* [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack
@ 2018-09-07 5:41 Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 1/3] MdeModulePkg: remove PE/COFF header workaround for ELILO on IPF Ard Biesheuvel
` (3 more replies)
0 siblings, 4 replies; 9+ messages in thread
From: Ard Biesheuvel @ 2018-09-07 5:41 UTC (permalink / raw)
To: edk2-devel
Cc: Ard Biesheuvel, Star Zeng, Jian J Wang, Michael D Kinney,
Liming Gao, Chao Zhang, Jiewen Yao, Laszlo Ersek, Leif Lindholm
Now that Itanium support has been dropped from EDK2, we can remove most
occurrences of the ELILO PE/COFF loader hack from the code base.
Note that SecurityPkg appears to have four mostly identical implementations
of the PE/COFF measuring routine, so this may be another area for cleanup
later.
Changes since v1:
- fix copy/paste error in patch #3 which went unnoticed due to the fact that
SecurityPkg.dsc does not cover the module in question for AARCH64
- drop EdkCompatibilityPkg patch, it is likely to go away soon anyway
- add Reviewed-by tags
Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
Cc: Star Zeng <star.zeng@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Ard Biesheuvel (3):
MdeModulePkg: remove PE/COFF header workaround for ELILO on IPF
MdePkg/BasePeCoffLib: remove PE/COFF header workaround for ELILO on
IPF
SecurityPkg: remove PE/COFF header workaround for ELILO on IPF
.../Core/Dxe/Mem/MemoryProfileRecord.c | 31 +---------
MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 17 +-----
MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 17 +-----
.../Core/PiSmmCore/MemoryAttributesTable.c | 17 +-----
.../Core/PiSmmCore/SmramProfileRecord.c | 31 +---------
MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 61 +++----------------
.../DxeImageVerificationLib.c | 47 +++-----------
.../DxeTpmMeasureBootLib.c | 27 ++------
SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c | 27 ++------
.../SecureBootConfigImpl.c | 25 ++------
10 files changed, 39 insertions(+), 261 deletions(-)
--
2.17.1
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH v2 1/3] MdeModulePkg: remove PE/COFF header workaround for ELILO on IPF
2018-09-07 5:41 [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack Ard Biesheuvel
@ 2018-09-07 5:42 ` Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 2/3] MdePkg/BasePeCoffLib: " Ard Biesheuvel
` (2 subsequent siblings)
3 siblings, 0 replies; 9+ messages in thread
From: Ard Biesheuvel @ 2018-09-07 5:42 UTC (permalink / raw)
To: edk2-devel
Cc: Ard Biesheuvel, Star Zeng, Jian J Wang, Michael D Kinney,
Liming Gao, Chao Zhang, Jiewen Yao, Laszlo Ersek, Leif Lindholm
Now that Itanium support has been dropped, we can remove the various
occurrences of the ELILO on Itanium PE/COFF header workaround.
Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
---
MdeModulePkg/Core/Dxe/Mem/MemoryProfileRecord.c | 31 +-------------------
MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 17 +----------
MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 17 +----------
MdeModulePkg/Core/PiSmmCore/MemoryAttributesTable.c | 17 +----------
MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c | 31 +-------------------
5 files changed, 5 insertions(+), 108 deletions(-)
diff --git a/MdeModulePkg/Core/Dxe/Mem/MemoryProfileRecord.c b/MdeModulePkg/Core/Dxe/Mem/MemoryProfileRecord.c
index 83ed43a16e95..ff1940431c2f 100644
--- a/MdeModulePkg/Core/Dxe/Mem/MemoryProfileRecord.c
+++ b/MdeModulePkg/Core/Dxe/Mem/MemoryProfileRecord.c
@@ -254,35 +254,6 @@ GetMemoryProfileContext (
return mMemoryProfileContextPtr;
}
-/**
- Retrieves the magic value from the PE/COFF header.
-
- @param Hdr The buffer in which to return the PE32, PE32+, or TE header.
-
- @return EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC - Image is PE32
- @return EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC - Image is PE32+
-
-**/
-UINT16
-InternalPeCoffGetPeHeaderMagicValue (
- IN EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr
- )
-{
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the returned value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- return EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- }
- //
- // Return the magic value from the PC/COFF Optional Header
- //
- return Hdr.Pe32->OptionalHeader.Magic;
-}
-
/**
Retrieves and returns the Subsystem of a PE/COFF image that has been loaded into system memory.
If Pe32Data is NULL, then ASSERT().
@@ -319,7 +290,7 @@ InternalPeCoffGetSubsystem (
if (Hdr.Te->Signature == EFI_TE_IMAGE_HEADER_SIGNATURE) {
return Hdr.Te->Subsystem;
} else if (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE) {
- Magic = InternalPeCoffGetPeHeaderMagicValue (Hdr);
+ Magic = Hdr.Pe32->OptionalHeader.Magic;
if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
return Hdr.Pe32->OptionalHeader.Subsystem;
} else if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
index 4cd219c88efc..fa8f8fe91ac7 100644
--- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
+++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c
@@ -406,7 +406,6 @@ ProtectUefiImage (
IMAGE_PROPERTIES_RECORD *ImageRecord;
CHAR8 *PdbPointer;
IMAGE_PROPERTIES_RECORD_CODE_SECTION *ImageRecordCodeSection;
- UINT16 Magic;
BOOLEAN IsAligned;
UINT32 ProtectionPolicy;
@@ -466,21 +465,7 @@ ProtectUefiImage (
//
// Get SectionAlignment
//
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = Hdr.Pe32->OptionalHeader.Magic;
- }
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
SectionAlignment = Hdr.Pe32->OptionalHeader.SectionAlignment;
} else {
SectionAlignment = Hdr.Pe32Plus->OptionalHeader.SectionAlignment;
diff --git a/MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c b/MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c
index a96d442fbc64..05eb4f422b2f 100644
--- a/MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c
+++ b/MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c
@@ -1076,7 +1076,6 @@ InsertImageRecord (
IMAGE_PROPERTIES_RECORD *ImageRecord;
CHAR8 *PdbPointer;
IMAGE_PROPERTIES_RECORD_CODE_SECTION *ImageRecordCodeSection;
- UINT16 Magic;
DEBUG ((EFI_D_VERBOSE, "InsertImageRecord - 0x%x\n", RuntimeImage));
DEBUG ((EFI_D_VERBOSE, "InsertImageRecord - 0x%016lx - 0x%016lx\n", (EFI_PHYSICAL_ADDRESS)(UINTN)RuntimeImage->ImageBase, RuntimeImage->ImageSize));
@@ -1126,21 +1125,7 @@ InsertImageRecord (
//
// Get SectionAlignment
//
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = Hdr.Pe32->OptionalHeader.Magic;
- }
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
SectionAlignment = Hdr.Pe32->OptionalHeader.SectionAlignment;
} else {
SectionAlignment = Hdr.Pe32Plus->OptionalHeader.SectionAlignment;
diff --git a/MdeModulePkg/Core/PiSmmCore/MemoryAttributesTable.c b/MdeModulePkg/Core/PiSmmCore/MemoryAttributesTable.c
index 1682d0f9e404..157beb1e67ff 100644
--- a/MdeModulePkg/Core/PiSmmCore/MemoryAttributesTable.c
+++ b/MdeModulePkg/Core/PiSmmCore/MemoryAttributesTable.c
@@ -1032,7 +1032,6 @@ SmmInsertImageRecord (
IMAGE_PROPERTIES_RECORD *ImageRecord;
CHAR8 *PdbPointer;
IMAGE_PROPERTIES_RECORD_CODE_SECTION *ImageRecordCodeSection;
- UINT16 Magic;
DEBUG ((DEBUG_VERBOSE, "SMM InsertImageRecord - 0x%x\n", DriverEntry));
DEBUG ((DEBUG_VERBOSE, "SMM InsertImageRecord - 0x%016lx - 0x%08x\n", DriverEntry->ImageBuffer, DriverEntry->NumberOfPage));
@@ -1076,21 +1075,7 @@ SmmInsertImageRecord (
//
// Get SectionAlignment
//
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = Hdr.Pe32->OptionalHeader.Magic;
- }
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
SectionAlignment = Hdr.Pe32->OptionalHeader.SectionAlignment;
} else {
SectionAlignment = Hdr.Pe32Plus->OptionalHeader.SectionAlignment;
diff --git a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
index b586afa7948e..e8d60c2d2357 100644
--- a/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
+++ b/MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
@@ -255,35 +255,6 @@ GetSmramProfileContext (
return mSmramProfileContextPtr;
}
-/**
- Retrieves the magic value from the PE/COFF header.
-
- @param Hdr The buffer in which to return the PE32, PE32+, or TE header.
-
- @return EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC - Image is PE32
- @return EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC - Image is PE32+
-
-**/
-UINT16
-InternalPeCoffGetPeHeaderMagicValue (
- IN EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr
- )
-{
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the returned value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- return EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- }
- //
- // Return the magic value from the PC/COFF Optional Header
- //
- return Hdr.Pe32->OptionalHeader.Magic;
-}
-
/**
Retrieves and returns the Subsystem of a PE/COFF image that has been loaded into system memory.
If Pe32Data is NULL, then ASSERT().
@@ -320,7 +291,7 @@ InternalPeCoffGetSubsystem (
if (Hdr.Te->Signature == EFI_TE_IMAGE_HEADER_SIGNATURE) {
return Hdr.Te->Subsystem;
} else if (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE) {
- Magic = InternalPeCoffGetPeHeaderMagicValue (Hdr);
+ Magic = Hdr.Pe32->OptionalHeader.Magic;
if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
return Hdr.Pe32->OptionalHeader.Subsystem;
} else if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v2 2/3] MdePkg/BasePeCoffLib: remove PE/COFF header workaround for ELILO on IPF
2018-09-07 5:41 [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 1/3] MdeModulePkg: remove PE/COFF header workaround for ELILO on IPF Ard Biesheuvel
@ 2018-09-07 5:42 ` Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 3/3] SecurityPkg: " Ard Biesheuvel
2018-09-24 14:58 ` [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack Ard Biesheuvel
3 siblings, 0 replies; 9+ messages in thread
From: Ard Biesheuvel @ 2018-09-07 5:42 UTC (permalink / raw)
To: edk2-devel
Cc: Ard Biesheuvel, Star Zeng, Jian J Wang, Michael D Kinney,
Liming Gao, Chao Zhang, Jiewen Yao, Laszlo Ersek, Leif Lindholm
Now that Itanium support has been dropped, we can remove the various
occurrences of the ELILO on Itanium PE/COFF header workaround.
Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
---
MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 61 +++-----------------
1 file changed, 9 insertions(+), 52 deletions(-)
diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
index 32eca0ad2ef4..c57816a80887 100644
--- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
+++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
@@ -46,36 +46,6 @@ PeCoffLoaderAdjustOffsetForTeImage (
SectionHeader->PointerToRawData -= TeStrippedOffset;
}
-/**
- Retrieves the magic value from the PE/COFF header.
-
- @param Hdr The buffer in which to return the PE32, PE32+, or TE header.
-
- @return EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC - Image is PE32
- @return EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC - Image is PE32+
-
-**/
-UINT16
-PeCoffLoaderGetPeHeaderMagicValue (
- IN EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr
- )
-{
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the returned value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- return EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- }
- //
- // Return the magic value from the PC/COFF Optional Header
- //
- return Hdr.Pe32->OptionalHeader.Magic;
-}
-
-
/**
Retrieves the PE or TE Header from a PE/COFF or TE image.
@@ -101,7 +71,6 @@ PeCoffLoaderGetPeHeader (
EFI_IMAGE_DOS_HEADER DosHdr;
UINTN Size;
UINTN ReadSize;
- UINT16 Magic;
UINT32 SectionHeaderOffset;
UINT32 Index;
UINT32 HeaderWithoutDataDir;
@@ -222,9 +191,7 @@ PeCoffLoaderGetPeHeader (
ImageContext->IsTeImage = FALSE;
ImageContext->Machine = Hdr.Pe32->FileHeader.Machine;
- Magic = PeCoffLoaderGetPeHeaderMagicValue (Hdr);
-
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// 1. Check OptionalHeader.NumberOfRvaAndSizes filed.
//
@@ -339,7 +306,7 @@ PeCoffLoaderGetPeHeader (
ImageContext->SectionAlignment = Hdr.Pe32->OptionalHeader.SectionAlignment;
ImageContext->SizeOfHeaders = Hdr.Pe32->OptionalHeader.SizeOfHeaders;
- } else if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
+ } else if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
//
// 1. Check FileHeader.NumberOfRvaAndSizes filed.
//
@@ -605,7 +572,6 @@ PeCoffLoaderGetImageInfo (
EFI_IMAGE_SECTION_HEADER SectionHeader;
EFI_IMAGE_DEBUG_DIRECTORY_ENTRY DebugEntry;
UINT32 NumberOfRvaAndSizes;
- UINT16 Magic;
UINT32 TeStrippedOffset;
if (ImageContext == NULL) {
@@ -622,14 +588,12 @@ PeCoffLoaderGetImageInfo (
return Status;
}
- Magic = PeCoffLoaderGetPeHeaderMagicValue (Hdr);
-
//
// Retrieve the base address of the image
//
if (!(ImageContext->IsTeImage)) {
TeStrippedOffset = 0;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -678,7 +642,7 @@ PeCoffLoaderGetImageInfo (
}
if (!(ImageContext->IsTeImage)) {
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -952,7 +916,6 @@ PeCoffLoaderRelocateImage (
CHAR8 *FixupData;
PHYSICAL_ADDRESS BaseAddress;
UINT32 NumberOfRvaAndSizes;
- UINT16 Magic;
UINT32 TeStrippedOffset;
ASSERT (ImageContext != NULL);
@@ -985,9 +948,8 @@ PeCoffLoaderRelocateImage (
if (!(ImageContext->IsTeImage)) {
Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINTN)ImageContext->ImageAddress + ImageContext->PeCoffHeaderOffset);
TeStrippedOffset = 0;
- Magic = PeCoffLoaderGetPeHeaderMagicValue (Hdr);
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -1230,7 +1192,6 @@ PeCoffLoaderLoadImage (
UINTN Size;
UINT32 TempDebugEntryRva;
UINT32 NumberOfRvaAndSizes;
- UINT16 Magic;
EFI_IMAGE_RESOURCE_DIRECTORY *ResourceDirectory;
EFI_IMAGE_RESOURCE_DIRECTORY_ENTRY *ResourceDirectoryEntry;
EFI_IMAGE_RESOURCE_DIRECTORY_STRING *ResourceDirectoryString;
@@ -1404,12 +1365,11 @@ PeCoffLoaderLoadImage (
//
// Get image's entry point
//
- Magic = PeCoffLoaderGetPeHeaderMagicValue (Hdr);
if (!(ImageContext->IsTeImage)) {
//
// Sizes of AddressOfEntryPoint are different so we need to do this safely
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -1444,7 +1404,7 @@ PeCoffLoaderLoadImage (
// the optional header to verify a desired directory entry is there.
//
if (!(ImageContext->IsTeImage)) {
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -1565,7 +1525,7 @@ PeCoffLoaderLoadImage (
//
ImageContext->HiiResourceData = 0;
if (!(ImageContext->IsTeImage)) {
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -1721,7 +1681,6 @@ PeCoffLoaderRelocateImageForRuntime (
CHAR8 *FixupData;
UINTN Adjust;
RETURN_STATUS Status;
- UINT16 Magic;
OldBase = (CHAR8 *)((UINTN)ImageBase);
NewBase = (CHAR8 *)((UINTN)VirtImageBase);
@@ -1750,9 +1709,7 @@ PeCoffLoaderRelocateImageForRuntime (
return ;
}
- Magic = PeCoffLoaderGetPeHeaderMagicValue (Hdr);
-
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH v2 3/3] SecurityPkg: remove PE/COFF header workaround for ELILO on IPF
2018-09-07 5:41 [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 1/3] MdeModulePkg: remove PE/COFF header workaround for ELILO on IPF Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 2/3] MdePkg/BasePeCoffLib: " Ard Biesheuvel
@ 2018-09-07 5:42 ` Ard Biesheuvel
2018-09-07 8:28 ` Laszlo Ersek
2018-09-24 14:58 ` [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack Ard Biesheuvel
3 siblings, 1 reply; 9+ messages in thread
From: Ard Biesheuvel @ 2018-09-07 5:42 UTC (permalink / raw)
To: edk2-devel
Cc: Ard Biesheuvel, Star Zeng, Jian J Wang, Michael D Kinney,
Liming Gao, Chao Zhang, Jiewen Yao, Laszlo Ersek, Leif Lindholm
Now that Itanium support has been dropped, we can remove the various
occurrences of the ELILO on Itanium PE/COFF header workaround.
Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
---
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 47 ++++----------------
SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c | 27 +++--------
SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c | 27 +++--------
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 25 +++--------
4 files changed, 25 insertions(+), 101 deletions(-)
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 0f795c0af125..66d96a9396b9 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -295,7 +295,6 @@ HashPeImage (
)
{
BOOLEAN Status;
- UINT16 Magic;
EFI_IMAGE_SECTION_HEADER *Section;
VOID *HashCtx;
UINTN CtxSize;
@@ -367,33 +366,19 @@ HashPeImage (
// Measuring PE/COFF Image Header;
// But CheckSum field and SECURITY data directory (certificate) are excluded
//
- if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = mNtHeader.Pe32->OptionalHeader.Magic;
- }
//
// 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
//
HashBase = mImageBase;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
HashSize = (UINTN) (&mNtHeader.Pe32->OptionalHeader.CheckSum) - (UINTN) HashBase;
NumberOfRvaAndSizes = mNtHeader.Pe32->OptionalHeader.NumberOfRvaAndSizes;
- } else if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
+ } else if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
//
// Use PE32+ offset.
//
@@ -420,7 +405,7 @@ HashPeImage (
// 6. Since there is no Cert Directory in optional header, hash everything
// from the end of the checksum to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -444,7 +429,7 @@ HashPeImage (
//
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -469,7 +454,7 @@ HashPeImage (
// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
// 9. Hash everything from the end of the Cert Directory to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -494,7 +479,7 @@ HashPeImage (
//
// 10. Set the SUM_OF_BYTES_HASHED to the size of the header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -577,7 +562,7 @@ HashPeImage (
if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
CertSize = 0;
} else {
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -1583,7 +1568,6 @@ DxeImageVerificationHandler (
)
{
EFI_STATUS Status;
- UINT16 Magic;
EFI_IMAGE_DOS_HEADER *DosHdr;
EFI_STATUS VerifyStatus;
EFI_SIGNATURE_LIST *SignatureList;
@@ -1723,22 +1707,7 @@ DxeImageVerificationHandler (
goto Done;
}
- if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = mNtHeader.Pe32->OptionalHeader.Magic;
- }
-
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
index c54ab62e2745..4e4a90f9da62 100644
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
@@ -320,7 +320,6 @@ TcgMeasurePeImage (
EFI_IMAGE_SECTION_HEADER *SectionHeader;
UINTN Index;
UINTN Pos;
- UINT16 Magic;
UINT32 EventSize;
UINT32 EventNumber;
EFI_PHYSICAL_ADDRESS EventLogLastEntry;
@@ -418,27 +417,13 @@ TcgMeasurePeImage (
// Measuring PE/COFF Image Header;
// But CheckSum field and SECURITY data directory (certificate) are excluded
//
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = Hdr.Pe32->OptionalHeader.Magic;
- }
//
// 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
//
HashBase = (UINT8 *) (UINTN) ImageAddress;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -465,7 +450,7 @@ TcgMeasurePeImage (
// 6. Since there is no Cert Directory in optional header, hash everything
// from the end of the checksum to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -489,7 +474,7 @@ TcgMeasurePeImage (
//
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -514,7 +499,7 @@ TcgMeasurePeImage (
// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
// 9. Hash everything from the end of the Cert Directory to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -539,7 +524,7 @@ TcgMeasurePeImage (
//
// 10. Set the SUM_OF_BYTES_HASHED to the size of the header
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -621,7 +606,7 @@ TcgMeasurePeImage (
if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
CertSize = 0;
} else {
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c b/SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c
index 29da2d70e699..e114d672f9d9 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c
+++ b/SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c
@@ -116,7 +116,6 @@ MeasurePeImageAndExtend (
EFI_IMAGE_SECTION_HEADER *SectionHeader;
UINTN Index;
UINTN Pos;
- UINT16 Magic;
EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr;
UINT32 NumberOfRvaAndSizes;
UINT32 CertSize;
@@ -181,27 +180,13 @@ MeasurePeImageAndExtend (
// Measuring PE/COFF Image Header;
// But CheckSum field and SECURITY data directory (certificate) are excluded
//
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = Hdr.Pe32->OptionalHeader.Magic;
- }
//
// 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
//
HashBase = (UINT8 *) (UINTN) ImageAddress;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -228,7 +213,7 @@ MeasurePeImageAndExtend (
// 6. Since there is no Cert Directory in optional header, hash everything
// from the end of the checksum to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -252,7 +237,7 @@ MeasurePeImageAndExtend (
//
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -277,7 +262,7 @@ MeasurePeImageAndExtend (
// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
// 9. Hash everything from the end of the Cert Directory to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -302,7 +287,7 @@ MeasurePeImageAndExtend (
//
// 10. Set the SUM_OF_BYTES_HASHED to the size of the header
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -384,7 +369,7 @@ MeasurePeImageAndExtend (
if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
CertSize = 0;
} else {
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
index 9acaa7b97507..f96325e978a5 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
@@ -1831,7 +1831,6 @@ HashPeImage (
)
{
BOOLEAN Status;
- UINT16 Magic;
EFI_IMAGE_SECTION_HEADER *Section;
VOID *HashCtx;
UINTN CtxSize;
@@ -1874,27 +1873,13 @@ HashPeImage (
// Measuring PE/COFF Image Header;
// But CheckSum field and SECURITY data directory (certificate) are excluded
//
- if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = mNtHeader.Pe32->OptionalHeader.Magic;
- }
//
// 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
//
HashBase = mImageBase;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -1915,7 +1900,7 @@ HashPeImage (
// 6. Get the address of the beginning of the Cert Directory.
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -1937,7 +1922,7 @@ HashPeImage (
// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
// 9. Hash everything from the end of the Cert Directory to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -1958,7 +1943,7 @@ HashPeImage (
//
// 10. Set the SUM_OF_BYTES_HASHED to the size of the header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -2032,7 +2017,7 @@ HashPeImage (
//
if (mImageSize > SumOfBytesHashed) {
HashBase = mImageBase + SumOfBytesHashed;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
--
2.17.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH v2 3/3] SecurityPkg: remove PE/COFF header workaround for ELILO on IPF
2018-09-07 5:42 ` [PATCH v2 3/3] SecurityPkg: " Ard Biesheuvel
@ 2018-09-07 8:28 ` Laszlo Ersek
2018-09-19 21:47 ` Ard Biesheuvel
0 siblings, 1 reply; 9+ messages in thread
From: Laszlo Ersek @ 2018-09-07 8:28 UTC (permalink / raw)
To: Ard Biesheuvel, edk2-devel
Cc: Star Zeng, Jian J Wang, Michael D Kinney, Liming Gao, Chao Zhang,
Jiewen Yao, Leif Lindholm
On 09/07/18 07:42, Ard Biesheuvel wrote:
> Now that Itanium support has been dropped, we can remove the various
> occurrences of the ELILO on Itanium PE/COFF header workaround.
>
> Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 47 ++++----------------
> SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c | 27 +++--------
> SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c | 27 +++--------
> SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 25 +++--------
> 4 files changed, 25 insertions(+), 101 deletions(-)
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2 3/3] SecurityPkg: remove PE/COFF header workaround for ELILO on IPF
2018-09-07 8:28 ` Laszlo Ersek
@ 2018-09-19 21:47 ` Ard Biesheuvel
2018-09-20 5:08 ` Yao, Jiewen
2018-09-20 13:54 ` Zhang, Chao B
0 siblings, 2 replies; 9+ messages in thread
From: Ard Biesheuvel @ 2018-09-19 21:47 UTC (permalink / raw)
To: Laszlo Ersek
Cc: edk2-devel@lists.01.org, Star Zeng, Jian J Wang, Michael D Kinney,
Liming Gao, Chao Zhang, Jiewen Yao, Leif Lindholm
On 7 September 2018 at 01:28, Laszlo Ersek <lersek@redhat.com> wrote:
> On 09/07/18 07:42, Ard Biesheuvel wrote:
>> Now that Itanium support has been dropped, we can remove the various
>> occurrences of the ELILO on Itanium PE/COFF header workaround.
>>
>> Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
>> Contributed-under: TianoCore Contribution Agreement 1.1
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>> ---
>> SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 47 ++++----------------
>> SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c | 27 +++--------
>> SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c | 27 +++--------
>> SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 25 +++--------
>> 4 files changed, 25 insertions(+), 101 deletions(-)
>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
>
Chao, Jiewen: any concerns?
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2 3/3] SecurityPkg: remove PE/COFF header workaround for ELILO on IPF
2018-09-19 21:47 ` Ard Biesheuvel
@ 2018-09-20 5:08 ` Yao, Jiewen
2018-09-20 13:54 ` Zhang, Chao B
1 sibling, 0 replies; 9+ messages in thread
From: Yao, Jiewen @ 2018-09-20 5:08 UTC (permalink / raw)
To: Ard Biesheuvel, Laszlo Ersek
Cc: edk2-devel@lists.01.org, Zeng, Star, Wang, Jian J,
Kinney, Michael D, Gao, Liming, Zhang, Chao B, Leif Lindholm
No concern at all.
I have given R-B for the whole patch series. :-)
> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Thursday, September 20, 2018 5:47 AM
> To: Laszlo Ersek <lersek@redhat.com>
> Cc: edk2-devel@lists.01.org; Zeng, Star <star.zeng@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>;
> Gao, Liming <liming.gao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Leif
> Lindholm <leif.lindholm@linaro.org>
> Subject: Re: [PATCH v2 3/3] SecurityPkg: remove PE/COFF header
> workaround for ELILO on IPF
>
> On 7 September 2018 at 01:28, Laszlo Ersek <lersek@redhat.com> wrote:
> > On 09/07/18 07:42, Ard Biesheuvel wrote:
> >> Now that Itanium support has been dropped, we can remove the various
> >> occurrences of the ELILO on Itanium PE/COFF header workaround.
> >>
> >> Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
> >> Contributed-under: TianoCore Contribution Agreement 1.1
> >> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >> ---
> >>
> SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
> | 47 ++++----------------
> >>
> SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
> | 27 +++--------
> >> SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c
> | 27 +++--------
> >>
> SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi
> gImpl.c | 25 +++--------
> >> 4 files changed, 25 insertions(+), 101 deletions(-)
> >
> > Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> >
>
> Chao, Jiewen: any concerns?
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2 3/3] SecurityPkg: remove PE/COFF header workaround for ELILO on IPF
2018-09-19 21:47 ` Ard Biesheuvel
2018-09-20 5:08 ` Yao, Jiewen
@ 2018-09-20 13:54 ` Zhang, Chao B
1 sibling, 0 replies; 9+ messages in thread
From: Zhang, Chao B @ 2018-09-20 13:54 UTC (permalink / raw)
To: Ard Biesheuvel, Laszlo Ersek
Cc: edk2-devel@lists.01.org, Zeng, Star, Wang, Jian J,
Kinney, Michael D, Gao, Liming, Yao, Jiewen, Leif Lindholm
Hi Ard:
I am good with this patch. I will help to push it.
From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
Sent: Thursday, September 20, 2018 5:47 AM
To: Laszlo Ersek <lersek@redhat.com>
Cc: edk2-devel@lists.01.org; Zeng, Star <star.zeng@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>; Zhang, Chao B <chao.b.zhang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Leif Lindholm <leif.lindholm@linaro.org>
Subject: Re: [PATCH v2 3/3] SecurityPkg: remove PE/COFF header workaround for ELILO on IPF
On 7 September 2018 at 01:28, Laszlo Ersek <lersek@redhat.com<mailto:lersek@redhat.com>> wrote:
> On 09/07/18 07:42, Ard Biesheuvel wrote:
>> Now that Itanium support has been dropped, we can remove the various
>> occurrences of the ELILO on Itanium PE/COFF header workaround.
>>
>> Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
>> Contributed-under: TianoCore Contribution Agreement 1.1
>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org<mailto:ard.biesheuvel@linaro.org>>
>> ---
>> SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c | 47 ++++----------------
>> SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c | 27 +++--------
>> SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c | 27 +++--------
>> SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c | 25 +++--------
>> 4 files changed, 25 insertions(+), 101 deletions(-)
>
> Reviewed-by: Laszlo Ersek <lersek@redhat.com<mailto:lersek@redhat.com>>
>
Chao, Jiewen: any concerns?
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack
2018-09-07 5:41 [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack Ard Biesheuvel
` (2 preceding siblings ...)
2018-09-07 5:42 ` [PATCH v2 3/3] SecurityPkg: " Ard Biesheuvel
@ 2018-09-24 14:58 ` Ard Biesheuvel
3 siblings, 0 replies; 9+ messages in thread
From: Ard Biesheuvel @ 2018-09-24 14:58 UTC (permalink / raw)
To: edk2-devel@lists.01.org
Cc: Zeng, Star, Jian J Wang, Kinney, Michael D, Gao, Liming,
Zhang, Chao B, Yao, Jiewen, Laszlo Ersek, Leif Lindholm
On Fri, 7 Sep 2018 at 07:42, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
>
> Now that Itanium support has been dropped from EDK2, we can remove most
> occurrences of the ELILO PE/COFF loader hack from the code base.
>
> Note that SecurityPkg appears to have four mostly identical implementations
> of the PE/COFF measuring routine, so this may be another area for cleanup
> later.
>
> Changes since v1:
> - fix copy/paste error in patch #3 which went unnoticed due to the fact that
> SecurityPkg.dsc does not cover the module in question for AARCH64
> - drop EdkCompatibilityPkg patch, it is likely to go away soon anyway
> - add Reviewed-by tags
>
> Link: https://bugzilla.tianocore.org/show_bug.cgi?id=816
>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
>
> Ard Biesheuvel (3):
> MdeModulePkg: remove PE/COFF header workaround for ELILO on IPF
> MdePkg/BasePeCoffLib: remove PE/COFF header workaround for ELILO on
> IPF
> SecurityPkg: remove PE/COFF header workaround for ELILO on IPF
>
Patches 1-2 pushed as 997731e796f5..60eb6c6d2e01 (#3 was merged
independently by Chao)
Thanks all
> .../Core/Dxe/Mem/MemoryProfileRecord.c | 31 +---------
> MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 17 +-----
> MdeModulePkg/Core/Dxe/Misc/PropertiesTable.c | 17 +-----
> .../Core/PiSmmCore/MemoryAttributesTable.c | 17 +-----
> .../Core/PiSmmCore/SmramProfileRecord.c | 31 +---------
> MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 61 +++----------------
> .../DxeImageVerificationLib.c | 47 +++-----------
> .../DxeTpmMeasureBootLib.c | 27 ++------
> SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c | 27 ++------
> .../SecureBootConfigImpl.c | 25 ++------
> 10 files changed, 39 insertions(+), 261 deletions(-)
>
> --
> 2.17.1
>
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2018-09-24 14:58 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-09-07 5:41 [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 1/3] MdeModulePkg: remove PE/COFF header workaround for ELILO on IPF Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 2/3] MdePkg/BasePeCoffLib: " Ard Biesheuvel
2018-09-07 5:42 ` [PATCH v2 3/3] SecurityPkg: " Ard Biesheuvel
2018-09-07 8:28 ` Laszlo Ersek
2018-09-19 21:47 ` Ard Biesheuvel
2018-09-20 5:08 ` Yao, Jiewen
2018-09-20 13:54 ` Zhang, Chao B
2018-09-24 14:58 ` [PATCH v2 0/3] remove most occurrences of ELILO on IPF PE/COFF header hack Ard Biesheuvel
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox