efi_loader: set IMAGE_DLLCHARACTERISTICS_NX_COMPAT

The IMAGE_DLLCHARACTERISTICS_NX_COMPAT flag marks an EFI binary where
the following conditions are met [1]:

* Executable and writable sections are separated.
* The application does not run self-modifying code.
* The application uses the EFI_MEMORY_ATTRIBUTE_PROTOCOL when loading
  executable code.
* The application does not assume that all memory ranges are usable.
* The stack is not expected to be executable.

The only EFI binaries U-Boot provides that do not fulfill these
requirements are the EFI app and the EFI payload.

Once we have implemented separation of writable and executable memory in
U-Boot we can use the IMAGE_DLLCHARACTERISTICS_NX_COMPAT flag to decide
if we will load an EFI binary.

[1] New UEFI CA memory mitigation requirements for signing
    https://techcommunity.microsoft.com/t5/hardware-dev-center/new-uefi-ca-memory-mitigation-requirements-for-signing/ba-p/3608714

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>

diff --git a/arch/arm/lib/crt0_aarch64_efi.S b/arch/arm/lib/crt0_aarch64_efi.S
index 3c2cef6ec73cb56a918e859ac267df7376b190ea..fe6eca576ec3245db7da31f4c336be3daae0cdcf 100644 (file)
--- a/arch/arm/lib/crt0_aarch64_efi.S
+++ b/arch/arm/lib/crt0_aarch64_efi.S
@@ -66,7 +66,11 @@ extra_header_fields:
        .long   _start - ImageBase              /* SizeOfHeaders */
        .long   0                               /* CheckSum */
        .short  IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
+#if CONFIG_VENDOR_EFI
        .short  0                               /* DllCharacteristics */
+#else
+       .short  IMAGE_DLLCHARACTERISTICS_NX_COMPAT
+#endif
        .quad   0                               /* SizeOfStackReserve */
        .quad   0                               /* SizeOfStackCommit */
        .quad   0                               /* SizeOfHeapReserve */

diff --git a/arch/arm/lib/crt0_arm_efi.S b/arch/arm/lib/crt0_arm_efi.S
index 75ee37b7d31bc0ee3c218309eaf75967ce4a518d..d67ee0c8953a9070daa9778f740cfec6b1df3bdc 100644 (file)
--- a/arch/arm/lib/crt0_arm_efi.S
+++ b/arch/arm/lib/crt0_arm_efi.S
@@ -65,7 +65,11 @@ extra_header_fields:
        .long   _start - image_base             /* SizeOfHeaders */
        .long   0                               /* CheckSum */
        .short  IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
+#if CONFIG_VENDOR_EFI
        .short  0                               /* DllCharacteristics */
+#else
+       .short  IMAGE_DLLCHARACTERISTICS_NX_COMPAT
+#endif
        .long   0                               /* SizeOfStackReserve */
        .long   0                               /* SizeOfStackCommit */
        .long   0                               /* SizeOfHeapReserve */

diff --git a/arch/riscv/lib/crt0_riscv_efi.S b/arch/riscv/lib/crt0_riscv_efi.S
index 46b08552371cafdd6552afd589f32da194397cda..c7a4559eac8e997ac5e2ebd7b229c6f88ffc77ce 100644 (file)
--- a/arch/riscv/lib/crt0_riscv_efi.S
+++ b/arch/riscv/lib/crt0_riscv_efi.S
@@ -96,7 +96,11 @@ extra_header_fields:
        .long   _start - ImageBase              /* SizeOfHeaders */
        .long   0                               /* CheckSum */
        .short  IMAGE_SUBSYSTEM_EFI_APPLICATION /* Subsystem */
+#if CONFIG_VENDOR_EFI
        .short  0                               /* DllCharacteristics */
+#else
+       .short  IMAGE_DLLCHARACTERISTICS_NX_COMPAT
+#endif
 #if __riscv_xlen == 32
        .long   0                               /* SizeOfStackReserve */
        .long   0                               /* SizeOfStackCommit */

diff --git a/include/asm-generic/pe.h b/include/asm-generic/pe.h
index b9d674b6da4d7cb6f812832e427650b71b0a5e3a..cd5b6ad62bf0f9de8c660161c9248e4a4b53ed15 100644 (file)
--- a/include/asm-generic/pe.h
+++ b/include/asm-generic/pe.h
@@ -51,6 +51,9 @@
 #define IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER     12
 #define IMAGE_SUBSYSTEM_EFI_ROM                        13
 
+/* DLL characteristics */
+#define IMAGE_DLLCHARACTERISTICS_NX_COMPAT     0x100
+
 /* Section flags */
 #define IMAGE_SCN_CNT_CODE                     0x00000020
 #define IMAGE_SCN_CNT_INITIALIZED_DATA         0x00000040