From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from rn-mailsvcp-ppex-lapp45.apple.com (rn-mailsvcp-ppex-lapp45.apple.com [17.179.253.49]) by mx.groups.io with SMTP id smtpd.web12.632.1617918520615989593 for ; Thu, 08 Apr 2021 14:48:40 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@apple.com header.s=20180706 header.b=H1PihEEj; spf=pass (domain: apple.com, ip: 17.179.253.49, mailfrom: afish@apple.com) Received: from pps.filterd (rn-mailsvcp-ppex-lapp45.rno.apple.com [127.0.0.1]) by rn-mailsvcp-ppex-lapp45.rno.apple.com (8.16.1.2/8.16.1.2) with SMTP id 138LWXQL019795; Thu, 8 Apr 2021 14:48:40 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=from : message-id : content-type : mime-version : subject : date : in-reply-to : cc : to : references; s=20180706; bh=QICyGkOSpEERhML0cD27tTCrsh29C0RVnKrgmwn6mEE=; b=H1PihEEjmtH64zOKl7oysrEyVRazEueZEG/k30xV5pPuMTFf5wxlB8oVXBa/wdTAJdg3 DiZZ3QPEQqzRDQTN7EAVpu/iVjKcRHxg/qyXl7A1oG3Oy3hpmy0E2d9NaSqqnGCV3FtZ 123RC5ylSCR/Bvgy8y7E9CFOTaJHxVGY4hE//yJnpbOkOp5UH6nf4V8CqjduDO/eeQIG D/q/CvS09ddVev9ZncCPXEGuNlXvuJFkjurUurWsuaoDf/PoP6nOh8a8LjYgntLdULvZ dUmez+vxnZftdW+yNjBbD+94midZxuKx09tPaQK2Oyh7NPxp/r5/oWTFiJbvasyg3C4K 5g== Received: from rn-mailsvcp-mta-lapp02.rno.apple.com (rn-mailsvcp-mta-lapp02.rno.apple.com [10.225.203.150]) by rn-mailsvcp-ppex-lapp45.rno.apple.com with ESMTP id 37rvcj8c7a-12 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 08 Apr 2021 14:48:40 -0700 Received: from rn-mailsvcp-mmp-lapp03.rno.apple.com (rn-mailsvcp-mmp-lapp03.rno.apple.com [17.179.253.16]) by rn-mailsvcp-mta-lapp02.rno.apple.com (Oracle Communications Messaging Server 8.1.0.7.20201203 64bit (built Dec 3 2020)) with ESMTPS id <0QR900DDQLX2FG00@rn-mailsvcp-mta-lapp02.rno.apple.com>; Thu, 08 Apr 2021 14:48:38 -0700 (PDT) Received: from process_milters-daemon.rn-mailsvcp-mmp-lapp03.rno.apple.com by rn-mailsvcp-mmp-lapp03.rno.apple.com (Oracle Communications Messaging Server 8.1.0.7.20201203 64bit (built Dec 3 2020)) id <0QR900800LL20O00@rn-mailsvcp-mmp-lapp03.rno.apple.com>; Thu, 08 Apr 2021 14:48:38 -0700 (PDT) X-Va-A: X-Va-T-CD: 9ad46be6e1c3c1a24e92ea4dad46d58d X-Va-E-CD: 6a647426990f4fc248f9d9721cb161d4 X-Va-R-CD: 0ee6c4a95a2e1248d03989c9ba42fe98 X-Va-CD: 0 X-Va-ID: 42397778-827b-4a20-b3aa-c8e9c54ce2a0 X-V-A: X-V-T-CD: 9ad46be6e1c3c1a24e92ea4dad46d58d X-V-E-CD: 6a647426990f4fc248f9d9721cb161d4 X-V-R-CD: 0ee6c4a95a2e1248d03989c9ba42fe98 X-V-CD: 0 X-V-ID: 3ae536a9-5ffa-4e14-9c7a-9f03ef1b9afe X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.761 definitions=2021-04-08_07:2021-04-08,2021-04-08 signatures=0 Received: from [17.235.40.135] (unknown [17.235.40.135]) by rn-mailsvcp-mmp-lapp03.rno.apple.com (Oracle Communications Messaging Server 8.1.0.7.20201203 64bit (built Dec 3 2020)) with ESMTPSA id <0QR900N2GLX0Y300@rn-mailsvcp-mmp-lapp03.rno.apple.com>; Thu, 08 Apr 2021 14:48:38 -0700 (PDT) From: "Andrew Fish" Message-id: <183C060C-A8E5-4C2F-9BC7-EA2D8F8DBE0B@apple.com> MIME-version: 1.0 (Mac OS X Mail 14.0 \(3654.20.0.2.1\)) Subject: Re: [edk2-devel] [GSoC proposal] Secure Image Loader Date: Thu, 08 Apr 2021 14:48:36 -0700 In-reply-to: <9f565a00-03de-4e54-b86f-5ff2851bb7a3@posteo.de> Cc: Laszlo Ersek , Nate DeSimone , Mike Kinney To: edk2-devel-groups-io , =?utf-8?Q?Marvin_H=C3=A4user?= References: <259a114d-7132-1774-d46a-8e8d9b4ff5e2@redhat.com> <8dcae34e-e975-9233-3738-62662201aae9@posteo.de> <00A00172-982E-4989-8AE3-EF390DB4E531@apple.com> <2e051761-c7ed-c6c6-e8e6-fb45ba3d0a2d@posteo.de> <2B908E95-EF9D-43DA-B31E-CD90C2D8C98D@apple.com> <9f565a00-03de-4e54-b86f-5ff2851bb7a3@posteo.de> X-Mailer: Apple Mail (2.3654.20.0.2.1) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391,18.0.761 definitions=2021-04-08_07:2021-04-08,2021-04-08 signatures=0 Content-type: multipart/alternative; boundary="Apple-Mail=_7A5BBF13-3E43-4964-A831-9880BB369124" --Apple-Mail=_7A5BBF13-3E43-4964-A831-9880BB369124 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Apr 8, 2021, at 2:07 PM, Marvin H=C3=A4user wrot= e: >=20 >=20 > 08.04.2021 19:39:16 Andrew Fish >: >=20 >>=20 >>=20 >>> On Apr 8, 2021, at 10:02 AM, Marvin H=C3=A4user w= rote: >>>=20 >>> On 08.04.21 18:44, Andrew Fish via groups.io wrote: >>>>=20 >>>>=20 >>>>> On Apr 8, 2021, at 9:06 AM, Marvin H=C3=A4user > wrote: >>>>>=20 >>>>> We use the loader code in userspace anyway for fuzzing and such. I a= lso want to build a database of all sorts of UEFI binaries some time before= the merge to confirm they are all accepted (Windows / macOS / Linux bootlo= aders, tools like memtest, drivers like iPXE). As part of that, I'm sure we= can have a userspace tool that uses the code to emit parsing information. >>>>>=20 >>>>> But as the EDK II build system is very... not so userspace friendly,= I will not promise it will be very nice. :) >>>>>=20 >>>>=20 >>>> Marvin, >>>>=20 >>>> The BaseTools can easily build C command line tools that are cross pl= atform? >>>>=20 >>>> Actually GenFw [1] already does a lot of PE/COFF magic, so it should = be relatively easy to add a -I, =E2=80=94info, and dump out an overview of = a PE/COFF image, and make comments on things that are not secure. It would = also probably be useful to dump out information about the Debug Directory e= ntries, His sections, etc. for general debug. >>>=20 >>> I did not look at the code much, but I do know that BaseTools duplicat= es the PE/COFF code from MdePkg. Whether it was changed or not I cannot tel= l. >>>=20 >>=20 >> GenFw does the ELF to PE/COFF conversion, zeroing out Debug Directory E= ntries etc. so it should be correct. It is not like the PE/COFF spec is a m= oving target. >=20 >=20 > PE is not a moving target, but EDK II is. The fact that even old and pro= ven code sometimes needs maintanance is evidental from the proposal and its= so far positive feedback. I'm not ready to duplicate code, I'd rather take= the utilities out of the current scope and discuss ways to consume MdePkg = libraries later. In fact, I want to reduce code duplication as a "free bene= fit" from the changes, especially image hashing. >=20 Marvin, I was thinking more about tooling to introspect PE/COFF images.=20 Trying to consolidate the BaseTools to use the common edk2 libraries would= be doable, but I agree that is a separate project. The inspection tool fea= ture could be a separate project too.=20 > I know it takes time, but I think it will be worth it. We have been debu= gging and fuzztesting our EDK II packages in userland for a while, and foun= d it to be a great help. I hope you will agree. :) >=20 Yea I=E2=80=99ve build emulators before that are just native OS C applicat= ions and they pull in the edk2 libs, not the BaseTools libs and it makes th= ings like fuzzing much easier. Have a project to have only one validated PE= /COFF lib seems very reasonable, I guess a lot of us are too trusting of ou= r build servers.=20 Thanks, Andrew Fish > Best regards, > Marvin >=20 >>=20 >> Thanks, >>=20 >> Andrew Fish >>=20 >>> Best regards, >>> Marvin >>>=20 >>>>=20 >>>> [1] https://github.com/tianocore/edk2/tree/master/BaseTools/Source/C/= GenFw >>>> /Volumes/Case/edk2-github(eng/PR-557-XcodeResourceSections)>. edksetu= p.sh >>>> Loading previous configuration from /Volumes/Case/edk2-github/Conf/Bu= ildEnv.sh >>>> WORKSPACE: /Volumes/Case/edk2-github >>>> EDK_TOOLS_PATH: /Volumes/Case/edk2-github/BaseTools >>>> CONF_PATH: /Volumes/Case/edk2-github/Conf >>>> /Volumes/Case/edk2-github(eng/PR-557-XcodeResourceSections)>GenFw -h >>>> GenFw Version 0.2 Developer Build based on Revision: Unknown >>>>=20 >>>> Usage: GenFw [options] >>>>=20 >>>> Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved. >>>>=20 >>>> Options: >>>> -o FileName, --outputfile FileName >>>> File will be created to store the output cont= ent. >>>> -e EFI_FILETYPE, --efiImage EFI_FILETYPE >>>> Create Efi Image. EFI_FILETYPE is one of BASE= ,SMM_CORE, >>>> PEI_CORE, PEIM, DXE_CORE, DXE_DRIVER, UEFI_AP= PLICATION, >>>> SEC, DXE_SAL_DRIVER, UEFI_DRIVER, DXE_RUNTIME= _DRIVER, >>>> DXE_SMM_DRIVER, SECURITY_CORE, COMBINED_PEIM_= DRIVER, >>>> MM_STANDALONE, MM_CORE_STANDALONE, >>>> PIC_PEIM, RELOCATABLE_PEIM, BS_DRIVER, RT_DRI= VER, >>>> APPLICATION, SAL_RT_DRIVER to support all mod= ule types >>>> It can only be used together with --keepexcep= tiontable, >>>> --keepzeropending, --keepoptionalheader, -r, = -o option. >>>> It is a action option. If it is combined with= other action options, >>>> the later input action option will override t= he previous one. >>>> -c, --acpi Create Acpi table. >>>> It can't be combined with other action option= s >>>> except for -o, -r option. It is a action opti= on. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -t, --terse Create Te Image. >>>> It can only be used together with --keepexcep= tiontable, >>>> --keepzeropending, --keepoptionalheader, -r, = -o option. >>>> It is a action option. If it is combined with= other action options, >>>> the later input action option will override t= he previous one. >>>> -u, --dump Dump TeImage Header. >>>> It can't be combined with other action option= s >>>> except for -o, -r option. It is a action opti= on. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -z, --zero Zero the Debug Data Fields in the PE input im= age file. >>>> It also zeros the time stamp fields. >>>> This option can be used to compare the binary= efi image. >>>> It can't be combined with other action option= s >>>> except for -o, -r option. It is a action opti= on. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -b, --exe2bin Convert the input EXE to the output BIN file. >>>> It can't be combined with other action option= s >>>> except for -o, -r option. It is a action opti= on. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -l, --stripped Strip off the relocation info from PE or TE i= mage. >>>> It can't be combined with other action option= s >>>> except for -o, -r option. It is a action opti= on. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -s timedate, --stamp timedate >>>> timedate format is "yyyy-mm-dd 00:00:00". if = timedata >>>> is set to NOW, current system time is used. T= he support >>>> date scope is 1970-01-01 00+timezone:00:00 >>>> ~ 2038-01-19 03+timezone:14:07 >>>> The scope is adjusted according to the differ= ent zones. >>>> It can't be combined with other action option= s >>>> except for -o, -r option. It is a action opti= on. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -m, --mcifile Convert input microcode txt file to microcode= bin file. >>>> It can't be combined with other action option= s >>>> except for -o option. It is a action option. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -j, --join Combine multi microcode bin files to one file= . >>>> It can be specified with -a, -p, -o option. >>>> No other options can be combined with it. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -a NUM, --align NUM NUM is one HEX or DEC format alignment value. >>>> This option is only used together with -j opt= ion. >>>> -p NUM, --pad NUM NUM is one HEX or DEC format padding value. >>>> This option is only used together with -j opt= ion. >>>> --keepexceptiontable Don't clear exception table. >>>> This option can be used together with -e or -= t. >>>> It doesn't work for other options. >>>> --keepoptionalheader Don't zero PE/COFF optional header fields. >>>> This option can be used together with -e or -= t. >>>> It doesn't work for other options. >>>> --keepzeropending Don't strip zero pending of .reloc. >>>> This option can be used together with -e or -= t. >>>> It doesn't work for other options. >>>> -r, --replace Overwrite the input file with the output cont= ent. >>>> If more input files are specified, >>>> the last input file will be as the output fil= e. >>>> -g HiiPackageListGuid, --hiiguid HiiPackageListGuid >>>> Guid is used to specify hii package list guid= . >>>> Its format is xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxx= xxxxx >>>> If not specified, the first Form FormSet guid= is used. >>>> --hiipackage Combine all input binary hii packages into >>>> a single package list as the text resource da= ta(RC). >>>> It can't be combined with other action option= s >>>> except for -o option. It is a action option. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> --hiibinpackage Combine all input binary hii packages into >>>> a single package list as the binary resource = section. >>>> It can't be combined with other action option= s >>>> except for -o option. It is a action option. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> --rc FlieName Append a Hii resource section to the >>>> last PE/COFF section. The FileName is the res= ource section to append >>>> If FileName does not exist this operation is = skipped. This feature is >>>> only intended for toolchains, like XCODE, tha= t don't suport $(RC). >>>> This option can only be combined with -e >>>> --rebase NewAddress Rebase image to new base address. New address >>>> is also set to the first none code section he= ader. >>>> It can't be combined with other action option= s >>>> except for -o or -r option. It is a action op= tion. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> --address NewAddress Set new address into the first none code >>>> section header of the input image. >>>> It can't be combined with other action option= s >>>> except for -o or -r option. It is a action op= tion. >>>> If it is combined with other action options, = the later >>>> input action option will override the previou= s one. >>>> -v, --verbose Turn on verbose output with informational mes= sages. >>>> -q, --quiet Disable all messages except key message and f= atal error >>>> -d, --debug level Enable debug messages, at input debug level. >>>> --version Show program's version number and exit >>>> -h, --help Show this help message and exit >>>>=20 >>>> Thanks, >>>>=20 >>>> Andrew Fish >>>>=20 >>>>> Best regards, >>>>> Marvin >>>>>=20 >>>>> On 08.04.21 16:13, Andrew (EFI) Fish wrote: >>>>>> At a minimum it would be nice if we had a tool that would point out= the security faults with a given PE/COFF file layout. >>>>>>=20 >>>>>>=20 >>>>>>=20 >>>>>>> =E2=80=A6 >>>>>=20 >>>>>=20 >>>>>=20 >>>>=20 >>>>=20 >>>=20 >=20 >=20 >=20 --Apple-Mail=_7A5BBF13-3E43-4964-A831-9880BB369124 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8

On Apr 8, 20= 21, at 2:07 PM, Marvin H=C3=A4user <mhaeuser@posteo.de> wrote:


08.04.2021 19:39:16 Andrew Fish <= afish@apple.com>:

<= br class=3D"">
On Apr 8,= 2021, at 10:02 AM, Marvin H=C3=A4user <mhaeuser@posteo.de> wrote:

On 08.04.21 18:44, Andrew Fish via groups.io wrote:


O= n Apr 8, 2021, at 9:06 AM, Marvin H=C3=A4user <mhaeuser@posteo.de <mailto:mhaeuser@posteo.de>> wrote:

We use the loader code in userspace anyway for fuzz= ing and such. I also want to build a database of all sorts of UEFI binaries= some time before the merge to confirm they are all accepted (Windows / mac= OS / Linux bootloaders, tools like memtest, drivers like iPXE). As part of = that, I'm sure we can have a userspace tool that uses the code to emit pars= ing information.

But as the EDK II build syste= m is very... not so userspace friendly, I will not promise it will be very = nice. :)


Marvin,
The BaseTools can easily build C command line t= ools that are cross platform?

Actually GenFw [= 1] already does a lot of PE/COFF magic, so it should be relatively easy to = add a -I, =E2=80=94info, and dump out an overview of a PE/COFF image, and m= ake comments on things that are not secure. It would also probably be usefu= l to dump out information about the Debug Directory entries, His sections, = etc. for general debug.

I did not= look at the code much, but I do know that BaseTools duplicates the PE/COFF= code from MdePkg. Whether it was changed or not I cannot tell.


GenFw does the ELF to PE/COFF= conversion, zeroing out Debug Directory Entries etc. so it should be corre= ct. It is not like the PE/COFF spec is a moving target.


PE is not a moving target, but EDK II is. The fact that e= ven old and proven code sometimes needs maintanance is evidental from the p= roposal and its so far positive feedback. I'm not ready to duplicate code, = I'd rather take the utilities out of the current scope and discuss ways to = consume MdePkg libraries later. In fact, I want to reduce code duplication = as a "free benefit" from the changes, especially image hashing.


Marvin,

I was thinking more about tooling to introspect PE/COFF i= mages. 

Trying to consolidate the = BaseTools to use the common edk2 libraries would be doable, but I agree tha= t is a separate project. The inspection tool feature could be a separate pr= oject too. 

<= div class=3D"">I know it takes time, but I think it will be worth it= . We have been debugging and fuzztesting our EDK II packages in userland fo= r a while, and found it to be a great help. I hope you will agree. :)


Yea I=E2=80=99ve b= uild emulators before that are just native OS C applications and they pull = in the edk2 libs, not the BaseTools libs and it makes things like fuzzing m= uch easier. Have a project to have only one validated PE/COFF lib seems ver= y reasonable, I guess a lot of us are too trusting of our build servers.&nb= sp;

Thanks,

Andrew Fish

Best regards,
Marvin


Thanks,=

Andrew Fish

Best regards,
Marvin


[= 1] https://github.com/tianocore/edk2/tree/master/BaseToo= ls/Source/C/GenFw <https://github.com/tianocore/e= dk2/tree/master/BaseTools/Source/C/GenFw>
/Volumes/Cas= e/edk2-github(eng/PR-557-XcodeResourceSections)>. edksetup.sh
Loading previous configuration from /Volumes/Case/edk2-github/Conf/B= uildEnv.sh
WORKSPACE: /Volumes/Case/edk2-github
EDK_TOOLS_PATH: /Volumes/Case/edk2-github/BaseTools
CONF_PAT= H: /Volumes/Case/edk2-github/Conf
/Volumes/Case/edk2-github(e= ng/PR-557-XcodeResourceSections)>GenFw -h
GenFw Version 0.= 2 Developer Build based on Revision: Unknown

U= sage: GenFw [options] <input_file>

Copyr= ight (c) 2007 - 2018, Intel Corporation. All rights reserved.

Options:
  -o FileName, --outputfile FileName
 = ;            &n= bsp;          File will be created to store the output = content.
  -e EFI_FILETYPE, --efiImage EFI_FILETYPE
  &nb= sp;            =          Create Efi Image. EFI_FILETYPE is one of BASE,SMM_C= ORE,
         &n= bsp;            = ;  PEI_CORE, PEIM, D= XE_CORE, DXE_DRIVER, UEFI_APPLICATION,
   &nbs= p;            &= nbsp;       SEC, DXE_SAL_DRIVER, UEFI_DRIVER, DXE_RUNTIME_DRIVER,
           = ;             DXE_SMM_DRIVER, SECURITY_C= ORE, COMBINED_PEIM_DRIVER,
     &nbs= p;            &= nbsp;     MM_STANDALONE, MM_CORE_STANDALONE,
   &nb= sp;            =         PIC_PEIM, RELOCATABLE_PEIM, BS_DRIVER, RT_DRIVER,
           &n= bsp;            APPLICATION, SAL_RT_DRIVER to= support all module types
      = ;            &n= bsp;     It can only be used together with --keepexceptiontable,
&= nbsp;           &nbs= p;           --keepzeropending, --keepoptionalh= eader, -r, -o option.
      &nb= sp;            =      = It is a action option. If it is combined with other action options,
           &n= bsp;            the later input action option= will override the previous one.
  -c, --acpi      =       Create Acpi table.
  = ;            &n= bsp;         It can't be combined with other action options<= br class=3D"">          &= nbsp;           &nbs= p; except for -o, -r opti= on. It is a action option.
     &nbs= p;            &= nbsp;     If it is combined with other action options, the later
&= nbsp;           &nbs= p;           input action option will override = the previous one.
  -t, --terse        &n= bsp;  Create Te Image.
     &nb= sp;            =       <= /span>It can only be used together with --keepexceptiontable,
            &n= bsp;           --keepzeropending, --keepoptionalh= eader, -r, -o option.
      &nb= sp;            =      = It is a action option. If it is combined with other action options,
           &n= bsp;            the later input action option= will override the previous one.
  -u, --dump      =       Dump TeImage Header.
 &nb= sp;            =           It can't be combined with other action option= s
          = ;            &n= bsp; except for -o, -r op= tion. It is a action option.
     &n= bsp;            = ;      = If it is combined with other action options, the later
            &n= bsp;           input action option will override = the previous one.
  -z, --zero        &nb= sp;   Zero the Debug Data Fields in the PE input image file.
           = ;             It also zeros the time sta= mp fields.
        &n= bsp;            = ;   This option= can be used to compare the binary efi image.
  &nb= sp;            =          It can't be combined with other action options
           = ;             except for -o, -r option. = It is a action option.
      &n= bsp;            = ;     If it is combined with other action options, the later
 = ;            &n= bsp;          input action option will override the pre= vious one.
  = -b, --exe2bin         Conver= t the input EXE to the output BIN file.
   &nb= sp;            =         It can't be combined with other action options
           &n= bsp;            except for -o, -r option. It = is a action option.
       = ;            &n= bsp;    If= it is combined with other action options, the later
 &n= bsp;            = ;          input action option will override the previo= us one.
  -l, --stripped        Strip off the = relocation info from PE or TE image.
    =             &nb= sp;       It can't be combined with other action options
            &n= bsp;           except for -o, -r option. It is a = action option.
       &nbs= p;            &= nbsp;   If it i= s combined with other action options, the later
  &= nbsp;           &nbs= p;         input action option will override the previous on= e.
  -= s timedate, --stamp timedate
     &n= bsp;            = ;      = timedate format is "yyyy-mm-dd 00:00:00". if timedata
=             &nb= sp;           is set to NOW, current system time= is used. The support
      &nb= sp;            =      = date scope is 1970-01-01 00+timezone:00:00
   =             &nb= sp;        ~ 2038-01-19 03+timezone:14:07
 &nb= sp;            =           The scope is adjusted according to the differ= ent zones.
        &n= bsp;            = ;   It can't be= combined with other action options
    &= nbsp;           &nbs= p;       except for -o, -r option. It is a action option.
            &= nbsp;           If it is combined with other actio= n options, the later
      &nbs= p;            &= nbsp;    i= nput action option will override the previous one.
  -m, --mcifile  &nb= sp;      Convert input microcode txt file to micro= code bin file.
       &nbs= p;            &= nbsp;   It can'= t be combined with other action options
   &nb= sp;            =         except for -o option. It is a action option.
            &= nbsp;           If it is combined with other actio= n options, the later
      &nbs= p;            &= nbsp;    i= nput action option will override the previous one.
  -j, --join   =          Combine multi microcode bi= n files to one file.
      &nbs= p;            &= nbsp;    I= t can be specified with -a, -p, -o option.
   =             &nb= sp;        No other options can be combined with it.
            &= nbsp;           If it is combined with other actio= n options, the later
      &nbs= p;            &= nbsp;    i= nput action option will override the previous one.
  -a NUM, --align NUM &nb= sp; NUM is one HEX or DEC format alignment value.
  = ;            &n= bsp;         This option is only used together with -j optio= n.
  -= p NUM, --pad NUM     NUM is one HEX or DEC format paddi= ng value.
        &nb= sp;            =    This option = is only used together with -j option.
  --keepexceptiontable  Don't clear ex= ception table.
       &nbs= p;            &= nbsp;   This op= tion can be used together with -e or -t.
   &n= bsp;            = ;        It doesn't work for other options.
 <= span class=3D"Apple-converted-space"> --keepoptionalheader = ; Don't zero PE/COFF optional header fields.
  &nbs= p;            &= nbsp;        This option can be used together with -e or -t.
           = ;             It doesn't work for other = options.
  --keepzeropending     Don't strip zero pending of = .reloc.
         = ;            &n= bsp;  This option ca= n be used together with -e or -t.
    &nb= sp;            =       &= nbsp;It doesn't work for other options.
  -r, --replace   &= nbsp;     Overwrite the input file with the output cont= ent.
         &n= bsp;            = ;  If more input fil= es are specified,
       &= nbsp;           &nbs= p;    the = last input file will be as the output file.
  -g HiiPackageListGuid, --hiiguid H= iiPackageListGuid
       &= nbsp;           &nbs= p;    Guid= is used to specify hii package list guid.
   =             &nb= sp;        Its format is xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
          &nbs= p;            <= span class=3D"Apple-converted-space"> If not specified, the fir= st Form FormSet guid is used.
  --hiipackage      &= nbsp;   Combine all input binary hii packages into
=             &nb= sp;           a single package list as the text = resource data(RC).
       =             &nb= sp;    It = can't be combined with other action options
   = ;            &n= bsp;        except for -o option. It is a action option.
           &n= bsp;            If it is combined with other = action options, the later
      = ;            &n= bsp;     input action option will override the previous one.
 = ; --hiibinpackage &n= bsp;     Combine all input binary hii packages into
          &nbs= p;            <= span class=3D"Apple-converted-space"> a single package list as = the binary resource section.
     &n= bsp;            = ;      = It can't be combined with other action options
 &= nbsp;           &nbs= p;          except for -o option. It is a action option= .
          = ;            &n= bsp; If it is combined wi= th other action options, the later
    &n= bsp;            = ;      =  input action option will override the previous one.
  --rc FlieNa= me         Append a Hii resource se= ction to the
        =             &nb= sp;   last PE/C= OFF section. The FileName is the resource section to append
&= nbsp;           &nbs= p;           If FileName does not exist this op= eration is skipped. This feature is
    &= nbsp;           &nbs= p;       only intended for toolchains, like XCODE, that don't suport $= (RC).
         &= nbsp;           &nbs= p;  This option can = only be combined with -e
  --rebase NewAddress   Rebase image to new ba= se address. New address
      &= nbsp;           &nbs= p;     is also set to the first none code section header.
 &n= bsp;            = ;          It can't be combined with other action optio= ns
         &nbs= p;            &= nbsp; except for -o or -r= option. It is a action option.
     = ;            &n= bsp;     &nb= sp;If it is combined with other action options, the later
           &n= bsp;            input action option will over= ride the previous one.
  --address NewAddress  Set new address into the firs= t none code
        &= nbsp;           &nbs= p;   section he= ader of the input image.
      =             &nb= sp;     It can't be combined with other action options
  = ;            &n= bsp;         except for -o or -r option. It is a action opti= on.
         &nb= sp;            =   If it is combined = with other action options, the later
    =             &nb= sp;       input action option will override the previous one.
  -v, --verbo= se         Turn on verbose output w= ith informational messages.
  -q, --quiet      &nbs= p;    Disable all messages except key message and fatal erro= r
  -d= , --debug level     Enable debug messages, at input deb= ug level.
  <= /span>--version          =    Show program's version number and exit
  -h, --help   = ;         Show this help message an= d exit

Thanks,

An= drew Fish

Best regards,
Marvin

On 08.04.2= 1 16:13, Andrew (EFI) Fish wrote:
At a minimum it would be nice if we had a tool that would point o= ut the security faults with a given PE/COFF file layout.



=E2=80=A6









--Apple-Mail=_7A5BBF13-3E43-4964-A831-9880BB369124--