1
2
3
4
5
6
7
8
9
10#define LOG_CATEGORY LOGC_EFI
11
12#include <common.h>
13#include <cpu_func.h>
14#include <efi_loader.h>
15#include <log.h>
16#include <malloc.h>
17#include <pe.h>
18#include <sort.h>
19#include <crypto/pkcs7_parser.h>
20#include <linux/err.h>
21
22const efi_guid_t efi_global_variable_guid = EFI_GLOBAL_VARIABLE_GUID;
23const efi_guid_t efi_guid_device_path = EFI_DEVICE_PATH_PROTOCOL_GUID;
24const efi_guid_t efi_guid_loaded_image = EFI_LOADED_IMAGE_PROTOCOL_GUID;
25const efi_guid_t efi_guid_loaded_image_device_path =
26 EFI_LOADED_IMAGE_DEVICE_PATH_PROTOCOL_GUID;
27const efi_guid_t efi_simple_file_system_protocol_guid =
28 EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID;
29const efi_guid_t efi_file_info_guid = EFI_FILE_INFO_GUID;
30
31static int machines[] = {
32#if defined(__aarch64__)
33 IMAGE_FILE_MACHINE_ARM64,
34#elif defined(__arm__)
35 IMAGE_FILE_MACHINE_ARM,
36 IMAGE_FILE_MACHINE_THUMB,
37 IMAGE_FILE_MACHINE_ARMNT,
38#endif
39
40#if defined(__x86_64__)
41 IMAGE_FILE_MACHINE_AMD64,
42#elif defined(__i386__)
43 IMAGE_FILE_MACHINE_I386,
44#endif
45
46#if defined(__riscv) && (__riscv_xlen == 32)
47 IMAGE_FILE_MACHINE_RISCV32,
48#endif
49
50#if defined(__riscv) && (__riscv_xlen == 64)
51 IMAGE_FILE_MACHINE_RISCV64,
52#endif
53 0 };
54
55
56
57
58
59
60
61
62
63
64
65
66static efi_status_t efi_print_image_info(struct efi_loaded_image_obj *obj,
67 struct efi_loaded_image *image,
68 void *pc)
69{
70 printf("UEFI image");
71 printf(" [0x%p:0x%p]",
72 image->image_base, image->image_base + image->image_size - 1);
73 if (pc && pc >= image->image_base &&
74 pc < image->image_base + image->image_size)
75 printf(" pc=0x%zx", pc - image->image_base);
76 if (image->file_path)
77 printf(" '%pD'", image->file_path);
78 printf("\n");
79 return EFI_SUCCESS;
80}
81
82
83
84
85
86
87void efi_print_image_infos(void *pc)
88{
89 struct efi_object *efiobj;
90 struct efi_handler *handler;
91
92 list_for_each_entry(efiobj, &efi_obj_list, link) {
93 list_for_each_entry(handler, &efiobj->protocols, link) {
94 if (!guidcmp(handler->guid, &efi_guid_loaded_image)) {
95 efi_print_image_info(
96 (struct efi_loaded_image_obj *)efiobj,
97 handler->protocol_interface, pc);
98 }
99 }
100 }
101}
102
103
104
105
106
107
108
109
110
111
112static efi_status_t efi_loader_relocate(const IMAGE_BASE_RELOCATION *rel,
113 unsigned long rel_size, void *efi_reloc,
114 unsigned long pref_address)
115{
116 unsigned long delta = (unsigned long)efi_reloc - pref_address;
117 const IMAGE_BASE_RELOCATION *end;
118 int i;
119
120 if (delta == 0)
121 return EFI_SUCCESS;
122
123 end = (const IMAGE_BASE_RELOCATION *)((const char *)rel + rel_size);
124 while (rel < end && rel->SizeOfBlock) {
125 const uint16_t *relocs = (const uint16_t *)(rel + 1);
126 i = (rel->SizeOfBlock - sizeof(*rel)) / sizeof(uint16_t);
127 while (i--) {
128 uint32_t offset = (uint32_t)(*relocs & 0xfff) +
129 rel->VirtualAddress;
130 int type = *relocs >> EFI_PAGE_SHIFT;
131 uint64_t *x64 = efi_reloc + offset;
132 uint32_t *x32 = efi_reloc + offset;
133 uint16_t *x16 = efi_reloc + offset;
134
135 switch (type) {
136 case IMAGE_REL_BASED_ABSOLUTE:
137 break;
138 case IMAGE_REL_BASED_HIGH:
139 *x16 += ((uint32_t)delta) >> 16;
140 break;
141 case IMAGE_REL_BASED_LOW:
142 *x16 += (uint16_t)delta;
143 break;
144 case IMAGE_REL_BASED_HIGHLOW:
145 *x32 += (uint32_t)delta;
146 break;
147 case IMAGE_REL_BASED_DIR64:
148 *x64 += (uint64_t)delta;
149 break;
150#ifdef __riscv
151 case IMAGE_REL_BASED_RISCV_HI20:
152 *x32 = ((*x32 & 0xfffff000) + (uint32_t)delta) |
153 (*x32 & 0x00000fff);
154 break;
155 case IMAGE_REL_BASED_RISCV_LOW12I:
156 case IMAGE_REL_BASED_RISCV_LOW12S:
157
158 if (delta & 0xfff) {
159 log_err("Unsupported reloc offset\n");
160 return EFI_LOAD_ERROR;
161 }
162 break;
163#endif
164 default:
165 log_err("Unknown Relocation off %x type %x\n",
166 offset, type);
167 return EFI_LOAD_ERROR;
168 }
169 relocs++;
170 }
171 rel = (const IMAGE_BASE_RELOCATION *)relocs;
172 }
173 return EFI_SUCCESS;
174}
175
176void __weak invalidate_icache_all(void)
177{
178
179}
180
181
182
183
184
185
186
187
188
189static void efi_set_code_and_data_type(
190 struct efi_loaded_image *loaded_image_info,
191 uint16_t image_type)
192{
193 switch (image_type) {
194 case IMAGE_SUBSYSTEM_EFI_APPLICATION:
195 loaded_image_info->image_code_type = EFI_LOADER_CODE;
196 loaded_image_info->image_data_type = EFI_LOADER_DATA;
197 break;
198 case IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER:
199 loaded_image_info->image_code_type = EFI_BOOT_SERVICES_CODE;
200 loaded_image_info->image_data_type = EFI_BOOT_SERVICES_DATA;
201 break;
202 case IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER:
203 case IMAGE_SUBSYSTEM_EFI_ROM:
204 loaded_image_info->image_code_type = EFI_RUNTIME_SERVICES_CODE;
205 loaded_image_info->image_data_type = EFI_RUNTIME_SERVICES_DATA;
206 break;
207 default:
208 log_err("invalid image type: %u\n", image_type);
209
210 loaded_image_info->image_code_type = EFI_LOADER_CODE;
211 loaded_image_info->image_data_type = EFI_LOADER_DATA;
212 break;
213 }
214}
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233efi_status_t efi_image_region_add(struct efi_image_regions *regs,
234 const void *start, const void *end,
235 int nocheck)
236{
237 struct image_region *reg;
238 int i, j;
239
240 if (regs->num >= regs->max) {
241 EFI_PRINT("%s: no more room for regions\n", __func__);
242 return EFI_OUT_OF_RESOURCES;
243 }
244
245 if (end < start)
246 return EFI_INVALID_PARAMETER;
247
248 for (i = 0; i < regs->num; i++) {
249 reg = ®s->reg[i];
250 if (nocheck)
251 continue;
252
253
254 if (start >= reg->data + reg->size)
255 continue;
256
257
258 if (end <= reg->data) {
259 for (j = regs->num - 1; j >= i; j--)
260 memcpy(®s->reg[j + 1], ®s->reg[j],
261 sizeof(*reg));
262 break;
263 }
264
265
266 EFI_PRINT("%s: new region already part of another\n", __func__);
267 return EFI_INVALID_PARAMETER;
268 }
269
270 reg = ®s->reg[i];
271 reg->data = start;
272 reg->size = end - start;
273 regs->num++;
274
275 return EFI_SUCCESS;
276}
277
278
279
280
281
282
283
284
285
286
287
288
289
290static int cmp_pe_section(const void *arg1, const void *arg2)
291{
292 const IMAGE_SECTION_HEADER *section1, *section2;
293
294 section1 = *((const IMAGE_SECTION_HEADER **)arg1);
295 section2 = *((const IMAGE_SECTION_HEADER **)arg2);
296
297 if (section1->VirtualAddress < section2->VirtualAddress)
298 return -1;
299 else if (section1->VirtualAddress == section2->VirtualAddress)
300 return 0;
301 else
302 return 1;
303}
304
305
306
307
308
309
310
311
312
313
314
315void *efi_prepare_aligned_image(void *efi, u64 *efi_size)
316{
317 size_t new_efi_size;
318 void *new_efi;
319
320
321
322
323
324 if (!IS_ALIGNED(*efi_size, 8)) {
325 new_efi_size = ALIGN(*efi_size, 8);
326 new_efi = calloc(new_efi_size, 1);
327 if (!new_efi)
328 return NULL;
329 memcpy(new_efi, efi, *efi_size);
330 *efi_size = new_efi_size;
331 return new_efi;
332 } else {
333 return efi;
334 }
335}
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
353 WIN_CERTIFICATE **auth, size_t *auth_len)
354{
355 struct efi_image_regions *regs;
356 IMAGE_DOS_HEADER *dos;
357 IMAGE_NT_HEADERS32 *nt;
358 IMAGE_SECTION_HEADER *sections, **sorted;
359 int num_regions, num_sections, i;
360 int ctidx = IMAGE_DIRECTORY_ENTRY_SECURITY;
361 u32 align, size, authsz, authoff;
362 size_t bytes_hashed;
363
364 dos = (void *)efi;
365 nt = (void *)(efi + dos->e_lfanew);
366 authoff = 0;
367 authsz = 0;
368
369
370
371
372
373
374 num_regions = 3;
375 num_regions += nt->FileHeader.NumberOfSections;
376 num_regions++;
377
378 regs = calloc(sizeof(*regs) + sizeof(struct image_region) * num_regions,
379 1);
380 if (!regs)
381 goto err;
382 regs->max = num_regions;
383
384
385
386
387
388 if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
389 IMAGE_NT_HEADERS64 *nt64 = (void *)nt;
390 IMAGE_OPTIONAL_HEADER64 *opt = &nt64->OptionalHeader;
391
392
393 efi_image_region_add(regs, efi, &opt->CheckSum, 0);
394 if (nt64->OptionalHeader.NumberOfRvaAndSizes <= ctidx) {
395 efi_image_region_add(regs,
396 &opt->Subsystem,
397 efi + opt->SizeOfHeaders, 0);
398 } else {
399
400 efi_image_region_add(regs,
401 &opt->Subsystem,
402 &opt->DataDirectory[ctidx], 0);
403 efi_image_region_add(regs,
404 &opt->DataDirectory[ctidx] + 1,
405 efi + opt->SizeOfHeaders, 0);
406
407 authoff = opt->DataDirectory[ctidx].VirtualAddress;
408 authsz = opt->DataDirectory[ctidx].Size;
409 }
410
411 bytes_hashed = opt->SizeOfHeaders;
412 align = opt->FileAlignment;
413 } else if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
414 IMAGE_OPTIONAL_HEADER32 *opt = &nt->OptionalHeader;
415
416
417 efi_image_region_add(regs, efi, &opt->CheckSum, 0);
418 if (nt->OptionalHeader.NumberOfRvaAndSizes <= ctidx) {
419 efi_image_region_add(regs,
420 &opt->Subsystem,
421 efi + opt->SizeOfHeaders, 0);
422 } else {
423
424 efi_image_region_add(regs, &opt->Subsystem,
425 &opt->DataDirectory[ctidx], 0);
426 efi_image_region_add(regs,
427 &opt->DataDirectory[ctidx] + 1,
428 efi + opt->SizeOfHeaders, 0);
429
430 authoff = opt->DataDirectory[ctidx].VirtualAddress;
431 authsz = opt->DataDirectory[ctidx].Size;
432 }
433
434 bytes_hashed = opt->SizeOfHeaders;
435 align = opt->FileAlignment;
436 } else {
437 EFI_PRINT("%s: Invalid optional header magic %x\n", __func__,
438 nt->OptionalHeader.Magic);
439 goto err;
440 }
441
442
443 num_sections = nt->FileHeader.NumberOfSections;
444 sections = (void *)((uint8_t *)&nt->OptionalHeader +
445 nt->FileHeader.SizeOfOptionalHeader);
446 sorted = calloc(sizeof(IMAGE_SECTION_HEADER *), num_sections);
447 if (!sorted) {
448 EFI_PRINT("%s: Out of memory\n", __func__);
449 goto err;
450 }
451
452
453
454
455 for (i = 0; i < num_sections; i++)
456 sorted[i] = §ions[i];
457 qsort(sorted, num_sections, sizeof(sorted[0]), cmp_pe_section);
458
459 for (i = 0; i < num_sections; i++) {
460 if (!sorted[i]->SizeOfRawData)
461 continue;
462
463 size = (sorted[i]->SizeOfRawData + align - 1) & ~(align - 1);
464 efi_image_region_add(regs, efi + sorted[i]->PointerToRawData,
465 efi + sorted[i]->PointerToRawData + size,
466 0);
467 EFI_PRINT("section[%d](%s): raw: 0x%x-0x%x, virt: %x-%x\n",
468 i, sorted[i]->Name,
469 sorted[i]->PointerToRawData,
470 sorted[i]->PointerToRawData + size,
471 sorted[i]->VirtualAddress,
472 sorted[i]->VirtualAddress
473 + sorted[i]->Misc.VirtualSize);
474
475 bytes_hashed += size;
476 }
477 free(sorted);
478
479
480 if (bytes_hashed + authsz < len) {
481 EFI_PRINT("extra data for hash: %zu\n",
482 len - (bytes_hashed + authsz));
483 efi_image_region_add(regs, efi + bytes_hashed,
484 efi + len - authsz, 0);
485 }
486
487
488 if (authsz) {
489 if (len < authoff + authsz) {
490 EFI_PRINT("%s: Size for auth too large: %u >= %zu\n",
491 __func__, authsz, len - authoff);
492 goto err;
493 }
494 if (authsz < sizeof(*auth)) {
495 EFI_PRINT("%s: Size for auth too small: %u < %zu\n",
496 __func__, authsz, sizeof(*auth));
497 goto err;
498 }
499 *auth = efi + authoff;
500 *auth_len = authsz;
501 EFI_PRINT("WIN_CERTIFICATE: 0x%x, size: 0x%x\n", authoff,
502 authsz);
503 } else {
504 *auth = NULL;
505 *auth_len = 0;
506 }
507
508 *regp = regs;
509
510 return true;
511
512err:
513 free(regs);
514
515 return false;
516}
517
518#ifdef CONFIG_EFI_SECURE_BOOT
519
520
521
522
523
524
525
526
527
528
529
530static bool efi_image_unsigned_authenticate(struct efi_image_regions *regs)
531{
532 struct efi_signature_store *db = NULL, *dbx = NULL;
533 bool ret = false;
534
535 dbx = efi_sigstore_parse_sigdb(L"dbx");
536 if (!dbx) {
537 EFI_PRINT("Getting signature database(dbx) failed\n");
538 goto out;
539 }
540
541 db = efi_sigstore_parse_sigdb(L"db");
542 if (!db) {
543 EFI_PRINT("Getting signature database(db) failed\n");
544 goto out;
545 }
546
547
548 if (efi_signature_lookup_digest(regs, dbx)) {
549 EFI_PRINT("Image is not signed and its digest found in \"dbx\"\n");
550 goto out;
551 }
552
553
554 if (efi_signature_lookup_digest(regs, db))
555 ret = true;
556 else
557 EFI_PRINT("Image is not signed and its digest not found in \"db\" or \"dbx\"\n");
558
559out:
560 efi_sigstore_free(db);
561 efi_sigstore_free(dbx);
562
563 return ret;
564}
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587static bool efi_image_authenticate(void *efi, size_t efi_size)
588{
589 struct efi_image_regions *regs = NULL;
590 WIN_CERTIFICATE *wincerts = NULL, *wincert;
591 size_t wincerts_len;
592 struct pkcs7_message *msg = NULL;
593 struct efi_signature_store *db = NULL, *dbx = NULL;
594 void *new_efi = NULL;
595 u8 *auth, *wincerts_end;
596 size_t auth_size;
597 bool ret = false;
598
599 EFI_PRINT("%s: Enter, %d\n", __func__, ret);
600
601 if (!efi_secure_boot_enabled())
602 return true;
603
604 new_efi = efi_prepare_aligned_image(efi, (u64 *)&efi_size);
605 if (!new_efi)
606 return false;
607
608 if (!efi_image_parse(new_efi, efi_size, ®s, &wincerts,
609 &wincerts_len)) {
610 EFI_PRINT("Parsing PE executable image failed\n");
611 goto err;
612 }
613
614 if (!wincerts) {
615
616 ret = efi_image_unsigned_authenticate(regs);
617
618 goto err;
619 }
620
621
622
623
624 db = efi_sigstore_parse_sigdb(L"db");
625 if (!db) {
626 EFI_PRINT("Getting signature database(db) failed\n");
627 goto err;
628 }
629
630 dbx = efi_sigstore_parse_sigdb(L"dbx");
631 if (!dbx) {
632 EFI_PRINT("Getting signature database(dbx) failed\n");
633 goto err;
634 }
635
636 if (efi_signature_lookup_digest(regs, dbx)) {
637 EFI_PRINT("Image's digest was found in \"dbx\"\n");
638 goto err;
639 }
640
641
642
643
644
645
646
647
648
649
650
651 for (wincert = wincerts, wincerts_end = (u8 *)wincerts + wincerts_len;
652 (u8 *)wincert < wincerts_end;
653 wincert = (WIN_CERTIFICATE *)
654 ((u8 *)wincert + ALIGN(wincert->dwLength, 8))) {
655 if ((u8 *)wincert + sizeof(*wincert) >= wincerts_end)
656 break;
657
658 if (wincert->dwLength <= sizeof(*wincert)) {
659 EFI_PRINT("dwLength too small: %u < %zu\n",
660 wincert->dwLength, sizeof(*wincert));
661 continue;
662 }
663
664 EFI_PRINT("WIN_CERTIFICATE_TYPE: 0x%x\n",
665 wincert->wCertificateType);
666
667 auth = (u8 *)wincert + sizeof(*wincert);
668 auth_size = wincert->dwLength - sizeof(*wincert);
669 if (wincert->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {
670 if (auth + sizeof(efi_guid_t) >= wincerts_end)
671 break;
672
673 if (auth_size <= sizeof(efi_guid_t)) {
674 EFI_PRINT("dwLength too small: %u < %zu\n",
675 wincert->dwLength, sizeof(*wincert));
676 continue;
677 }
678 if (guidcmp(auth, &efi_guid_cert_type_pkcs7)) {
679 EFI_PRINT("Certificate type not supported: %pUl\n",
680 auth);
681 continue;
682 }
683
684 auth += sizeof(efi_guid_t);
685 auth_size -= sizeof(efi_guid_t);
686 } else if (wincert->wCertificateType
687 != WIN_CERT_TYPE_PKCS_SIGNED_DATA) {
688 EFI_PRINT("Certificate type not supported\n");
689 continue;
690 }
691
692 msg = pkcs7_parse_message(auth, auth_size);
693 if (IS_ERR(msg)) {
694 EFI_PRINT("Parsing image's signature failed\n");
695 msg = NULL;
696 continue;
697 }
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719 if (efi_signature_verify_one(regs, msg, dbx)) {
720 EFI_PRINT("Signature was rejected by \"dbx\"\n");
721 continue;
722 }
723
724 if (!efi_signature_check_signers(msg, dbx)) {
725 EFI_PRINT("Signer(s) in \"dbx\"\n");
726 continue;
727 }
728
729
730 if (efi_signature_verify(regs, msg, db, dbx)) {
731 ret = true;
732 break;
733 }
734
735 EFI_PRINT("Signature was not verified by \"db\"\n");
736
737 if (efi_signature_lookup_digest(regs, db)) {
738 ret = true;
739 break;
740 }
741
742 EFI_PRINT("Image's digest was not found in \"db\" or \"dbx\"\n");
743 }
744
745err:
746 efi_sigstore_free(db);
747 efi_sigstore_free(dbx);
748 pkcs7_free_message(msg);
749 free(regs);
750 if (new_efi != efi)
751 free(new_efi);
752
753 EFI_PRINT("%s: Exit, %d\n", __func__, ret);
754 return ret;
755}
756#else
757static bool efi_image_authenticate(void *efi, size_t efi_size)
758{
759 return true;
760}
761#endif
762
763
764
765
766
767
768
769
770
771
772efi_status_t efi_check_pe(void *buffer, size_t size, void **nt_header)
773{
774 IMAGE_DOS_HEADER *dos = buffer;
775 IMAGE_NT_HEADERS32 *nt;
776
777 if (size < sizeof(*dos))
778 return EFI_INVALID_PARAMETER;
779
780
781 if (dos->e_magic != IMAGE_DOS_SIGNATURE)
782 return EFI_INVALID_PARAMETER;
783
784
785
786
787
788
789 if (size < dos->e_lfanew + sizeof(IMAGE_NT_HEADERS32))
790 return EFI_INVALID_PARAMETER;
791 nt = (IMAGE_NT_HEADERS32 *)((u8 *)buffer + dos->e_lfanew);
792
793
794 if (nt->Signature != IMAGE_NT_SIGNATURE)
795 return EFI_INVALID_PARAMETER;
796
797 if (nt_header)
798 *nt_header = nt;
799
800 return EFI_SUCCESS;
801}
802
803
804
805
806
807
808
809
810
811
812static u32 section_size(IMAGE_SECTION_HEADER *sec)
813{
814 if (sec->Misc.VirtualSize)
815 return sec->Misc.VirtualSize;
816 else
817 return sec->SizeOfRawData;
818}
819
820
821
822
823
824
825
826
827
828
829
830
831
832efi_status_t efi_load_pe(struct efi_loaded_image_obj *handle,
833 void *efi, size_t efi_size,
834 struct efi_loaded_image *loaded_image_info)
835{
836 IMAGE_NT_HEADERS32 *nt;
837 IMAGE_DOS_HEADER *dos;
838 IMAGE_SECTION_HEADER *sections;
839 int num_sections;
840 void *efi_reloc;
841 int i;
842 const IMAGE_BASE_RELOCATION *rel;
843 unsigned long rel_size;
844 int rel_idx = IMAGE_DIRECTORY_ENTRY_BASERELOC;
845 uint64_t image_base;
846 unsigned long virt_size = 0;
847 int supported = 0;
848 efi_status_t ret;
849
850 ret = efi_check_pe(efi, efi_size, (void **)&nt);
851 if (ret != EFI_SUCCESS) {
852 log_err("Not a PE-COFF file\n");
853 return EFI_LOAD_ERROR;
854 }
855
856 for (i = 0; machines[i]; i++)
857 if (machines[i] == nt->FileHeader.Machine) {
858 supported = 1;
859 break;
860 }
861
862 if (!supported) {
863 log_err("Machine type 0x%04x is not supported\n",
864 nt->FileHeader.Machine);
865 return EFI_LOAD_ERROR;
866 }
867
868 num_sections = nt->FileHeader.NumberOfSections;
869 sections = (void *)&nt->OptionalHeader +
870 nt->FileHeader.SizeOfOptionalHeader;
871
872 if (efi_size < ((void *)sections + sizeof(sections[0]) * num_sections
873 - efi)) {
874 log_err("Invalid number of sections: %d\n", num_sections);
875 return EFI_LOAD_ERROR;
876 }
877
878
879 if (efi_image_authenticate(efi, efi_size)) {
880 handle->auth_status = EFI_IMAGE_AUTH_PASSED;
881 } else {
882 handle->auth_status = EFI_IMAGE_AUTH_FAILED;
883 log_err("Image not authenticated\n");
884 }
885
886
887 for (i = num_sections - 1; i >= 0; i--) {
888 IMAGE_SECTION_HEADER *sec = §ions[i];
889
890 virt_size = max_t(unsigned long, virt_size,
891 sec->VirtualAddress + section_size(sec));
892 }
893
894
895 if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
896 IMAGE_NT_HEADERS64 *nt64 = (void *)nt;
897 IMAGE_OPTIONAL_HEADER64 *opt = &nt64->OptionalHeader;
898 image_base = opt->ImageBase;
899 efi_set_code_and_data_type(loaded_image_info, opt->Subsystem);
900 handle->image_type = opt->Subsystem;
901 efi_reloc = efi_alloc_aligned_pages(virt_size,
902 loaded_image_info->image_code_type,
903 opt->SectionAlignment);
904 if (!efi_reloc) {
905 log_err("Out of memory\n");
906 ret = EFI_OUT_OF_RESOURCES;
907 goto err;
908 }
909 handle->entry = efi_reloc + opt->AddressOfEntryPoint;
910 rel_size = opt->DataDirectory[rel_idx].Size;
911 rel = efi_reloc + opt->DataDirectory[rel_idx].VirtualAddress;
912 } else if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
913 IMAGE_OPTIONAL_HEADER32 *opt = &nt->OptionalHeader;
914 image_base = opt->ImageBase;
915 efi_set_code_and_data_type(loaded_image_info, opt->Subsystem);
916 handle->image_type = opt->Subsystem;
917 efi_reloc = efi_alloc_aligned_pages(virt_size,
918 loaded_image_info->image_code_type,
919 opt->SectionAlignment);
920 if (!efi_reloc) {
921 log_err("Out of memory\n");
922 ret = EFI_OUT_OF_RESOURCES;
923 goto err;
924 }
925 handle->entry = efi_reloc + opt->AddressOfEntryPoint;
926 rel_size = opt->DataDirectory[rel_idx].Size;
927 rel = efi_reloc + opt->DataDirectory[rel_idx].VirtualAddress;
928 } else {
929 log_err("Invalid optional header magic %x\n",
930 nt->OptionalHeader.Magic);
931 ret = EFI_LOAD_ERROR;
932 goto err;
933 }
934
935#if CONFIG_IS_ENABLED(EFI_TCG2_PROTOCOL)
936
937 ret = tcg2_measure_pe_image(efi, efi_size, handle, loaded_image_info);
938 if (ret == EFI_SECURITY_VIOLATION) {
939
940
941
942
943 log_err("PE image measurement failed, no tpm device found\n");
944 goto err;
945 }
946
947#endif
948
949
950 memcpy(efi_reloc, efi,
951 sizeof(*dos)
952 + sizeof(*nt)
953 + nt->FileHeader.SizeOfOptionalHeader
954 + num_sections * sizeof(IMAGE_SECTION_HEADER));
955
956
957 for (i = num_sections - 1; i >= 0; i--) {
958 IMAGE_SECTION_HEADER *sec = §ions[i];
959 u32 copy_size = section_size(sec);
960
961 if (copy_size > sec->SizeOfRawData) {
962 copy_size = sec->SizeOfRawData;
963 memset(efi_reloc + sec->VirtualAddress, 0,
964 sec->Misc.VirtualSize);
965 }
966 memcpy(efi_reloc + sec->VirtualAddress,
967 efi + sec->PointerToRawData,
968 copy_size);
969 }
970
971
972 if (efi_loader_relocate(rel, rel_size, efi_reloc,
973 (unsigned long)image_base) != EFI_SUCCESS) {
974 efi_free_pages((uintptr_t) efi_reloc,
975 (virt_size + EFI_PAGE_MASK) >> EFI_PAGE_SHIFT);
976 ret = EFI_LOAD_ERROR;
977 goto err;
978 }
979
980
981 flush_cache((ulong)efi_reloc,
982 ALIGN(virt_size, EFI_CACHELINE_SIZE));
983 invalidate_icache_all();
984
985
986 loaded_image_info->image_base = efi_reloc;
987 loaded_image_info->image_size = virt_size;
988
989 if (handle->auth_status == EFI_IMAGE_AUTH_PASSED)
990 return EFI_SUCCESS;
991 else
992 return EFI_SECURITY_VIOLATION;
993
994err:
995 return ret;
996}
997