[U-Boot] [PATCH v2] efi_loader: Check machine type in the image header

Fri Apr 6 07:25:53 UTC 2018

On 06.04.18 08:47, Heinrich Schuchardt wrote:
> On 04/06/2018 01:23 AM, Alexander Graf wrote:
>>
>>
>> On 06.04.18 01:03, Heinrich Schuchardt wrote:
>>> On 04/06/2018 12:43 AM, Alexander Graf wrote:
>>>>
>>>>
>>>> On 05.04.18 23:28, Ivan Gorinov wrote:
>>>>> Check FileHeader.Machine to make sure the EFI executable image is built
>>>>> for the same architecture. For example, 32-bit U-Boot on x86 will print
>>>>> an error message instead of loading an x86_64 image and crashing.
>>>>>
>>>>> Signed-off-by: Ivan Gorinov <ivan.gorinov at intel.com>
>>>>> ---
>>>>>  include/pe.h                      | 24 ++++++++++++++++++++++++
>>>>>  lib/efi_loader/efi_image_loader.c | 24 ++++++++++++------------
>>>>>  2 files changed, 36 insertions(+), 12 deletions(-)
>>>>>
>>>>> diff --git a/include/pe.h b/include/pe.h
>>>>> index c3a19ce..0dc33f0 100644
>>>>> --- a/include/pe.h
>>>>> +++ b/include/pe.h
>>>>> @@ -38,11 +38,35 @@ typedef struct _IMAGE_DOS_HEADER {
>>>>>  #define IMAGE_DOS_SIGNATURE		0x5A4D     /* MZ   */
>>>>>  #define IMAGE_NT_SIGNATURE		0x00004550 /* PE00 */
>>>>>  
>>>>> +#define IMAGE_FILE_MACHINE_I386		0x014c
>>>>>  #define IMAGE_FILE_MACHINE_ARM		0x01c0
>>>>>  #define IMAGE_FILE_MACHINE_THUMB	0x01c2
>>>>>  #define IMAGE_FILE_MACHINE_ARMNT	0x01c4
>>>>>  #define IMAGE_FILE_MACHINE_AMD64	0x8664
>>>>>  #define IMAGE_FILE_MACHINE_ARM64	0xaa64
>>>>> +#define IMAGE_FILE_MACHINE_RISCV32	0x5032
>>>>> +#define IMAGE_FILE_MACHINE_RISCV64	0x5064
>>>>> +
>>>>> +#if defined(CONFIG_ARM64)
>>>>> +#define TARGET_PE_MACHINE_TYPE IMAGE_FILE_MACHINE_ARM64
>>>>> +#elif defined(CONFIG_ARM)
>>>>> +#define TARGET_PE_MACHINE_TYPE IMAGE_FILE_MACHINE_THUMB
>>>>
>>>> Are you sure we always have thumb as machine type here? Aren't we
>>>> compatible with either ARM or THUMB?
>>>
>>> The value 0x01c2 means ARM or THUMB
>>> It is used by Linux, GRUB, iPXE.
>>
>> I'm not sure that's fully accurate. ARM means some old legacy one, but
>> ARMNT and THUMB can both be used, no?
>>
>>   https://www.npmjs.com/package/binarycpu
>>
>> What I'm trying to say is that a 1:1 matching might not be the only
>> thing we want.
> 
> Revision 8.3 – February 6th, 2013 of the PECOFF spec is the most explicit:
> 
> IMAGE_FILE_MACHINE_ARMNT 0x1c4 ARMv7 (or higher) Thumb mode only
> IMAGE_FILE_MACHINE_THUMB 0x1c2 ARM or Thumb (“interworking”)
> 
> EDK2 has only these values (with some names not matching the standard):
> 
> IMAGE_FILE_MACHINE_I386            0x014c
> IMAGE_FILE_MACHINE_IA64            0x0200
> IMAGE_FILE_MACHINE_EBC             0x0EBC
> IMAGE_FILE_MACHINE_X64             0x8664
> IMAGE_FILE_MACHINE_ARMTHUMB_MIXED  0x01c2
> IMAGE_FILE_MACHINE_ARM64           0xAA64
> 
> On ARM only IMAGE_FILE_MACHINE_ARMTHUMB_MIXED and
> IMAGE_FILE_MACHINE_ARMTHUMB_MIXED are IMAGE_FILE_MACHINE_EBC are
> supported. But we do not support IMAGE_FILE_MACHINE_EBC.
> 
> So EDK2 would not be able load a 0x01c4 ARM binary.

Ok, so let's leave it at one target for now. If later on someone wants
to enable thumb only mode for example, they'll have to come up with a
way to identify it more smartly.

Alex