docs/master/_standalone_mm_pe_coff_extra_action_lib_8c_source.html

#include <PiDxe.h>


#include <Library/BaseLib.h>

#include <Library/BaseMemoryLib.h>

#include <Library/DebugLib.h>

#include <Library/PcdLib.h>

#include <Library/PeCoffLib.h>

#include <Library/PeCoffExtraActionLib.h>

#include <Library/StandaloneMmMmuLib.h>


typedef RETURN_STATUS (*REGION_PERMISSION_UPDATE_FUNC) (

  IN  EFI_PHYSICAL_ADDRESS  BaseAddress,

  IN  UINT64                Length

  );


STATIC

RETURN_STATUS

UpdatePeCoffPermissions (

  IN  CONST PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext,

  IN  REGION_PERMISSION_UPDATE_FUNC       NoExecUpdater,

  IN  REGION_PERMISSION_UPDATE_FUNC       ReadOnlyUpdater

  )

{

  RETURN_STATUS                        Status;

  EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION  Hdr;

  EFI_IMAGE_OPTIONAL_HEADER_UNION      HdrData;

  UINTN                                Size;

  UINTN                                ReadSize;

  UINT32                               SectionHeaderOffset;

  UINTN                                NumberOfSections;

  UINTN                                Index;

  EFI_IMAGE_SECTION_HEADER             SectionHeader;

  PE_COFF_LOADER_IMAGE_CONTEXT         TmpContext;

  EFI_PHYSICAL_ADDRESS                 Base;


  //

  // We need to copy ImageContext since PeCoffLoaderGetImageInfo ()

  // will mangle the ImageAddress field

  //

  CopyMem (&TmpContext, ImageContext, sizeof (TmpContext));


  if (TmpContext.PeCoffHeaderOffset == 0) {

    Status = PeCoffLoaderGetImageInfo (&TmpContext);

    if (RETURN_ERROR (Status)) {

      DEBUG ((

        DEBUG_ERROR,

        "%a: PeCoffLoaderGetImageInfo () failed (Status = %r)\n",

        __func__,

        Status

        ));

      return Status;

    }

  }


  if (TmpContext.IsTeImage &&

      (TmpContext.ImageAddress == ImageContext->ImageAddress))

  {

    DEBUG ((

      DEBUG_INFO,

      "%a: ignoring XIP TE image at 0x%lx\n",

      __func__,

      ImageContext->ImageAddress

      ));

    return RETURN_SUCCESS;

  }


  if (TmpContext.SectionAlignment < EFI_PAGE_SIZE) {

    //

    // The sections need to be at least 4 KB aligned, since that is the

    // granularity at which we can tighten permissions. So just clear the

    // noexec permissions on the entire region.

    //

    if (!TmpContext.IsTeImage) {

      DEBUG ((

        DEBUG_WARN,

        "%a: non-TE Image at 0x%lx has SectionAlignment < 4 KB (%lu)\n",

        __func__,

        ImageContext->ImageAddress,

        TmpContext.SectionAlignment

        ));

    }


    Base = ImageContext->ImageAddress & ~(EFI_PAGE_SIZE - 1);

    Size = ImageContext->ImageAddress - Base + ImageContext->ImageSize;

    return NoExecUpdater (Base, ALIGN_VALUE (Size, EFI_PAGE_SIZE));

  }


  //

  // Read the PE/COFF Header. For PE32 (32-bit) this will read in too much

  // data, but that should not hurt anything. Hdr.Pe32->OptionalHeader.Magic

  // determines if this is a PE32 or PE32+ image. The magic is in the same

  // location in both images.

  //

  Hdr.Union = &HdrData;

  Size      = sizeof (EFI_IMAGE_OPTIONAL_HEADER_UNION);

  ReadSize  = Size;

  Status    = TmpContext.ImageRead (

                           TmpContext.Handle,

                           TmpContext.PeCoffHeaderOffset,

                           &Size,

                           Hdr.Pe32

                           );

  if (RETURN_ERROR (Status) || (Size != ReadSize)) {

    DEBUG ((

      DEBUG_ERROR,

      "%a: TmpContext.ImageRead () failed (Status = %r)\n",

      __func__,

      Status

      ));

    return Status;

  }


  ASSERT (Hdr.Pe32->Signature == EFI_IMAGE_NT_SIGNATURE);


  SectionHeaderOffset = TmpContext.PeCoffHeaderOffset + sizeof (UINT32) +

                        sizeof (EFI_IMAGE_FILE_HEADER);

  NumberOfSections = (UINTN)(Hdr.Pe32->FileHeader.NumberOfSections);


  switch (Hdr.Pe32->OptionalHeader.Magic) {

    case EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC:

      SectionHeaderOffset += Hdr.Pe32->FileHeader.SizeOfOptionalHeader;

      break;

    case EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC:

      SectionHeaderOffset += Hdr.Pe32Plus->FileHeader.SizeOfOptionalHeader;

      break;

    default:

      ASSERT (FALSE);

  }


  //

  // Iterate over the sections

  //

  for (Index = 0; Index < NumberOfSections; Index++) {

    //

    // Read section header from file

    //

    Size     = sizeof (EFI_IMAGE_SECTION_HEADER);

    ReadSize = Size;

    Status   = TmpContext.ImageRead (

                            TmpContext.Handle,

                            SectionHeaderOffset,

                            &Size,

                            &SectionHeader

                            );

    if (RETURN_ERROR (Status) || (Size != ReadSize)) {

      DEBUG ((

        DEBUG_ERROR,

        "%a: TmpContext.ImageRead () failed (Status = %r)\n",

        __func__,

        Status

        ));

      return Status;

    }


    Base = TmpContext.ImageAddress + SectionHeader.VirtualAddress;


    if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_MEM_EXECUTE) == 0) {

      if ((SectionHeader.Characteristics & EFI_IMAGE_SCN_MEM_WRITE) == 0) {

        DEBUG ((

          DEBUG_INFO,

          "%a: Mapping section %d of image at 0x%lx with RO-XN permissions and size 0x%x\n",

          __func__,

          Index,

          Base,

          SectionHeader.Misc.VirtualSize

          ));

        ReadOnlyUpdater (Base, SectionHeader.Misc.VirtualSize);

      } else {

        DEBUG ((

          DEBUG_WARN,

          "%a: Mapping section %d of image at 0x%lx with RW-XN permissions and size 0x%x\n",

          __func__,

          Index,

          Base,

          SectionHeader.Misc.VirtualSize

          ));

      }

    } else {

      DEBUG ((

        DEBUG_INFO,

        "%a: Mapping section %d of image at 0x%lx with RO-X permissions and size 0x%x\n",

        __func__,

        Index,

        Base,

        SectionHeader.Misc.VirtualSize

        ));

      ReadOnlyUpdater (Base, SectionHeader.Misc.VirtualSize);

      NoExecUpdater (Base, SectionHeader.Misc.VirtualSize);

    }


    SectionHeaderOffset += sizeof (EFI_IMAGE_SECTION_HEADER);

  }


  return RETURN_SUCCESS;

}


VOID

EFIAPI

PeCoffLoaderRelocateImageExtraAction (

  IN OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext

  )

{

  UpdatePeCoffPermissions (

    ImageContext,

    ArmClearMemoryRegionNoExec,

    ArmSetMemoryRegionReadOnly

    );

}


VOID

EFIAPI

PeCoffLoaderUnloadImageExtraAction (

  IN OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext

  )

{

  UpdatePeCoffPermissions (

    ImageContext,

    ArmSetMemoryRegionNoExec,

    ArmClearMemoryRegionReadOnly

    );

}

UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112

BaseLib.h

BaseMemoryLib.h

CopyMem
VOID *EFIAPI CopyMem(OUT VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CopyMemWrapper.c:41

CONST
#define CONST
Definition: Base.h:259

STATIC
#define STATIC
Definition: Base.h:264

RETURN_ERROR
#define RETURN_ERROR(StatusCode)
Definition: Base.h:1061

ALIGN_VALUE
#define ALIGN_VALUE(Value, Alignment)
Definition: Base.h:948

RETURN_SUCCESS
#define RETURN_SUCCESS
Definition: Base.h:1066

FALSE
#define FALSE
Definition: Base.h:307

IN
#define IN
Definition: Base.h:279

OUT
#define OUT
Definition: Base.h:284

DebugLib.h

DEBUG
#define DEBUG(Expression)
Definition: DebugLib.h:434

PeCoffExtraActionLib.h

PcdLib.h

PeCoffLib.h

PeCoffLoaderGetImageInfo
RETURN_STATUS EFIAPI PeCoffLoaderGetImageInfo(IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext)
Definition: BasePeCoff.c:577

EFI_IMAGE_SCN_MEM_EXECUTE
#define EFI_IMAGE_SCN_MEM_EXECUTE
0x20000000
Definition: PeImage.h:341

EFI_IMAGE_SCN_MEM_WRITE
#define EFI_IMAGE_SCN_MEM_WRITE
0x80000000
Definition: PeImage.h:343

EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
#define EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
Definition: PeImage.h:143

EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
#define EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
Definition: PeImage.h:194

PiDxe.h

StandaloneMmMmuLib.h

PeCoffLoaderUnloadImageExtraAction
VOID EFIAPI PeCoffLoaderUnloadImageExtraAction(IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext)
Definition: StandaloneMmPeCoffExtraActionLib.c:241

PeCoffLoaderRelocateImageExtraAction
VOID EFIAPI PeCoffLoaderRelocateImageExtraAction(IN OUT PE_COFF_LOADER_IMAGE_CONTEXT *ImageContext)
Definition: StandaloneMmPeCoffExtraActionLib.c:218

EFI_PHYSICAL_ADDRESS
UINT64 EFI_PHYSICAL_ADDRESS
Definition: UefiBaseType.h:50

EFI_IMAGE_FILE_HEADER
Definition: PeImage.h:82

EFI_IMAGE_OPTIONAL_HEADER32::Magic
UINT16 Magic
Definition: PeImage.h:152

EFI_IMAGE_SECTION_HEADER
Definition: PeImage.h:295

PE_COFF_LOADER_IMAGE_CONTEXT
Definition: PeCoffLib.h:75

PE_COFF_LOADER_IMAGE_CONTEXT::IsTeImage
BOOLEAN IsTeImage
Definition: PeCoffLib.h:189

PE_COFF_LOADER_IMAGE_CONTEXT::Handle
VOID * Handle
Definition: PeCoffLib.h:104

PE_COFF_LOADER_IMAGE_CONTEXT::ImageRead
PE_COFF_LOADER_READ_FILE ImageRead
Definition: PeCoffLib.h:100

PE_COFF_LOADER_IMAGE_CONTEXT::PeCoffHeaderOffset
UINT32 PeCoffHeaderOffset
Definition: PeCoffLib.h:122

PE_COFF_LOADER_IMAGE_CONTEXT::SectionAlignment
UINT32 SectionAlignment
Definition: PeCoffLib.h:116

PE_COFF_LOADER_IMAGE_CONTEXT::ImageAddress
PHYSICAL_ADDRESS ImageAddress
Definition: PeCoffLib.h:79

EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION
Definition: PeImage.h:809

EFI_IMAGE_OPTIONAL_HEADER_UNION
Definition: PeImage.h:803