From: mark.rutland@arm.com (Mark Rutland)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v3 8/8] arm64: efi: split Image code and data into separate PE/COFF sections
Date: Thu, 30 Mar 2017 19:29:43 +0100 [thread overview]
Message-ID: <20170330182943.GD8062@leverpostej> (raw)
In-Reply-To: <20170323190051.14882-9-ard.biesheuvel@linaro.org>
On Thu, Mar 23, 2017 at 07:00:51PM +0000, Ard Biesheuvel wrote:
> To prevent unintended modifications to the kernel text (malicious or
> otherwise) while running the EFI stub, describe the kernel image as
> two separate sections: a .text section with read-execute permissions,
> covering .text, .rodata and .init.text, and a .data section with
> read-write permissions, covering .init.data, .data and .bss.
>
> This relies on the firmware to actually take the section permission
> flags into account, but this is something that is currently being
> implemented in EDK2, which means we will likely start seeing it in
> the wild between one and two years from now.
>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Mark.
> ---
> arch/arm64/kernel/efi-header.S | 23 +++++++++++++++-----
> arch/arm64/kernel/vmlinux.lds.S | 2 ++
> 2 files changed, 20 insertions(+), 5 deletions(-)
>
> diff --git a/arch/arm64/kernel/efi-header.S b/arch/arm64/kernel/efi-header.S
> index 7637226ea9ca..613fc3000677 100644
> --- a/arch/arm64/kernel/efi-header.S
> +++ b/arch/arm64/kernel/efi-header.S
> @@ -27,8 +27,8 @@ optional_header:
> .short PE_OPT_MAGIC_PE32PLUS // PE32+ format
> .byte 0x02 // MajorLinkerVersion
> .byte 0x14 // MinorLinkerVersion
> - .long _end - efi_header_end // SizeOfCode
> - .long 0 // SizeOfInitializedData
> + .long __initdata_begin - efi_header_end // SizeOfCode
> + .long __pecoff_data_size // SizeOfInitializedData
> .long 0 // SizeOfUninitializedData
> .long __efistub_entry - _head // AddressOfEntryPoint
> .long efi_header_end - _head // BaseOfCode
> @@ -74,9 +74,9 @@ extra_header_fields:
> // Section table
> section_table:
> .ascii ".text\0\0\0"
> - .long _end - efi_header_end // VirtualSize
> + .long __initdata_begin - efi_header_end // VirtualSize
> .long efi_header_end - _head // VirtualAddress
> - .long _edata - efi_header_end // SizeOfRawData
> + .long __initdata_begin - efi_header_end // SizeOfRawData
> .long efi_header_end - _head // PointerToRawData
>
> .long 0 // PointerToRelocations
> @@ -84,7 +84,20 @@ section_table:
> .short 0 // NumberOfRelocations
> .short 0 // NumberOfLineNumbers
> .long IMAGE_SCN_CNT_CODE | \
> - IMAGE_SCN_MEM_EXECUTE | \
> + IMAGE_SCN_MEM_READ | \
> + IMAGE_SCN_MEM_EXECUTE // Characteristics
> +
> + .ascii ".data\0\0\0"
> + .long __pecoff_data_size // VirtualSize
> + .long __initdata_begin - _head // VirtualAddress
> + .long __pecoff_data_rawsize // SizeOfRawData
> + .long __initdata_begin - _head // PointerToRawData
> +
> + .long 0 // PointerToRelocations
> + .long 0 // PointerToLineNumbers
> + .short 0 // NumberOfRelocations
> + .short 0 // NumberOfLineNumbers
> + .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
> IMAGE_SCN_MEM_READ | \
> IMAGE_SCN_MEM_WRITE // Characteristics
>
> diff --git a/arch/arm64/kernel/vmlinux.lds.S b/arch/arm64/kernel/vmlinux.lds.S
> index 2c93d259046c..987a00ee446c 100644
> --- a/arch/arm64/kernel/vmlinux.lds.S
> +++ b/arch/arm64/kernel/vmlinux.lds.S
> @@ -213,6 +213,7 @@ SECTIONS
> }
>
> PECOFF_EDATA_PADDING
> + __pecoff_data_rawsize = ABSOLUTE(. - __initdata_begin);
> _edata = .;
>
> BSS_SECTION(0, 0, 0)
> @@ -228,6 +229,7 @@ SECTIONS
> . += RESERVED_TTBR0_SIZE;
> #endif
>
> + __pecoff_data_size = ABSOLUTE(. - __initdata_begin);
> _end = .;
>
> STABS_DEBUG
> --
> 2.9.3
>
next prev parent reply other threads:[~2017-03-30 18:29 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-23 19:00 [PATCH v3 0/8] arm64: efi: PE/COFF cleanup/hardening Ard Biesheuvel
2017-03-23 19:00 ` [PATCH v3 1/8] include: pe.h: allow for use in assembly Ard Biesheuvel
2017-03-23 19:00 ` [PATCH v3 2/8] include: pe.h: add some missing definitions Ard Biesheuvel
2017-03-23 19:00 ` [PATCH v3 3/8] arm64: efi: move EFI header and related data to a separate .S file Ard Biesheuvel
2017-03-23 19:00 ` [PATCH v3 4/8] arm64: efi: clean up Image header after PE header has been split off Ard Biesheuvel
2017-03-30 18:26 ` Will Deacon
2017-03-30 18:26 ` Mark Rutland
2017-03-23 19:00 ` [PATCH v3 5/8] arm64: efi: remove forbidden values from the PE/COFF header Ard Biesheuvel
2017-03-23 19:00 ` [PATCH v3 6/8] arm64: efi: remove pointless dummy .reloc section Ard Biesheuvel
2017-03-23 19:00 ` [PATCH v3 7/8] arm64: efi: replace open coded constants with symbolic ones Ard Biesheuvel
2017-03-23 19:00 ` [PATCH v3 8/8] arm64: efi: split Image code and data into separate PE/COFF sections Ard Biesheuvel
2017-03-30 18:29 ` Mark Rutland [this message]
2017-04-04 15:33 ` [PATCH v3 0/8] arm64: efi: PE/COFF cleanup/hardening Ard Biesheuvel
2017-04-04 16:57 ` Catalin Marinas
2017-04-04 17:02 ` Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170330182943.GD8062@leverpostej \
--to=mark.rutland@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.