-State: AMke39nuC8OTEu2Q/Jpg6jsyM3igvUTK1yRLB4pvdE5159zoiNwUUAxUF8k5S+PSNwWejxOP X-Received: by 10.28.207.70 with SMTP id f67mr16564500wmg.72.1486554991195; Wed, 08 Feb 2017 03:56:31 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:30 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 11/14] arm: efi: remove pointless dummy .reloc section Date: Wed, 8 Feb 2017 11:55:44 +0000 Message-Id: <1486554947-3964-12-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org The kernel's EFI PE/COFF header contains a dummy .reloc section, and an explanatory comment that claims that this is required for the EFI application loader to accept the Image as a relocatable image (i.e., one that can be loaded at any offset and fixed up in place) This was inherited from the x86 implementation, which has elaborate host tooling to mangle the PE/COFF header post-link time, and which populates the .reloc section with a single dummy base relocation. On ARM, no such tooling exists, and the .reloc section remains empty, and is never even exposed via the BaseRelocationTable directory entry, which is where the PE/COFF loader looks for it. The PE/COFF spec is unclear about relocatable images that do not require any fixups, but the EDK2 implementation, which is the de facto reference for PE/COFF in the UEFI space, clearly does not care, and explicitly mentions (in a comment) that relocatable images with no base relocations are perfectly fine, as long as they don't have the RELOCS_STRIPPED attribute set (which is not the case for our PE/COFF image) So simply remove the .reloc section altogether. Signed-off-by: Ard Biesheuvel --- arch/arm/boot/compressed/efi-header.S | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S index 50eff3bbc57c..5873fc2b5f9a 100644 --- a/arch/arm/boot/compressed/efi-header.S +++ b/arch/arm/boot/compressed/efi-header.S @@ -40,7 +40,7 @@ pe_header: coff_header: .short 0x01c2 @ ARM or Thumb - .short 2 @ nr_sections + .short 1 @ nr_sections .long 0 @ TimeDateStamp .long 0 @ PointerToSymbolTable .long 0 @ NumberOfSymbols @@ -95,22 +95,6 @@ extra_header_fields: .quad 0 @ BaseRelocationTable section_table: - @ - @ The EFI application loader requires a relocation section - @ because EFI applications must be relocatable. This is a - @ dummy section as far as we are concerned. - @ - .ascii ".reloc\0\0" - .long 0 @ VirtualSize - .long 0 @ VirtualAddress - .long 0 @ SizeOfRawData - .long 0 @ PointerToRawData - .long 0 @ PointerToRelocations - .long 0 @ PointerToLineNumbers - .short 0 @ NumberOfRelocations - .short 0 @ NumberOfLineNumbers - .long 0x42000040 @ Characteristics - .ascii ".text\0\0\0" .long _end - __efi_start @ VirtualSize .long __efi_start @ VirtualAddress From patchwork Wed Feb 8 11:55:45 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93637 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2667546qgi; Wed, 8 Feb 2017 04:54:20 -0800 (PST) X-Received: by 10.98.194.153 with SMTP id w25mr25867367pfk.181.1486558460877; Wed, 08 Feb 2017 04:54:20 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 3si7028819pfx.154.2017.02.08.04.54.20; Wed, 08 Feb 2017 04:54:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932980AbdBHMyT (ORCPT + 2 others); Wed, 8 Feb 2017 07:54:19 -0500 Received: from mail-wm0-f42.google.com ([74.125.82.42]:35097 "EHLO mail-wm0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932289AbdBHMyP (ORCPT ); Wed, 8 Feb 2017 07:54:15 -0500 Received: by mail-wm0-f42.google.com with SMTP id v186so46283169wmd.0 for ; Wed, 08 Feb 2017 04:54:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=O4a31PiV4l+lOaDh3Cb4db1hJfkvu2+bLljW8bJG+3U=; b=WJQ5h39jnrLHCln3hNWdNdgDYGwNON+9FbHbpofKlcAsvLRdP8YJMYd4fQ79ByJbED pYJ0pxQVCe2aNdbUp5OE51JUlELt1ZbmXSVB5bLfXBgb7TKjvmjiwhoBJyJB/3nJIMgk gIUPmSRqVxEZlnqxs0N6C1JXC+uMcnB098/q4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=O4a31PiV4l+lOaDh3Cb4db1hJfkvu2+bLljW8bJG+3U=; b=kpNpoTW6eJQuXNAk3TTRYT8PqR8uEAV7Xhyq7thImRM+jxEpVanf3ijWGvff/mDMhL TR6Vlu9zv1DgCCd3fre7vsuECycmKHlnCL+up2ueVUWB1sivkb+U5K72/ujfr3O0QH1T QbiNx5U0zKA3h3p0WQ9qV2hJankKP8/b2/wvC2vCVk4OLGtYU49wD8RjeSEdp/YUc3KI rnHL6Ilu67Ht3XZUNHjEfBxlcHp0ChVKR9dFG9nfMj+83zRMSZKBAk1i1+i0tn1EFLu8 avaR7eUxj1AEbWRdYfRLfZ3hbCWszebNvtXPMJBBPDt5KSbwlzDvZsbLP0o1BkQj+qn7 0qkw== X-Gm-Message-State: AMke39lnkGu0aEBq5PSSP8II5y3U3GAbq77Qkd30j9ldevxyl8FGPKvkhk1vBLQQ6cWug0is X-Received: by 10.28.52.19 with SMTP id b19mr18080934wma.134.1486554993862; Wed, 08 Feb 2017 03:56:33 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:33 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 12/14] arm: efi: replace open coded constants with symbolic ones Date: Wed, 8 Feb 2017 11:55:45 +0000 Message-Id: <1486554947-3964-13-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org Replace the various open coded constants in the EFI PE/COFF header with definitions from pe.h, or expressions based on local symbols. Note that this patch also changes the indentation to make room for the symbolic constant names. Signed-off-by: Ard Biesheuvel --- arch/arm/boot/compressed/efi-header.S | 172 ++++++++++---------- 1 file changed, 89 insertions(+), 83 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S index 5873fc2b5f9a..7ff2b2f05e4c 100644 --- a/arch/arm/boot/compressed/efi-header.S +++ b/arch/arm/boot/compressed/efi-header.S @@ -1,5 +1,5 @@ /* - * Copyright (C) 2013-2015 Linaro Ltd + * Copyright (C) 2013-2017 Linaro Ltd * Authors: Roy Franz * Ard Biesheuvel * @@ -8,105 +8,111 @@ * published by the Free Software Foundation. */ - .macro __nop +#include +#include + + .macro __nop #ifdef CONFIG_EFI_STUB - @ This is almost but not quite a NOP, since it does clobber the - @ condition flags. But it is the best we can do for EFI, since - @ PE/COFF expects the magic string "MZ" at offset 0, while the - @ ARM/Linux boot protocol expects an executable instruction - @ there. - .inst 'M' | ('Z' << 8) | (0x1310 << 16) @ tstne r0, #0x4d000 + @ This is almost but not quite a NOP, since it does clobber the + @ condition flags. But it is the best we can do for EFI, since + @ PE/COFF expects the magic string "MZ" at offset 0, while the + @ ARM/Linux boot protocol expects an executable instruction + @ there. + .inst MZ_MAGIC | (0x1310 << 16) @ tstne r0, #0x4d000 #else - mov r0, r0 + mov r0, r0 #endif - .endm + .endm - .macro __EFI_HEADER + .macro __EFI_HEADER #ifdef CONFIG_EFI_STUB - .set start_offset, __efi_start - start - .org start + 0x3c - @ - @ The PE header can be anywhere in the file, but for - @ simplicity we keep it together with the MSDOS header - @ The offset to the PE/COFF header needs to be at offset - @ 0x3C in the MSDOS header. - @ The only 2 fields of the MSDOS header that are used are this - @ PE/COFF offset, and the "MZ" bytes at offset 0x0. - @ - .long pe_header - start @ Offset to the PE header. + .set start_offset, __efi_start - start + .org start + 0x3c + @ + @ The PE header can be anywhere in the file, but for + @ simplicity we keep it together with the MSDOS header + @ The offset to the PE/COFF header needs to be at offset + @ 0x3C in the MSDOS header. + @ The only 2 fields of the MSDOS header that are used are this + @ PE/COFF offset, and the "MZ" bytes at offset 0x0. + @ + .long pe_header - start @ Offset to the PE header. pe_header: - .ascii "PE\0\0" + .long PE_MAGIC coff_header: - .short 0x01c2 @ ARM or Thumb - .short 1 @ nr_sections - .long 0 @ TimeDateStamp - .long 0 @ PointerToSymbolTable - .long 0 @ NumberOfSymbols - .short section_table - optional_header - @ SizeOfOptionalHeader - .short 0x306 @ Characteristics. - @ IMAGE_FILE_32BIT_MACHINE | - @ IMAGE_FILE_DEBUG_STRIPPED | - @ IMAGE_FILE_EXECUTABLE_IMAGE | - @ IMAGE_FILE_LINE_NUMS_STRIPPED + .short IMAGE_FILE_MACHINE_THUMB @ Machine + .short section_count @ NumberOfSections + .long 0 @ TimeDateStamp + .long 0 @ PointerToSymbolTable + .long 0 @ NumberOfSymbols + .short section_table - optional_header @ SizeOfOptionalHeader + .short IMAGE_FILE_32BIT_MACHINE | \ + IMAGE_FILE_DEBUG_STRIPPED | \ + IMAGE_FILE_EXECUTABLE_IMAGE | \ + IMAGE_FILE_LINE_NUMS_STRIPPED @ Characteristics optional_header: - .short 0x10b @ PE32 format - .byte 0x02 @ MajorLinkerVersion - .byte 0x14 @ MinorLinkerVersion - .long _end - __efi_start @ SizeOfCode - .long 0 @ SizeOfInitializedData - .long 0 @ SizeOfUninitializedData - .long efi_stub_entry - start @ AddressOfEntryPoint - .long start_offset @ BaseOfCode - .long 0 @ data + .short PE_OPT_MAGIC_PE32 @ PE32 format + .byte 0x02 @ MajorLinkerVersion + .byte 0x14 @ MinorLinkerVersion + .long _end - __efi_start @ SizeOfCode + .long 0 @ SizeOfInitializedData + .long 0 @ SizeOfUninitializedData + .long efi_stub_entry - start @ AddressOfEntryPoint + .long start_offset @ BaseOfCode + .long 0 @ BaseOfData extra_header_fields: - .long 0 @ ImageBase - .long 0x200 @ SectionAlignment - .long 0x200 @ FileAlignment - .short 0 @ MajorOperatingSystemVersion - .short 0 @ MinorOperatingSystemVersion - .short 0 @ MajorImageVersion - .short 0 @ MinorImageVersion - .short 0 @ MajorSubsystemVersion - .short 0 @ MinorSubsystemVersion - .long 0 @ Win32VersionValue + .long 0 @ ImageBase + .long SZ_512 @ SectionAlignment + .long SZ_512 @ FileAlignment + .short 0 @ MajorOsVersion + .short 0 @ MinorOsVersion + .short 0 @ MajorImageVersion + .short 0 @ MinorImageVersion + .short 0 @ MajorSubsystemVersion + .short 0 @ MinorSubsystemVersion + .long 0 @ Win32VersionValue - .long _end - start @ SizeOfImage - .long start_offset @ SizeOfHeaders - .long 0 @ CheckSum - .short 0xa @ Subsystem (EFI application) - .short 0 @ DllCharacteristics - .long 0 @ SizeOfStackReserve - .long 0 @ SizeOfStackCommit - .long 0 @ SizeOfHeapReserve - .long 0 @ SizeOfHeapCommit - .long 0 @ LoaderFlags - .long 0x6 @ NumberOfRvaAndSizes + .long _end - start @ SizeOfImage + .long start_offset @ SizeOfHeaders + .long 0 @ CheckSum + .short IMAGE_SUBSYSTEM_EFI_APPLICATION @ Subsystem + .short 0 @ DllCharacteristics + .long 0 @ SizeOfStackReserve + .long 0 @ SizeOfStackCommit + .long 0 @ SizeOfHeapReserve + .long 0 @ SizeOfHeapCommit + .long 0 @ LoaderFlags + .long (section_table - .) / 8 @ NumberOfRvaAndSizes - .quad 0 @ ExportTable - .quad 0 @ ImportTable - .quad 0 @ ResourceTable - .quad 0 @ ExceptionTable - .quad 0 @ CertificationTable - .quad 0 @ BaseRelocationTable + .quad 0 @ ExportTable + .quad 0 @ ImportTable + .quad 0 @ ResourceTable + .quad 0 @ ExceptionTable + .quad 0 @ CertificationTable + .quad 0 @ BaseRelocationTable section_table: - .ascii ".text\0\0\0" - .long _end - __efi_start @ VirtualSize - .long __efi_start @ VirtualAddress - .long _edata - __efi_start @ SizeOfRawData - .long __efi_start @ PointerToRawData - .long 0 @ PointerToRelocations - .long 0 @ PointerToLineNumbers - .short 0 @ NumberOfRelocations - .short 0 @ NumberOfLineNumbers - .long 0xe0000020 @ Characteristics + .ascii ".text\0\0\0" + .long _end - __efi_start @ VirtualSize + .long __efi_start @ VirtualAddress + .long _edata - __efi_start @ SizeOfRawData + .long __efi_start @ PointerToRawData + .long 0 @ PointerToRelocations + .long 0 @ PointerToLineNumbers + .short 0 @ NumberOfRelocations + .short 0 @ NumberOfLineNumbers + .long IMAGE_SCN_CNT_CODE | \ + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_WRITE | \ + IMAGE_SCN_MEM_EXECUTE @ Characteristics + + .set section_count, (. - section_table) / 40 - .align 9 + .align 9 __efi_start: #endif - .endm + .endm From patchwork Wed Feb 8 11:55:46 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93612 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2648515qgi; Wed, 8 Feb 2017 04:04:29 -0800 (PST) X-Received: by 10.99.23.102 with SMTP id 38mr26870892pgx.188.1486555469302; Wed, 08 Feb 2017 04:04:29 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y1si1704114plb.306.2017.02.08.04.04.29; Wed, 08 Feb 2017 04:04:29 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754219AbdBHME1 (ORCPT + 2 others); Wed, 8 Feb 2017 07:04:27 -0500 Received: from mail-wr0-f176.google.com ([209.85.128.176]:33914 "EHLO mail-wr0-f176.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752269AbdBHMET (ORCPT ); Wed, 8 Feb 2017 07:04:19 -0500 Received: by mail-wr0-f176.google.com with SMTP id o16so59312430wra.1 for ; Wed, 08 Feb 2017 04:03:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=AmWke3QCy8R2HAHcrbeTaglGs1JjF0pp5ukWE9LJKlE=; b=j5sRaSUQzL5F/84lQWrUJ34KCBVAKNjnLR/xyfqPdCv0mXjhl5jniomsSk+7zR649Y vP0562xhcTBnsfR/IgxnmcHU5gIh1nG00hY4LogAt+k0SUo9Re6DXj2ca5xnSHD4sMWn eBWZm19/36phLAMITf09P0/TCvD3YTwpRuens= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=AmWke3QCy8R2HAHcrbeTaglGs1JjF0pp5ukWE9LJKlE=; b=iZOukdPSTyrblDzYGCzXjFqzxl+QaVQSUMKW4QWL7DuG/eZZBrR1rOTinaHzOMruqf bwOVPUMl9LbChIP3j5F9yx6j2LtL1L/kPxVWwt0BCQMTZSPHkP51OC8+kbsX/ErIG7YH ddylJNRaeNwOUZcgrGJppi/QW5X1fxFb7DF6GMiX4Xt1WYeZHLvZGPO1+Yis/YLpfKkG /KXJBD2PzaN2KU2nhHkht2f/q5/+oXPE9m83KClXJQhOpqzTso0J7DHCY+slttl6+GOC lb2zlM33zR3+Hc7EkHPDa3vHYgMeP1ivAOteBhBAOBQ+oSBqFz0x0pPcgqLNqD25MSHs tobQ== X-Gm-Message-State: AIkVDXJOavcGc7wvQPJdEynajq8AaArIamJE+fZUQ0QK9CMQzlB81y5xR4YWCJD6jdK/Jptj X-Received: by 10.223.133.131 with SMTP id 3mr18744340wrt.161.1486554996812; Wed, 08 Feb 2017 03:56:36 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:36 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 13/14] arm: efi: split zImage code and data into separate PE/COFF sections Date: Wed, 8 Feb 2017 11:55:46 +0000 Message-Id: <1486554947-3964-14-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org To prevent unintended modifications to the kernel text (malicious or otherwise) while running the EFI stub, describe the kernel image as two separate sections: a .text section with read-execute permissions, covering .text, .rodata, .piggytext and the GOT sections (which the stub does not care about anyway), and a .data section with read-write permissions, covering .data and .bss. This relies on the firmware to actually take the section permission flags into account, but this is something that is currently being implemented in EDK2, which means we will likely start seeing it in the wild between one and two years from now. Signed-off-by: Ard Biesheuvel --- arch/arm/boot/compressed/efi-header.S | 30 ++++++++++++++------ arch/arm/boot/compressed/vmlinux.lds.S | 27 +++++++++++++----- 2 files changed, 41 insertions(+), 16 deletions(-) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S index 7ff2b2f05e4c..3cf09f7efced 100644 --- a/arch/arm/boot/compressed/efi-header.S +++ b/arch/arm/boot/compressed/efi-header.S @@ -57,16 +57,16 @@ optional_header: .short PE_OPT_MAGIC_PE32 @ PE32 format .byte 0x02 @ MajorLinkerVersion .byte 0x14 @ MinorLinkerVersion - .long _end - __efi_start @ SizeOfCode - .long 0 @ SizeOfInitializedData + .long __pecoff_data_start - __efi_start @ SizeOfCode + .long __pecoff_data_size @ SizeOfInitializedData .long 0 @ SizeOfUninitializedData .long efi_stub_entry - start @ AddressOfEntryPoint .long start_offset @ BaseOfCode - .long 0 @ BaseOfData + .long __pecoff_data_start - start @ BaseOfData extra_header_fields: .long 0 @ ImageBase - .long SZ_512 @ SectionAlignment + .long SZ_4K @ SectionAlignment .long SZ_512 @ FileAlignment .short 0 @ MajorOsVersion .short 0 @ MinorOsVersion @@ -76,7 +76,7 @@ extra_header_fields: .short 0 @ MinorSubsystemVersion .long 0 @ Win32VersionValue - .long _end - start @ SizeOfImage + .long __pecoff_end - start @ SizeOfImage .long start_offset @ SizeOfHeaders .long 0 @ CheckSum .short IMAGE_SUBSYSTEM_EFI_APPLICATION @ Subsystem @@ -97,9 +97,9 @@ extra_header_fields: section_table: .ascii ".text\0\0\0" - .long _end - __efi_start @ VirtualSize + .long __pecoff_data_start - __efi_start @ VirtualSize .long __efi_start @ VirtualAddress - .long _edata - __efi_start @ SizeOfRawData + .long __pecoff_data_start - __efi_start @ SizeOfRawData .long __efi_start @ PointerToRawData .long 0 @ PointerToRelocations .long 0 @ PointerToLineNumbers @@ -107,12 +107,24 @@ section_table: .short 0 @ NumberOfLineNumbers .long IMAGE_SCN_CNT_CODE | \ IMAGE_SCN_MEM_READ | \ - IMAGE_SCN_MEM_WRITE | \ IMAGE_SCN_MEM_EXECUTE @ Characteristics + .ascii ".data\0\0\0" + .long __pecoff_data_size @ VirtualSize + .long __pecoff_data_start - start @ VirtualAddress + .long __pecoff_data_rawsize @ SizeOfRawData + .long __pecoff_data_start - start @ PointerToRawData + .long 0 @ PointerToRelocations + .long 0 @ PointerToLineNumbers + .short 0 @ NumberOfRelocations + .short 0 @ NumberOfLineNumbers + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \ + IMAGE_SCN_MEM_READ | \ + IMAGE_SCN_MEM_WRITE @ Characteristics + .set section_count, (. - section_table) / 40 - .align 9 + .align 12 __efi_start: #endif .endm diff --git a/arch/arm/boot/compressed/vmlinux.lds.S b/arch/arm/boot/compressed/vmlinux.lds.S index 5d50daea466a..144e2f408292 100644 --- a/arch/arm/boot/compressed/vmlinux.lds.S +++ b/arch/arm/boot/compressed/vmlinux.lds.S @@ -51,13 +51,6 @@ SECTIONS *(.rodata) *(.rodata.*) } - .data : { - /* - * The EFI stub always executes from RAM, and runs strictly before the - * decompressor, so we can make an exception for its r/w data, and keep it - */ - *(.data.efistub) - } .piggydata : { *(.piggydata) } @@ -73,6 +66,23 @@ SECTIONS /* ensure the zImage file size is always a multiple of 64 bits */ /* (without a dummy byte, ld just ignores the empty section) */ .pad : { BYTE(0); . = ALIGN(8); } + +#ifdef CONFIG_EFI_STUB + .data : ALIGN(4096) { + __pecoff_data_start = .; + /* + * The EFI stub always executes from RAM, and runs strictly before the + * decompressor, so we can make an exception for its r/w data, and keep it + */ + *(.data.efistub) + __pecoff_data_end = .; + + . = ALIGN(512); + } + __pecoff_data_rawsize = . - ADDR(.data); + . = __pecoff_data_end; +#endif + _edata = .; _magic_sig = ZIMAGE_MAGIC(0x016f2818); @@ -87,6 +97,9 @@ SECTIONS . = ALIGN(8); /* the stack must be 64-bit aligned */ .stack : { *(.stack) } + PROVIDE(__pecoff_data_size = ALIGN(512) - ADDR(.data)); + PROVIDE(__pecoff_end = ALIGN(512)); + .stab 0 : { *(.stab) } .stabstr 0 : { *(.stabstr) } .stab.excl 0 : { *(.stab.excl) } From patchwork Wed Feb 8 11:55:47 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 93614 Delivered-To: patch@linaro.org Received: by 10.140.20.99 with SMTP id 90csp2648639qgi; Wed, 8 Feb 2017 04:04:46 -0800 (PST) X-Received: by 10.99.174.71 with SMTP id e7mr26864626pgp.3.1486555486223; Wed, 08 Feb 2017 04:04:46 -0800 (PST) Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z126si6908390pfz.272.2017.02.08.04.04.46; Wed, 08 Feb 2017 04:04:46 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org; spf=pass (google.com: best guess record for domain of linux-efi-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-efi-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932093AbdBHMEj (ORCPT + 2 others); Wed, 8 Feb 2017 07:04:39 -0500 Received: from mail-wm0-f50.google.com ([74.125.82.50]:33894 "EHLO mail-wm0-f50.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753651AbdBHMEh (ORCPT ); Wed, 8 Feb 2017 07:04:37 -0500 Received: by mail-wm0-f50.google.com with SMTP id 196so49852034wmm.1 for ; Wed, 08 Feb 2017 04:04:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=VcjIRD+xVA6HQExNHmIkYbEp2LMFJF8VPZKdYKkEofA=; b=fWMO7WvosqT24PcdLfCxVkzEDSvcbPfNdJ3tIZ/0nyFPr/X87UPzzxY2nh4MbKkt7D /sYvZpGRGGN8fVEpnyf4xSPL/5FkCaonqTyUDqKV5Hre4zGdf8DgxnrQ4IuTZSjrzTzT 5q5+BC8ApF5B3rIuGoflyhVjw/s2k0beU7lhw= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=VcjIRD+xVA6HQExNHmIkYbEp2LMFJF8VPZKdYKkEofA=; b=Yk0JOVcnrFEmUFdy+RhocdZCzwD6Rzm1hXXKjbNi+1Efk0ViWQxCFIehvkaRiwJF1u dhujYH0QxwjlzxBP/BV2F2A3A72xwD/ReHPdvmy8eIo8c/l/SYRXquhND/JfZuxWM6Y6 t20a5l16qgzaKRw0AGKgRyqEsUUxesCW3eDpKci4+5jWZvk5PFgVbXS3tawsJfpbc6b6 7Y9lSsVd01l+qH+oxb74+yl/cLUWD/xNzWvgu/Zunnptghq3m6R+pJsKAror+neyUyPR ojPcbQhHSM+ex/M8TIWtpxgGGbwnDAfW5Kyj0pb3u+p0eLAAyrORdXSgrPe6cFiEeuQ3 lOuA== X-Gm-Message-State: AMke39nPFKV2uINqEPYvn4FN9P1ifOVrMIh2xp4JS4jIpI/l5NhQSmJfHENZyBpD/2q/yeP/ X-Received: by 10.28.1.216 with SMTP id 207mr18541148wmb.7.1486554999749; Wed, 08 Feb 2017 03:56:39 -0800 (PST) Received: from localhost.localdomain ([160.169.163.122]) by smtp.gmail.com with ESMTPSA id 123sm2974815wml.6.2017.02.08.03.56.36 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 08 Feb 2017 03:56:39 -0800 (PST) From: Ard Biesheuvel To: linux-efi@vger.kernel.org, linux-arm-kernel@lists.infradead.org, mark.rutland@arm.com, leif.lindholm@linaro.org Cc: catalin.marinas@arm.com, linux@armlinux.org.uk, kernel-hardening@lists.openwall.com, labbott@fedoraproject.org, Ard Biesheuvel Subject: [PATCH v2 14/14] arm: efi: add PE/COFF debug table to EFI header Date: Wed, 8 Feb 2017 11:55:47 +0000 Message-Id: <1486554947-3964-15-git-send-email-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> References: <1486554947-3964-1-git-send-email-ard.biesheuvel@linaro.org> Sender: linux-efi-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-efi@vger.kernel.org This updates the PE/COFF header to emit the absolute path to the decompressor vmlinux ELF file into a so-called NB10 Codeview entry. This is hugely helpful when debugging the firmware->stub handover. Signed-off-by: Ard Biesheuvel --- arch/arm/boot/compressed/Makefile | 4 ++ arch/arm/boot/compressed/efi-header.S | 45 ++++++++++++++++++++ 2 files changed, 49 insertions(+) -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/arch/arm/boot/compressed/Makefile b/arch/arm/boot/compressed/Makefile index d50430c40045..6b978bdbac3e 100644 --- a/arch/arm/boot/compressed/Makefile +++ b/arch/arm/boot/compressed/Makefile @@ -196,3 +196,7 @@ AFLAGS_hyp-stub.o := -Wa,-march=armv7-a $(obj)/hyp-stub.S: $(srctree)/arch/$(SRCARCH)/kernel/hyp-stub.S $(call cmd,shipped) + +ifeq ($(CONFIG_EFI)$(CONFIG_DEBUG_INFO),yy) +AFLAGS_head.o += -DVMLINUX_PATH="\"$(realpath $(obj)/vmlinux)\"" +endif diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S index 3cf09f7efced..dff3c72c7c5a 100644 --- a/arch/arm/boot/compressed/efi-header.S +++ b/arch/arm/boot/compressed/efi-header.S @@ -95,6 +95,11 @@ extra_header_fields: .quad 0 @ CertificationTable .quad 0 @ BaseRelocationTable +#ifdef CONFIG_DEBUG_INFO + .long efi_debug_table - start @ DebugTable + .long efi_debug_table_size +#endif + section_table: .ascii ".text\0\0\0" .long __pecoff_data_start - __efi_start @ VirtualSize @@ -124,6 +129,46 @@ section_table: .set section_count, (. - section_table) / 40 +#ifdef CONFIG_DEBUG_INFO + /* + * The debug table is referenced via its Relative Virtual Address (RVA), + * which is only defined for those parts of the image that are covered + * by a section declaration. Since this header is not covered by any + * section, the debug table must be emitted elsewhere. So stick it in + * the .init.rodata section instead. + * + * Note that the EFI debug entry itself may legally have a zero RVA, + * which means we can simply put it right after the section headers. + */ + .section ".rodata", #alloc + + .align 2 +efi_debug_table: + // EFI_IMAGE_DEBUG_DIRECTORY_ENTRY + .long 0 @ Characteristics + .long 0 @ TimeDateStamp + .short 0 @ MajorVersion + .short 0 @ MinorVersion + .long IMAGE_DEBUG_TYPE_CODEVIEW @ Type + .long efi_debug_entry_size @ SizeOfData + .long 0 @ RVA + .long efi_debug_entry - start @ FileOffset + + .set efi_debug_table_size, . - efi_debug_table + .previous + +efi_debug_entry: + // EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY + .ascii "NB10" @ Signature + .long 0 @ Unknown + .long 0 @ Unknown2 + .long 0 @ Unknown3 + + .asciz VMLINUX_PATH + + .set efi_debug_entry_size, . - efi_debug_entry +#endif + .align 12 __efi_start: #endif