On 9 July 2015 at 16:57, Matt Fleming <m...@codeblueprint.co.uk> wrote: > On Thu, 02 Jul, at 02:31:24PM, Ard Biesheuvel wrote: >> Hello all, >> >> This is a proof of concept patch that fixes the problems that occur when >> enabling the EFI_PROPERTIES_RUNTIME_MEMORY_PROTECTION_NON_EXECUTABLE_PE_DATA >> MemoryProtectionAttribute, which may split PE/COFF memory images into >> disjoint >> regions in virtual memory. >> >> It is not a complete solution, but it works both on AARCH64 (ArmVirtQemu) and >> X64 (Ovmf). With the 4 KB alignment patch and Laszlo's end-of-DXE series >> applied, >> I can boot into the Linux kernel (Ubuntu 3.13.0-55-generic) without problems, >> while the memory map reveals that the splitting has in fact occurred. >> >> Note that this may require 64 KB section alignment for non-ELF based >> toolchains, >> if they may potentially emit EFI_IMAGE_REL_BASED_LOW or >> EFI_IMAGE_REL_BASED_HIGH >> relocations. For toolchains that rely on GenFw for the ELF to PE/COFF >> conversion, this is not required. > > Cool! I'd quite like to test this patch out but I'm not sure I've got > all of the required patch dependencies in my tree. > > Could you shove everything into some public git repo so I can run it > through the LUV autobuilder? >
Sure. In the meantime, I have cooked up a slightly more elaborate series that also fixes the EFI_IMAGE_REL_BASED_LOW/EFI_IMAGE_REL_BASED_HIGH issues (even though they don't seem to be used widely) and does some cleanups. This is unlikely to be adopted as-is, since there is still an unresolved issue with inter-region relative relocations. Tree is here https://git.linaro.org/people/ard.biesheuvel/uefi-next.git/shortlog/refs/heads/pecoff-runtime-relocation When running this, you should notice regions in the memory map with either the RO (0x20000) or XP (0x4000) bit set in the kernel log. For instance, """ [ 0.000000] efi: mem38: type=6, attr=0x800000000000400f, range=[0x0000000007e9a000-0x0000000007e9f000) (0MB) [ 0.000000] efi: mem39: type=5, attr=0x800000000002000f, range=[0x0000000007e9f000-0x0000000007ea4000) (0MB) [ 0.000000] efi: mem40: type=6, attr=0x800000000000400f, range=[0x0000000007ea4000-0x0000000007eaa000) (0MB) [ 0.000000] efi: mem41: type=5, attr=0x800000000002000f, range=[0x0000000007eaa000-0x0000000007eae000) (0MB) """ And no crash .... (hopefully) -- Ard. ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
