efi_loader: set IMAGE_DLLCHARACTERISTICS_NX_COMPAT
The IMAGE_DLLCHARACTERISTICS_NX_COMPAT flag marks an EFI binary where
the following conditions are met [1]:
* Executable and writable sections are separated.
* The application does not run self-modifying code.
* The application uses the EFI_MEMORY_ATTRIBUTE_PROTOCOL when loading
executable code.
* The application does not assume that all memory ranges are usable.
* The stack is not expected to be executable.
The only EFI binaries U-Boot provides that do not fulfill these
requirements are the EFI app and the EFI payload.
Once we have implemented separation of writable and executable memory in
U-Boot we can use the IMAGE_DLLCHARACTERISTICS_NX_COMPAT flag to decide
if we will load an EFI binary.
[1] New UEFI CA memory mitigation requirements for signing
https://techcommunity.microsoft.com/t5/hardware-dev-center/new-uefi-ca-memory-mitigation-requirements-for-signing/ba-p/3608714
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
This commit is contained in:
Heinrich Schuchardt
@@ -66,7 +66,11 @@ extra_header_fields:
|
|||||||
.long _start - ImageBase /* SizeOfHeaders */
|
.long _start - ImageBase /* SizeOfHeaders */
|
||||||
.long 0 /* CheckSum */
|
.long 0 /* CheckSum */
|
||||||
.short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
|
.short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
|
||||||
|
#if CONFIG_VENDOR_EFI
|
||||||
.short 0 /* DllCharacteristics */
|
.short 0 /* DllCharacteristics */
|
||||||
|
#else
|
||||||
|
.short IMAGE_DLLCHARACTERISTICS_NX_COMPAT
|
||||||
|
#endif
|
||||||
.quad 0 /* SizeOfStackReserve */
|
.quad 0 /* SizeOfStackReserve */
|
||||||
.quad 0 /* SizeOfStackCommit */
|
.quad 0 /* SizeOfStackCommit */
|
||||||
.quad 0 /* SizeOfHeapReserve */
|
.quad 0 /* SizeOfHeapReserve */
|
||||||
|
|||||||
@@ -65,7 +65,11 @@ extra_header_fields:
|
|||||||
.long _start - image_base /* SizeOfHeaders */
|
.long _start - image_base /* SizeOfHeaders */
|
||||||
.long 0 /* CheckSum */
|
.long 0 /* CheckSum */
|
||||||
.short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
|
.short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
|
||||||
|
#if CONFIG_VENDOR_EFI
|
||||||
.short 0 /* DllCharacteristics */
|
.short 0 /* DllCharacteristics */
|
||||||
|
#else
|
||||||
|
.short IMAGE_DLLCHARACTERISTICS_NX_COMPAT
|
||||||
|
#endif
|
||||||
.long 0 /* SizeOfStackReserve */
|
.long 0 /* SizeOfStackReserve */
|
||||||
.long 0 /* SizeOfStackCommit */
|
.long 0 /* SizeOfStackCommit */
|
||||||
.long 0 /* SizeOfHeapReserve */
|
.long 0 /* SizeOfHeapReserve */
|
||||||
|
|||||||
@@ -96,7 +96,11 @@ extra_header_fields:
|
|||||||
.long _start - ImageBase /* SizeOfHeaders */
|
.long _start - ImageBase /* SizeOfHeaders */
|
||||||
.long 0 /* CheckSum */
|
.long 0 /* CheckSum */
|
||||||
.short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
|
.short IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
|
||||||
|
#if CONFIG_VENDOR_EFI
|
||||||
.short 0 /* DllCharacteristics */
|
.short 0 /* DllCharacteristics */
|
||||||
|
#else
|
||||||
|
.short IMAGE_DLLCHARACTERISTICS_NX_COMPAT
|
||||||
|
#endif
|
||||||
#if __riscv_xlen == 32
|
#if __riscv_xlen == 32
|
||||||
.long 0 /* SizeOfStackReserve */
|
.long 0 /* SizeOfStackReserve */
|
||||||
.long 0 /* SizeOfStackCommit */
|
.long 0 /* SizeOfStackCommit */
|
||||||
|
|||||||
@@ -51,6 +51,9 @@
|
|||||||
#define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER 12
|
#define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER 12
|
||||||
#define IMAGE_SUBSYSTEM_EFI_ROM 13
|
#define IMAGE_SUBSYSTEM_EFI_ROM 13
|
||||||
|
|
||||||
|
/* DLL characteristics */
|
||||||
|
#define IMAGE_DLLCHARACTERISTICS_NX_COMPAT 0x100
|
||||||
|
|
||||||
/* Section flags */
|
/* Section flags */
|
||||||
#define IMAGE_SCN_CNT_CODE 0x00000020
|
#define IMAGE_SCN_CNT_CODE 0x00000020
|
||||||
#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040
|
#define IMAGE_SCN_CNT_INITIALIZED_DATA 0x00000040
|
||||||
|
|||||||
Reference in New Issue
Block a user