[U-Boot] [PATCH v2] efi_loader: Check machine type in the image header

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ivan Gorinov <ivan.gorinov@intel.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v2] efi_loader: Check machine type in the image header
Date: Thu, 5 Apr 2018 14:28:30 -0700	[thread overview]
Message-ID: <20180405212830.GA5872@intel.com> (raw)

Check FileHeader.Machine to make sure the EFI executable image is built
for the same architecture. For example, 32-bit U-Boot on x86 will print
an error message instead of loading an x86_64 image and crashing.

Signed-off-by: Ivan Gorinov <ivan.gorinov@intel.com>
---
 include/pe.h                      | 24 ++++++++++++++++++++++++
 lib/efi_loader/efi_image_loader.c | 24 ++++++++++++------------
 2 files changed, 36 insertions(+), 12 deletions(-)

diff --git a/include/pe.h b/include/pe.h
index c3a19ce..0dc33f0 100644
--- a/include/pe.h
+++ b/include/pe.h
@@ -38,11 +38,35 @@ typedef struct _IMAGE_DOS_HEADER {
 #define IMAGE_DOS_SIGNATURE		0x5A4D     /* MZ   */
 #define IMAGE_NT_SIGNATURE		0x00004550 /* PE00 */
 
+#define IMAGE_FILE_MACHINE_I386		0x014c
 #define IMAGE_FILE_MACHINE_ARM		0x01c0
 #define IMAGE_FILE_MACHINE_THUMB	0x01c2
 #define IMAGE_FILE_MACHINE_ARMNT	0x01c4
 #define IMAGE_FILE_MACHINE_AMD64	0x8664
 #define IMAGE_FILE_MACHINE_ARM64	0xaa64
+#define IMAGE_FILE_MACHINE_RISCV32	0x5032
+#define IMAGE_FILE_MACHINE_RISCV64	0x5064
+
+#if defined(CONFIG_ARM64)
+#define TARGET_PE_MACHINE_TYPE IMAGE_FILE_MACHINE_ARM64
+#elif defined(CONFIG_ARM)
+#define TARGET_PE_MACHINE_TYPE IMAGE_FILE_MACHINE_THUMB
+#endif
+
+#if defined(CONFIG_X86_64)
+#define TARGET_PE_MACHINE_TYPE IMAGE_FILE_MACHINE_AMD64
+#elif defined(CONFIG_X86)
+#define TARGET_PE_MACHINE_TYPE IMAGE_FILE_MACHINE_I386
+#endif
+
+#if defined(CONFIG_CPU_RISCV_32)
+#define TARGET_PE_MACHINE_TYPE IMAGE_FILE_MACHINE_RISCV32
+#endif
+
+#if defined(CONFIG_CPU_RISCV_64)
+#define TARGET_PE_MACHINE_TYPE IMAGE_FILE_MACHINE_RISCV64
+#endif
+
 #define IMAGE_NT_OPTIONAL_HDR32_MAGIC	0x10b
 #define IMAGE_NT_OPTIONAL_HDR64_MAGIC	0x20b
 #define IMAGE_SUBSYSTEM_EFI_APPLICATION	10
diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
index f588576..ac20488 100644
--- a/lib/efi_loader/efi_image_loader.c
+++ b/lib/efi_loader/efi_image_loader.c
@@ -172,14 +172,6 @@ void *efi_load_pe(void *efi, struct efi_loaded_image *loaded_image_info)
 	void *entry;
 	uint64_t image_size;
 	unsigned long virt_size = 0;
-	bool can_run_nt64 = true;
-	bool can_run_nt32 = true;
-
-#if defined(CONFIG_ARM64)
-	can_run_nt32 = false;
-#elif defined(CONFIG_ARM)
-	can_run_nt64 = false;
-#endif
 
 	dos = efi;
 	if (dos->e_magic != IMAGE_DOS_SIGNATURE) {
@@ -193,6 +185,16 @@ void *efi_load_pe(void *efi, struct efi_loaded_image *loaded_image_info)
 		return NULL;
 	}
 
+#ifdef TARGET_PE_MACHINE_TYPE
+
+	if (nt->FileHeader.Machine != TARGET_PE_MACHINE_TYPE) {
+		printf("%s: Machine type 0x%04x is not supported\n",
+		       __func__, nt->FileHeader.Machine);
+		return NULL;
+	}
+
+#endif
+
 	/* Calculate upper virtual address boundary */
 	num_sections = nt->FileHeader.NumberOfSections;
 	sections = (void *)&nt->OptionalHeader +
@@ -205,8 +207,7 @@ void *efi_load_pe(void *efi, struct efi_loaded_image *loaded_image_info)
 	}
 
 	/* Read 32/64bit specific header bits */
-	if (can_run_nt64 &&
-	    (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC)) {
+	if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
 		IMAGE_NT_HEADERS64 *nt64 = (void *)nt;
 		IMAGE_OPTIONAL_HEADER64 *opt = &nt64->OptionalHeader;
 		image_size = opt->SizeOfImage;
@@ -222,8 +223,7 @@ void *efi_load_pe(void *efi, struct efi_loaded_image *loaded_image_info)
 		rel_size = opt->DataDirectory[rel_idx].Size;
 		rel = efi_reloc + opt->DataDirectory[rel_idx].VirtualAddress;
 		virt_size = ALIGN(virt_size, opt->SectionAlignment);
-	} else if (can_run_nt32 &&
-		   (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC)) {
+	} else if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
 		IMAGE_OPTIONAL_HEADER32 *opt = &nt->OptionalHeader;
 		image_size = opt->SizeOfImage;
 		efi_set_code_and_data_type(loaded_image_info, opt->Subsystem);
-- 
2.7.4

next             reply	other threads:[~2018-04-05 21:28 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-05 21:28 Ivan Gorinov [this message]
2018-04-05 22:43 ` [U-Boot] [PATCH v2] efi_loader: Check machine type in the image header Alexander Graf
2018-04-05 23:03   ` Heinrich Schuchardt
2018-04-05 23:23     ` Alexander Graf
2018-04-06  6:47       ` Heinrich Schuchardt
2018-04-06  7:25         ` Alexander Graf

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:c3a19ce dfblob:0dc33f0 dfblob:f588576 dfblob:ac20488 )
 OR (
bs:"[U-Boot] [PATCH v2] efi_loader: Check machine type in the image header" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180405212830.GA5872@intel.com \
    --to=ivan.gorinov@intel.com \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.