From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
 by mx.groups.io with SMTP id smtpd.web10.8778.1675426276577629528
 for <devel@edk2.groups.io>;
 Fri, 03 Feb 2023 04:11:17 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=fj4jRBk5;
 spf=pass (domain: kernel.org, ip: 145.40.68.75, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ams.source.kernel.org (Postfix) with ESMTPS id E6FBDB82A8C;
	Fri,  3 Feb 2023 12:11:14 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7A79EC433D2;
	Fri,  3 Feb 2023 12:11:11 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1675426273;
	bh=yH1TarBFMct3l+rr+x9udtApDhXat3GBJIwPCD04pbo=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=fj4jRBk5hG5tRHX32Aw9vuHLPav6ZDRNX4GOGPVYRYKrydjGLDeNbMB6HFVjXGliI
	 RJLLGZM0lE8kJW3PuoUywwHME43PTrH/GvKvISyXxF3SLUNAPgZCEZB1J6iPBqzmHZ
	 USx+Aoni9pxkZftE6cGiJpQA6PVjl/4akxtlXTLyEXpFUVVJq6R/84RvVOkZjs5u8n
	 xYaDQUFN9nVXWQ5kS3mOxdAjJF8JfgDsTdyje8+FDTdtmaqbbQ46aCuLhsX8rLkALH
	 eKobK7zeqBrBDRZ6j2QkDN7aT77fTYwKqQdLf/Oe7gWmnUlZESRijdeGuzj6OMgPnJ
	 FbYsRAHUEjkeA==
From: "Ard Biesheuvel" <ardb@kernel.org>
To: devel@edk2.groups.io
Cc: Ard Biesheuvel <ardb@kernel.org>,
	Michael Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Michael Kubacki <michael.kubacki@microsoft.com>,
	Sean Brogan <sean.brogan@microsoft.com>,
	Rebecca Cran <quic_rcran@quicinc.com>,
	Leif Lindholm <quic_llindhol@quicinc.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Taylor Beebe <t@taylorbeebe.com>,
	=?UTF-8?q?Marvin=20H=C3=A4user?= <mhaeuser@posteo.de>
Subject: [RFC PATCH v2 5/7] MdePkg/BasePeCoffLib AARCH64: Implement fwd control flow guard detection
Date: Fri,  3 Feb 2023 13:10:27 +0100
Message-Id: <20230203121029.2451394-6-ardb@kernel.org>
X-Mailer: git-send-email 2.39.1
In-Reply-To: <20230203121029.2451394-1-ardb@kernel.org>
References: <20230203121029.2451394-1-ardb@kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

Add the check to infer from the instruction opcode at the image
entrypoint whether or not forward edge control flow guards were emitted
by the compiler at build time. Given that an image entry point is
invoked indirectly by construction, its entrypoint must have such a
guard instruction there if it implements support for forward edge
control flow enforcement such as IBT or BTI.

Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
---
 MdePkg/Library/BasePeCoffLib/AArch64/PeCoffLoaderEx.c | 103 ++++++++++++++=
++++++
 MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf        |   5 +-
 2 files changed, 107 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Library/BasePeCoffLib/AArch64/PeCoffLoaderEx.c b/MdePkg=
/Library/BasePeCoffLib/AArch64/PeCoffLoaderEx.c
new file mode 100644
index 000000000000..d25b11109dbc
--- /dev/null
+++ b/MdePkg/Library/BasePeCoffLib/AArch64/PeCoffLoaderEx.c
@@ -0,0 +1,103 @@
+/** @file=0D
+  AArch64 implementations of architecture/ISA Specific relocation handlers=
.=0D
+=0D
+  Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>=0D
+  Copyright (c) 2023, Google LLC. Corporation. All rights reserved.<BR>=0D
+  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
+=0D
+**/=0D
+=0D
+#include "BasePeCoffLibInternals.h"=0D
+=0D
+/**=0D
+  Performs an architecture/ISA specific relocation fixup.=0D
+=0D
+  @param  Reloc       The pointer to the relocation record.=0D
+  @param  Fixup       The pointer to the address to fix up.=0D
+  @param  FixupData   The pointer to a buffer to log the fixups.=0D
+  @param  Adjust      The offset to adjust the fixup.=0D
+=0D
+  @return Status code.=0D
+=0D
+**/=0D
+RETURN_STATUS=0D
+PeCoffLoaderRelocateImageEx (=0D
+  IN UINT16     *Reloc,=0D
+  IN OUT CHAR8  *Fixup,=0D
+  IN OUT CHAR8  **FixupData,=0D
+  IN UINT64     Adjust=0D
+  )=0D
+{=0D
+  return RETURN_UNSUPPORTED;=0D
+}=0D
+=0D
+/**=0D
+  Returns TRUE if the machine type of PE/COFF image is supported. Supporte=
d=0D
+  does not mean the image can be executed it means the PE/COFF loader supp=
orts=0D
+  loading and relocating of the image type. It's up to the caller to suppo=
rt=0D
+  the entry point.=0D
+=0D
+  @param  Machine   The machine type from the PE Header.=0D
+=0D
+  @return TRUE if this PE/COFF loader can load the image=0D
+=0D
+**/=0D
+BOOLEAN=0D
+PeCoffLoaderImageFormatSupported (=0D
+  IN  UINT16  Machine=0D
+  )=0D
+{=0D
+  if ((Machine =3D=3D IMAGE_FILE_MACHINE_I386) || (Machine =3D=3D IMAGE_FI=
LE_MACHINE_X64) ||=0D
+      (Machine =3D=3D IMAGE_FILE_MACHINE_EBC) || (Machine =3D=3D IMAGE_FIL=
E_MACHINE_ARM64))=0D
+  {=0D
+    return TRUE;=0D
+  }=0D
+=0D
+  return FALSE;=0D
+}=0D
+=0D
+/**=0D
+  Performs an architecture/ISA specific re-relocation fixup. This is used =
to=0D
+  re-relocate the image into the EFI virtual space for runtime calls.=0D
+=0D
+  @param  Reloc       The pointer to the relocation record.=0D
+  @param  Fixup       The pointer to the address to fix up.=0D
+  @param  FixupData   The pointer to a buffer to log the fixups.=0D
+  @param  Adjust      The offset to adjust the fixup.=0D
+=0D
+  @return Status code.=0D
+=0D
+**/=0D
+RETURN_STATUS=0D
+PeHotRelocateImageEx (=0D
+  IN UINT16     *Reloc,=0D
+  IN OUT CHAR8  *Fixup,=0D
+  IN OUT CHAR8  **FixupData,=0D
+  IN UINT64     Adjust=0D
+  )=0D
+{=0D
+  return RETURN_UNSUPPORTED;=0D
+}=0D
+=0D
+/**=0D
+  Returns whether the image implements forward control flow guards.=0D
+=0D
+  @param  ImageContext      The context of the image being loaded.=0D
+=0D
+  @return TRUE if the image implements forward control flow guards=0D
+=0D
+**/=0D
+BOOLEAN=0D
+PeCoffLoaderCheckForwardControlFlowGuards (=0D
+  IN  CONST PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext=0D
+  )=0D
+{=0D
+  CONST UINT32  *Opcode;=0D
+=0D
+  Opcode =3D (UINT32 *)(UINTN)ImageContext->EntryPoint;=0D
+=0D
+  //=0D
+  // Check whether the opcode is BTI C or BTI CJ=0D
+  //=0D
+  return ((*Opcode & 0xffffff7f) =3D=3D 0xd503245f);=0D
+}=0D
diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf b/MdePkg/Librar=
y/BasePeCoffLib/BasePeCoffLib.inf
index 3b8b8eb1917d..8b720bd6e006 100644
--- a/MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
+++ b/MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
@@ -39,12 +39,15 @@ [Sources]
   BasePeCoffLibInternals.h=0D
   BasePeCoff.c=0D
 =0D
-[Sources.IA32, Sources.X64, Sources.EBC, Sources.AARCH64]=0D
+[Sources.IA32, Sources.X64, Sources.EBC]=0D
   PeCoffLoaderEx.c=0D
 =0D
 [Sources.ARM]=0D
   Arm/PeCoffLoaderEx.c=0D
 =0D
+[Sources.AARCH64]=0D
+  AArch64/PeCoffLoaderEx.c=0D
+=0D
 [Sources.RISCV64]=0D
   RiscV/PeCoffLoaderEx.c=0D
 =0D
--=20
2.39.1