rpms/grub2
7
0
Fork 0
Code Issues Pull Requests Releases Activity
7388f24e3e
grub2/0290-mkimage-Align-efi-sections-on-4k-boundary.patch
Javier Martinez Canillas 88459565ec
A set of EFI fixes to support arm64 QCom UEFI firmwares 
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2019-03-26 17:17:17 +01:00

56 lines
2.2 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Alexander Graf <agraf@suse.de>
Date: Mon, 28 Jan 2019 14:35:28 +0100
Subject: [PATCH] mkimage: Align efi sections on 4k boundary
There is UEFI firmware popping up in the wild now that implements stricter
permission checks using NX and write protect page table entry bits.
This means that firmware now may fail to load binaries if its individual
sections are not page aligned, as otherwise it can not ensure permission
boundaries.
So let's bump all efi section alignments up to 4k (EFI page size). That way
we will stay compatible going forward.
Unfortunately our internals can't deal very well with a mismatch of alignment
between the virtual and file offsets, so we have to also pad our target
binary a bit.
Signed-off-by: Alexander Graf <agraf@suse.de>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Julien ROBIN <julien.robin28@free.fr>
---
include/grub/efi/pe32.h | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/include/grub/efi/pe32.h b/include/grub/efi/pe32.h
index c03cc599f63..f71da19f2f5 100644
--- a/include/grub/efi/pe32.h
+++ b/include/grub/efi/pe32.h
@@ -20,6 +20,7 @@
#define GRUB_EFI_PE32_HEADER 1
#include <grub/types.h>
+#include <grub/efi/memory.h>
/* The MSDOS compatibility stub. This was copied from the output of
objcopy, and it is not necessary to care about what this means. */
@@ -50,8 +51,14 @@
/* According to the spec, the minimal alignment is 512 bytes...
But some examples (such as EFI drivers in the Intel
Sample Implementation) use 32 bytes (0x20) instead, and it seems
- to be working. For now, GRUB uses 512 bytes for safety. */
-#define GRUB_PE32_SECTION_ALIGNMENT 0x200
+ to be working.
+
+ However, there is firmware showing up in the field now with
+ page alignment constraints to guarantee that page protection
+ bits take effect. Because currently existing GRUB code can not
+ properly distinguish between in-memory and in-file layout, let's
+ bump all alignment to GRUB_EFI_PAGE_SIZE. */
+#define GRUB_PE32_SECTION_ALIGNMENT GRUB_EFI_PAGE_SIZE
#define GRUB_PE32_FILE_ALIGNMENT GRUB_PE32_SECTION_ALIGNMENT
struct grub_pe32_coff_header
Reference in New Issue View Git Blame Copy Permalink