[PATCH] loader/efi/linux: Implement x86 mixed mode using legacy boot

[Ard Biesheuvel <ardb@kernel.org>]

Recent mixed-mode Linux kernels (i.e., v4.0 or newer) can access EFI
runtime services at OS runtime even when the OS was not entered via the
EFI stub. This is because, instead of reverting back to the firmware's
segment selectors, GDTs and IDTs, the 64-bit kernel simply calls 32-bit
runtime services using compatilibity mode (i.e., the same mode used for
32-bit user space) without taking down all interrupt handling, exception
handling etc.

This means that GRUB's legacy x86 boot mode is sufficient to make use of
this: 32-bit i686 builds of GRUB can already boot 64-bit kernels in EFI
enlightened mode (but without going via the EFI stub), and provide all
the metadata that the OS needs to map the EFI runtime regions and call
EFI runtime services successfully.

It does mean that GRUB should not attempt to invoke the firmware's
LoadImage/StartImage methods on kernel builds that it knows cannot be
started natively. So add a check for this in the native EFI boot path,
and fall back to legacy x86 mode in such cases.

Note that in the general case, booting non-native images of the same
native word size (e.g., X64 EFI apps on arm64 firmware) might be
supported by means of emulation, so let's only disallow images that use
a non-native word size. This will also permit booting i686 kernels on
x86_64 builds, although without access to runtime services, as this is
not supported by Linux.

This change on top of 2.12-rc1 is sufficient to boot ordinary Linux
mixed mode builds and get full access to the EFI runtime services.

Cc: Daniel Kiper <daniel.kiper@oracle.com>
Cc: Steve McIntyre <steve@einval.com>
Cc: Julian Andres Klode <julian.klode@canonical.com>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 grub-core/loader/efi/linux.c | 5 +++++
 include/grub/efi/pe32.h      | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
index ed325f2b0aae2d6f..1d0734e295043df7 100644
--- a/grub-core/loader/efi/linux.c
+++ b/grub-core/loader/efi/linux.c
@@ -120,6 +120,11 @@ grub_arch_efi_linux_load_image_header (grub_file_t file,
         return grub_error (GRUB_ERR_FILE_READ_ERROR, "failed to read COFF image header");
     }
 
+  if (lh->pe_image_header.optional_header.magic != GRUB_PE32_NATIVE_MAGIC)
+    {
+      return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET, "non-native image not supported");
+    }
+
   /*
    * Linux kernels built for any architecture are guaranteed to support the
    * LoadFile2 based initrd loading protocol if the image version is >= 1.
diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h
index 101859af1ea64237..4e6e9d254bd35c9b 100644
--- a/include/grub/efi/pe32.h
+++ b/include/grub/efi/pe32.h
@@ -267,6 +267,12 @@ struct grub_pe32_section_table
 
 #define GRUB_PE32_SIGNATURE_SIZE 4
 
+#if GRUB_TARGET_SIZEOF_VOID_P == 8
+#define GRUB_PE32_NATIVE_MAGIC			GRUB_PE32_PE64_MAGIC
+#else
+#define GRUB_PE32_NATIVE_MAGIC			GRUB_PE32_PE32_MAGIC
+#endif
+
 struct grub_pe_image_header
 {
   /* This is always PE\0\0.  */
-- 
2.39.2