The IMAGE_DLLCHARACTERISTICS_NX_COMPAT flag marks an EFI binary where
the following conditions are met [1]:
* Executable and writable sections are separated.
* The application does not run self-modifying code.
* The application uses the EFI_MEMORY_ATTRIBUTE_PROTOCOL when loading
executable code.
* The application does not assume that all memory ranges are usable.
* The stack is not expected to be executable.
The only EFI binaries U-Boot provides that do not fulfill these
requirements are the EFI app and the EFI payload.
Once we have implemented separation of writable and executable memory in
U-Boot we can use the IMAGE_DLLCHARACTERISTICS_NX_COMPAT flag to decide
if we will load an EFI binary.
[1] New UEFI CA memory mitigation requirements for signing
https://techcommunity.microsoft.com/t5/hardware-dev-center/new-uefi-ca-memory-mitigation-requirements-for-signing/ba-p/3608714
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Provide constants for the section flags used by binaries.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Add the Linux magic to the EFI file header to allow running our test
programs with GRUB's linux command. Now we can dump the fixed-up device
tree with our dtbdump.efi tool.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
We should use predefined constants instead of magic numbers.
Move some constant definitions from include/pe.h to
include/asm-generic/pe.h.
Use these constants in crt0_*_efi.S.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This adds characteristics macros as defined by the Microsoft PE
Format documentation [1].
[1] https://docs.microsoft.com/zh-cn/windows/desktop/Debug/pe-format
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
As part of the main conversion a few files were missed. These files had
additional whitespace after the '*' and before the SPDX tag and my
previous regex was too strict. This time I did a grep for all SPDX tags
and then filtered out anything that matched the correct styles.
Fixes: 83d290c56f ("SPDX: Convert all of our single license tags to Linux Kernel style")
Reported-by: Heinrich Schuchardt <xypron.debian@gmx.de>
Signed-off-by: Tom Rini <trini@konsulko.com>
Before the patch an undefined constant EFI_SUBSYSTEM was used in the
crt0 code. The current version of binutils does not swallow the error.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888403
The necessary constant IMAGE_SUBSYSTEM_EFI_APPLICATION is already
defined in pe.h. So let's factor out asm-generic/pe.h for the
image subsystem constants and use it in our assembler code.
IMAGE_SUBSYSTEM_SAL_RUNTIME_DRIVER does not exist in the specification
let's use IMAGE_SUBSYSTEM_EFI_ROM instead.
The include pe.h is only used in code maintained by Alex so let him be the
maintainer here too.
Reported-by: Andre Przywara <andre.przywara@arm.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Tested-by: Vagrant Cascadian <vagrant@debian.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
