From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-wr1-f68.google.com (mail-wr1-f68.google.com [209.85.221.68])
 by mx.groups.io with SMTP id smtpd.web09.7441.1582823455158431733
 for <devel@edk2.groups.io>;
 Thu, 27 Feb 2020 09:10:55 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@linaro.org header.s=google header.b=Y9NgK4S5;
 spf=pass (domain: linaro.org, ip: 209.85.221.68, mailfrom: ard.biesheuvel@linaro.org)
Received: by mail-wr1-f68.google.com with SMTP id x7so1887726wrr.0
        for <devel@edk2.groups.io>; Thu, 27 Feb 2020 09:10:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linaro.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=XU3L7HaJuDVvbW55A17ysiCH9VjUM8jLeF6EUJxy9NQ=;
        b=Y9NgK4S5eYLYJs8ZGaZfvB15lVC4PGTHWqN6SMeSVor5C5ID33+A/1hryd3hZ7eEzf
         hyJ2hKrRoK6XkKI8jB9Xuj6PwJS96ShW8BPAd15GAlvoHekSmbk6AgCNfWzA8/tTzWOA
         6Hl6i0ulcsoS0dJsgeKWin9EtTXgg2+ca/OoCfYCzvUFtM0VU+59Z2Gt8RNFoiAj00nW
         +asBWrIv0EPfF8kRYezTyfJWOleuhCmZC+YmHtYEz502Blg1+3dagvRT7JI5xYixcVUs
         doHQ9rKLdWBSglmsJMgJgLrHD7IDa54cljGa973EGXVdxXTiDkN7wlsdUJ5LM3qiiWzS
         BG4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=XU3L7HaJuDVvbW55A17ysiCH9VjUM8jLeF6EUJxy9NQ=;
        b=i0G5SJ0C2IVBwzZt02ixnvVyNRgBe7c535EJxjMFtfr7VwRj/KwMgNSiwv7/k+Ia8K
         S7ZbE6OM4zP+6v90hRbaQwBNfkbWsJUMI17AFKF3Ti3AUBOg1TqJbKc1kuaUdrtYUpk7
         ZB8z5n/bz89am/DQf5MO+hEayuA9xLIIyLH0bmB048zxmWkE0sje1KXCMCCDBc6ieLKu
         LeeXFUFhnRs/V5CKaKPwB8L5QSAjOWECcuybqxPKz2a0CYnYhxZGmoNDC/oG6VgUpOOJ
         ezftRY6kzXPkyWIRrfRJLNhI2ZMmQGDSxlnPC7x/a+pRDTkBeG2WVO25AHp2OuiBHbPa
         Fe4g==
X-Gm-Message-State: APjAAAUHgAjaOuttVMvpEnKY/dgqoxsM5jBLsOYZoVRyu3Pkj5flwgZ9
	ibaJQqoHIkgFJ/QidAmgCw0dmklToob9fvSoHklnNs0B
X-Google-Smtp-Source: APXvYqzDXFOCcxldqSiHe2lUVyUjjW9+6oBjcXXPgFlq7l0NuPHkU3ogajapBpW83vJ47JXx+zw+4yvZWTCQx0FCLi0=
X-Received: by 2002:a05:6000:110b:: with SMTP id z11mr5965885wrw.252.1582823453240;
 Thu, 27 Feb 2020 09:10:53 -0800 (PST)
MIME-Version: 1.0
References: <20200226194343.2985-1-ard.biesheuvel@linaro.org> <20200226194343.2985-6-ard.biesheuvel@linaro.org>
In-Reply-To: <20200226194343.2985-6-ard.biesheuvel@linaro.org>
From: "Ard Biesheuvel" <ard.biesheuvel@linaro.org>
Date: Thu, 27 Feb 2020 18:10:42 +0100
Message-ID: <CAKv+Gu8UYxLi_0gBUFszV3BXF=99g9X_3kspAr+-acFLUz8zPA@mail.gmail.com>
Subject: Re: [PATCH v3 5/6] MdeModulePkg/DxeCore: defer PE/COFF emulator registration to StartImage
To: edk2-devel-groups-io <devel@edk2.groups.io>, "Wu, Hao A" <hao.a.wu@intel.com>, 
	Jian J Wang <jian.j.wang@intel.com>, Zhichao Gao <zhichao.gao@intel.com>, 
	"Ni, Ray" <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>, Leif Lindholm <leif@nuviainc.com>, 
	"Kinney, Michael D" <michael.d.kinney@intel.com>
Content-Type: text/plain; charset="UTF-8"

On Wed, 26 Feb 2020 at 20:43, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>
> EDK2's implementation of the LoadImage() boot service permits non-native
> binaries to be loaded (i.e., X64 images on IA32 firmware), but any
> attempts to start such an image using StartImage() will return
> EFI_UNSUPPORTED.
>
> The integration of the PE/COFF emulator protocol into the DXE core
> deviates slightly from this paradigm, given that its IsImageSupported
> hook as well as its RegisterImage hook are invoked from LoadImage,
> and by the time StartImage is called, no opportunity is given to the
> provider of the PE/COFF emulator protocol to prevent an image from
> being started if it only supports loading it.
>
> To address this disparity, let's move the invocation of RegisterImage()
> to the implementation of the StartImage() boot service, allowing the
> emulator to permit LoadImage() but reject StartImage() on images that
> turn out not to meet the requirements of the emulator as it is being
> started.
>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

@MdeModulePkg maintainers: do you have any comments on this patch?


> ---
>  MdeModulePkg/Core/Dxe/Image/Image.c | 24 +++++++++++---------
>  1 file changed, 13 insertions(+), 11 deletions(-)
>
> diff --git a/MdeModulePkg/Core/Dxe/Image/Image.c b/MdeModulePkg/Core/Dxe/Image/Image.c
> index 22a87ecf6d7c..d86da89ee704 100644
> --- a/MdeModulePkg/Core/Dxe/Image/Image.c
> +++ b/MdeModulePkg/Core/Dxe/Image/Image.c
> @@ -756,17 +756,6 @@ CoreLoadPeImage (
>    // Get the image entry point.
>    //
>    Image->EntryPoint   = (EFI_IMAGE_ENTRY_POINT)(UINTN)Image->ImageContext.EntryPoint;
> -  if (Image->PeCoffEmu != NULL) {
> -    Status = Image->PeCoffEmu->RegisterImage (Image->PeCoffEmu,
> -                                 Image->ImageBasePage,
> -                                 EFI_PAGES_TO_SIZE (Image->NumberOfPages),
> -                                 &Image->EntryPoint);
> -    if (EFI_ERROR (Status)) {
> -      DEBUG ((DEBUG_LOAD | DEBUG_ERROR,
> -        "CoreLoadPeImage: Failed to register foreign image with emulator.\n"));
> -      goto Done;
> -    }
> -  }
>
>    //
>    // Fill in the image information for the Loaded Image Protocol
> @@ -1603,6 +1592,19 @@ CoreStartImage (
>      return EFI_UNSUPPORTED;
>    }
>
> +  if (Image->PeCoffEmu != NULL) {
> +    Status = Image->PeCoffEmu->RegisterImage (Image->PeCoffEmu,
> +                                 Image->ImageBasePage,
> +                                 EFI_PAGES_TO_SIZE (Image->NumberOfPages),
> +                                 &Image->EntryPoint);
> +    if (EFI_ERROR (Status)) {
> +      DEBUG ((DEBUG_LOAD | DEBUG_ERROR,
> +        "CoreLoadPeImage: Failed to register foreign image with emulator - %r\n",
> +          Status));
> +      return Status;
> +    }
> +  }
> +
>    PERF_START_IMAGE_BEGIN (Handle);
>
>
> --
> 2.17.1
>