diff options
| author | Heinrich Schuchardt <heinrich.schuchardt@canonical.com> | 2024-02-14 21:43:21 +0100 |
|---|---|---|
| committer | Heinrich Schuchardt <heinrich.schuchardt@canonical.com> | 2024-02-28 14:37:46 +0100 |
| commit | c9f368b597a02f9919cb0c1c03e6b231129e9262 (patch) | |
| tree | decb64beeaa7b3ffe7e2bb399d916f5bfa4e3767 | |
| parent | d49fa3defa50c6d3f04acbb52fd486c13c14ab6a (diff) | |
| download | u-boot-c9f368b597a02f9919cb0c1c03e6b231129e9262.zip u-boot-c9f368b597a02f9919cb0c1c03e6b231129e9262.tar.gz u-boot-c9f368b597a02f9919cb0c1c03e6b231129e9262.tar.bz2 | |
efi_loader: set IMAGE_DLLCHARACTERISTICS_NX_COMPAT
The IMAGE_DLLCHARACTERISTICS_NX_COMPAT flag marks an EFI binary where
the following conditions are met [1]:
* Executable and writable sections are separated.
* The application does not run self-modifying code.
* The application uses the EFI_MEMORY_ATTRIBUTE_PROTOCOL when loading
executable code.
* The application does not assume that all memory ranges are usable.
* The stack is not expected to be executable.
The only EFI binaries U-Boot provides that do not fulfill these
requirements are the EFI app and the EFI payload.
Once we have implemented separation of writable and executable memory in
U-Boot we can use the IMAGE_DLLCHARACTERISTICS_NX_COMPAT flag to decide
if we will load an EFI binary.
[1] New UEFI CA memory mitigation requirements for signing
https://techcommunity.microsoft.com/t5/hardware-dev-center/new-uefi-ca-memory-mitigation-requirements-for-signing/ba-p/3608714
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
| -rw-r--r-- | arch/arm/lib/crt0_aarch64_efi.S | 4 | ||||
| -rw-r--r-- | arch/arm/lib/crt0_arm_efi.S | 4 | ||||
| -rw-r--r-- | arch/riscv/lib/crt0_riscv_efi.S | 4 | ||||
| -rw-r--r-- | include/asm-generic/pe.h | 3 |
4 files changed, 15 insertions, 0 deletions
diff --git a/arch/arm/lib/crt0_aarch64_efi.S b/arch/arm/lib/crt0_aarch64_efi.S index 3c2cef6..fe6eca5 100644 --- a/arch/arm/lib/crt0_aarch64_efi.S +++ b/arch/arm/lib/crt0_aarch64_efi.S @@ -66,7 +66,11 @@ extra_header_fields: .long _start - ImageBase /* SizeOfHeaders */ .long 0 /* CheckSum */ .short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */ +#if CONFIG_VENDOR_EFI .short 0 /* DllCharacteristics */ +#else + .short IMAGE_DLLCHARACTERISTICS_NX_COMPAT +#endif .quad 0 /* SizeOfStackReserve */ .quad 0 /* SizeOfStackCommit */ .quad 0 /* SizeOfHeapReserve */ diff --git a/arch/arm/lib/crt0_arm_efi.S b/arch/arm/lib/crt0_arm_efi.S index 75ee37b..d67ee0c 100644 --- a/arch/arm/lib/crt0_arm_efi.S +++ b/arch/arm/lib/crt0_arm_efi.S @@ -65,7 +65,11 @@ extra_header_fields: .long _start - image_base /* SizeOfHeaders */ .long 0 /* CheckSum */ .short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */ +#if CONFIG_VENDOR_EFI .short 0 /* DllCharacteristics */ +#else + .short IMAGE_DLLCHARACTERISTICS_NX_COMPAT +#endif .long 0 /* SizeOfStackReserve */ .long 0 /* SizeOfStackCommit */ .long 0 /* SizeOfHeapReserve */ diff --git a/arch/riscv/lib/crt0_riscv_efi.S b/arch/riscv/lib/crt0_riscv_efi.S index 46b0855..c7a4559 100644 --- a/arch/riscv/lib/crt0_riscv_efi.S +++ b/arch/riscv/lib/crt0_riscv_efi.S @@ -96,7 +96,11 @@ extra_header_fields: .long _start - ImageBase /* SizeOfHeaders */ .long 0 /* CheckSum */ .short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */ +#if CONFIG_VENDOR_EFI .short 0 /* DllCharacteristics */ +#else + .short IMAGE_DLLCHARACTERISTICS_NX_COMPAT +#endif #if __riscv_xlen == 32 .long 0 /* SizeOfStackReserve */ .long 0 /* SizeOfStackCommit */ diff --git a/include/asm-generic/pe.h b/include/asm-generic/pe.h index b9d674b..cd5b6ad 100644 --- a/include/asm-generic/pe.h +++ b/include/asm-generic/pe.h @@ -51,6 +51,9 @@ #define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER 12 #define IMAGE_SUBSYSTEM_EFI_ROM 13 +/* DLL characteristics */ +#define IMAGE_DLLCHARACTERISTICS_NX_COMPAT 0x100 + /* Section flags */ #define IMAGE_SCN_CNT_CODE 0x00000020 #define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040 |