SecurePE: Replaced old PE loader with Secure one.

acidanthera · Jul 22, 2024 · a955e88 · a955e88
1 parent 666a6ab
commit a955e88
Show file tree

Hide file tree

Showing 291 changed files with 12,484 additions and 7,143 deletions.
diff --git a/ArmPkg/ArmPkg.dsc b/ArmPkg/ArmPkg.dsc
@@ -54,9 +54,9 @@
   UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
   DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
   UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
-  PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
-  PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
-  PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
+  PeCoffLib2|MdePkg/Library/BasePeCoffLib2/BasePeCoffLib2.inf
+  UefiImageLib|MdePkg/Library/BaseUefiImageLib/BaseUefiImageLibPeCoff.inf
+  UefiImageExtraActionLib|MdePkg/Library/BaseUefiImageExtraActionLibNull/BaseUefiImageExtraActionLibNull.inf
 
   UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
   HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
@@ -111,7 +111,7 @@
   ArmPkg/Library/ArmDisassemblerLib/ArmDisassemblerLib.inf
   ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf
   ArmPkg/Library/DebugAgentSymbolsBaseLib/DebugAgentSymbolsBaseLib.inf
-  ArmPkg/Library/DebugPeCoffExtraActionLib/DebugPeCoffExtraActionLib.inf
+  ArmPkg/Library/DebugUefiImageExtraActionLib/DebugUefiImageExtraActionLib.inf
   ArmPkg/Library/DefaultExceptionHandlerLib/DefaultExceptionHandlerLib.inf
   ArmPkg/Library/SemiHostingDebugLib/SemiHostingDebugLib.inf
   ArmPkg/Library/SemiHostingSerialPortLib/SemiHostingSerialPortLib.inf

diff --git a/ArmPkg/Drivers/ArmCrashDumpDxe/ArmCrashDumpDxe.dsc b/ArmPkg/Drivers/ArmCrashDumpDxe/ArmCrashDumpDxe.dsc
@@ -35,7 +35,6 @@
   DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
   MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
-  PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
   PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
   SerialPortLib|MdePkg/Library/BaseSerialPortLibNull/BaseSerialPortLibNull.inf
   UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf

diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.h b/ArmPkg/Drivers/CpuDxe/CpuDxe.h
@@ -20,7 +20,6 @@
 #include <Library/UefiBootServicesTableLib.h>
 #include <Library/DxeServicesTableLib.h>
 #include <Library/CacheMaintenanceLib.h>
-#include <Library/PeCoffGetEntryPointLib.h>
 #include <Library/UefiLib.h>
 #include <Library/CpuLib.h>
 #include <Library/DefaultExceptionHandlerLib.h>

diff --git a/ArmPkg/Drivers/CpuDxe/CpuDxe.inf b/ArmPkg/Drivers/CpuDxe/CpuDxe.inf
@@ -49,7 +49,6 @@
   DxeServicesTableLib
   HobLib
   MemoryAllocationLib
-  PeCoffGetEntryPointLib
   UefiDriverEntryPoint
   UefiLib
 

diff --git a/ArmPkg/Library/ArmDisassemblerLib/ArmDisassemblerLib.inf b/ArmPkg/Library/ArmDisassemblerLib/ArmDisassemblerLib.inf
@@ -32,4 +32,3 @@
   BaseLib
   PrintLib
   DebugLib
-  PeCoffGetEntryPointLib
diff --git a/ArmPkg/Library/DebugAgentSymbolsBaseLib/DebugAgentSymbolsBaseLib.c b/ArmPkg/Library/DebugAgentSymbolsBaseLib/DebugAgentSymbolsBaseLib.c
@@ -13,8 +13,8 @@
 #include <Library/DebugLib.h>
 #include <Library/DebugAgentLib.h>
 #include <Library/PcdLib.h>
-#include <Library/PeCoffExtraActionLib.h>
-#include <Library/PeCoffLib.h>
+#include <Library/UefiImageExtraActionLib.h>
+#include <Library/UefiImageLib.h>
 
 #include <Pi/PiFirmwareFile.h>
 #include <Pi/PiFirmwareVolume.h>
@@ -165,34 +165,39 @@ GetFfsFile (
 
 EFI_STATUS
 GetImageContext (
-  IN  EFI_FFS_FILE_HEADER           *FfsHeader,
-  OUT PE_COFF_LOADER_IMAGE_CONTEXT  *ImageContext
+  IN  EFI_FFS_FILE_HEADER              *FfsHeader,
+  OUT UEFI_IMAGE_LOADER_IMAGE_CONTEXT  *ImageContext
   )
 {
-  EFI_STATUS                       Status;
-  UINTN                            ParsedLength;
-  UINTN                            SectionSize;
-  UINTN                            SectionLength;
-  EFI_COMMON_SECTION_HEADER        *Section;
-  VOID                             *EfiImage;
-  UINTN                            ImageAddress;
-  EFI_IMAGE_DEBUG_DIRECTORY_ENTRY  *DebugEntry;
-  VOID                             *CodeViewEntryPointer;
-
-  Section      = (EFI_COMMON_SECTION_HEADER *)(FfsHeader + 1);
-  SectionSize  = *(UINT32 *)(FfsHeader->Size) & 0x00FFFFFF;
-  SectionSize -= sizeof (EFI_FFS_FILE_HEADER);
-  ParsedLength = 0;
-  EfiImage     = NULL;
+  EFI_STATUS                              Status;
+  UINTN                                   ParsedLength;
+  UINT32                                  SectionSize;
+  UINT32                                  SectionLength;
+  EFI_COMMON_SECTION_HEADER               *Section;
+  VOID                                    *EfiImage;
+
+  Section       = (EFI_COMMON_SECTION_HEADER *)(FfsHeader + 1);
+  SectionLength = 0;
+  SectionSize   = *(UINT32 *)(FfsHeader->Size) & 0x00FFFFFF;
+  SectionSize  -= sizeof (EFI_FFS_FILE_HEADER);
+  ParsedLength  = 0;
+  EfiImage      = NULL;
 
   while (ParsedLength < SectionSize) {
+    //
+    // Size is 24 bits wide so mask upper 8 bits.
+    //
+    SectionLength = *(UINT32 *)Section->Size & 0x00FFFFFF;
+    if (SectionLength < sizeof (*Section)) {
+      return EFI_VOLUME_CORRUPTED;
+    }
+
     if ((Section->Type == EFI_SECTION_PE32) || (Section->Type == EFI_SECTION_TE)) {
-      EfiImage = (EFI_IMAGE_OPTIONAL_HEADER_UNION *)(Section + 1);
+      EfiImage = (Section + 1);
       break;
     }
 
     //
-    // Size is 24 bits wide so mask upper 8 bits.
     // SectionLength is adjusted it is 4 byte aligned.
     // Go to the next section
     //
@@ -208,34 +213,10 @@ GetImageContext (
   }
 
   // Initialize the Image Context
-  ZeroMem (ImageContext, sizeof (PE_COFF_LOADER_IMAGE_CONTEXT));
-  ImageContext->Handle    = EfiImage;
-  ImageContext->ImageRead = PeCoffLoaderImageReadFromMemory;
-
-  Status =  PeCoffLoaderGetImageInfo (ImageContext);
-  if (!EFI_ERROR (Status) && ((VOID *)(UINTN)ImageContext->DebugDirectoryEntryRva != NULL)) {
-    ImageAddress = ImageContext->ImageAddress;
-    if (ImageContext->IsTeImage) {
-      ImageAddress += sizeof (EFI_TE_IMAGE_HEADER) - ((EFI_TE_IMAGE_HEADER *)EfiImage)->StrippedSize;
-    }
-
-    DebugEntry = (EFI_IMAGE_DEBUG_DIRECTORY_ENTRY *)(ImageAddress + ImageContext->DebugDirectoryEntryRva);
-    if (DebugEntry->Type == EFI_IMAGE_DEBUG_TYPE_CODEVIEW) {
-      CodeViewEntryPointer = (VOID *)(ImageAddress + (UINTN)DebugEntry->RVA);
-      switch (*(UINT32 *)CodeViewEntryPointer) {
-        case CODEVIEW_SIGNATURE_NB10:
-          ImageContext->PdbPointer = (CHAR8 *)CodeViewEntryPointer + sizeof (EFI_IMAGE_DEBUG_CODEVIEW_NB10_ENTRY);
-          break;
-        case CODEVIEW_SIGNATURE_RSDS:
-          ImageContext->PdbPointer = (CHAR8 *)CodeViewEntryPointer + sizeof (EFI_IMAGE_DEBUG_CODEVIEW_RSDS_ENTRY);
-          break;
-        case CODEVIEW_SIGNATURE_MTOC:
-          ImageContext->PdbPointer = (CHAR8 *)CodeViewEntryPointer + sizeof (EFI_IMAGE_DEBUG_CODEVIEW_MTOC_ENTRY);
-          break;
-        default:
-          break;
-      }
-    }
+  // FIXME: Common FFS API with size checks
+  Status = UefiImageInitializeContext (ImageContext, EfiImage, SectionLength - sizeof (*Section));
+  if (!EFI_ERROR(Status)) {
+    Status = UefiImageLoadImageInplace( ImageContext);
   }
 
   return Status;
@@ -271,9 +252,9 @@ InitializeDebugAgent (
   IN DEBUG_AGENT_CONTINUE  Function  OPTIONAL
   )
 {
-  EFI_STATUS                    Status;
-  EFI_FFS_FILE_HEADER           *FfsHeader;
-  PE_COFF_LOADER_IMAGE_CONTEXT  ImageContext;
+  EFI_STATUS                      Status;
+  EFI_FFS_FILE_HEADER             *FfsHeader;
+  UEFI_IMAGE_LOADER_IMAGE_CONTEXT ImageContext;
 
   // We use InitFlag to know if DebugAgent has been initialized from
   // Sec (DEBUG_AGENT_INIT_PREMEM_SEC) or PrePi (DEBUG_AGENT_INIT_POSTMEM_SEC)
@@ -286,7 +267,7 @@ InitializeDebugAgent (
     if (!EFI_ERROR (Status)) {
       Status = GetImageContext (FfsHeader, &ImageContext);
       if (!EFI_ERROR (Status)) {
-        PeCoffLoaderRelocateImageExtraAction (&ImageContext);
+        UefiImageLoaderRelocateImageExtraAction (&ImageContext);
       }
     }
   } else if (InitFlag == DEBUG_AGENT_INIT_POSTMEM_SEC) {
@@ -297,7 +278,7 @@ InitializeDebugAgent (
     if (!EFI_ERROR (Status)) {
       Status = GetImageContext (FfsHeader, &ImageContext);
       if (!EFI_ERROR (Status)) {
-        PeCoffLoaderRelocateImageExtraAction (&ImageContext);
+        UefiImageLoaderRelocateImageExtraAction (&ImageContext);
       }
     }
 
@@ -308,7 +289,7 @@ InitializeDebugAgent (
     if (!EFI_ERROR (Status)) {
       Status = GetImageContext (FfsHeader, &ImageContext);
       if (!EFI_ERROR (Status)) {
-        PeCoffLoaderRelocateImageExtraAction (&ImageContext);
+        UefiImageLoaderRelocateImageExtraAction (&ImageContext);
       }
     }
   }

diff --git a/ArmPkg/Library/DebugAgentSymbolsBaseLib/DebugAgentSymbolsBaseLib.inf b/ArmPkg/Library/DebugAgentSymbolsBaseLib/DebugAgentSymbolsBaseLib.inf
@@ -24,8 +24,8 @@
 [LibraryClasses]
   DebugLib
   PcdLib
-  PeCoffExtraActionLib
-  PeCoffLib
+  UefiImageExtraActionLib
+  UefiImageLib
 
 [Pcd]
   gArmTokenSpaceGuid.PcdSecureFvBaseAddress

diff --git a/ArmPkg/Library/DebugUefiImageExtraActionLib/DebugUefiImageExtraActionLib.c b/ArmPkg/Library/DebugUefiImageExtraActionLib/DebugUefiImageExtraActionLib.c
@@ -0,0 +1,141 @@
+/**@file
+
+Copyright (c) 2006 - 2009, Intel Corporation. All rights reserved.<BR>
+Portions copyright (c) 2008 - 2010, Apple Inc. All rights reserved.<BR>
+Portions copyright (c) 2011 - 2012, ARM Ltd. All rights reserved.<BR>
+
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiDxe.h>
+#include <Library/UefiImageLib.h>
+
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/UefiImageExtraActionLib.h>
+#include <Library/PrintLib.h>
+
+/**
+  If the build is done on cygwin the paths are cygpaths.
+  /cygdrive/c/tmp.txt vs c:\tmp.txt so we need to convert
+  them to work with RVD commands
+
+  @param  Name  Path to convert if needed
+
+**/
+CONST CHAR8 *
+DeCygwinPathIfNeeded (
+  IN  CONST CHAR8   *Name,
+  IN  CHAR8         *Temp,
+  IN  UINTN         Size
+  )
+{
+  CHAR8  *Ptr;
+  UINTN  Index;
+  UINTN  Index2;
+
+  Ptr = AsciiStrStr (Name, "/cygdrive/");
+  if (Ptr == NULL) {
+    return Name;
+  }
+
+  for (Index = 9, Index2 = 0; (Index < (Size + 9)) && (Ptr[Index] != '\0'); Index++, Index2++) {
+    Temp[Index2] = Ptr[Index];
+    if (Temp[Index2] == '/') {
+      Temp[Index2] = '\\';
+    }
+
+    if (Index2 == 1) {
+      Temp[Index2 - 1] = Ptr[Index];
+      Temp[Index2]     = ':';
+    }
+  }
+
+  return Temp;
+}
+
+/**
+  Performs additional actions after a PE/COFF image has been loaded and relocated.
+
+  If ImageContext is NULL, then ASSERT().
+
+  @param  ImageContext  Pointer to the image context structure that describes the
+                        PE/COFF image that has already been loaded and relocated.
+
+**/
+VOID
+EFIAPI
+UefiImageLoaderRelocateImageExtraAction (
+  IN CONST UEFI_IMAGE_LOADER_IMAGE_CONTEXT  *ImageContext
+  )
+{
+  RETURN_STATUS Status;
+  CONST CHAR8   *PdbPath;
+  UINT32        PdbPathSize;
+#if defined (__CC_ARM) || defined (__GNUC__)
+  CHAR8         Temp[512];
+#endif
+
+  Status = UefiImageGetSymbolsPath (ImageContext, &PdbPath, &PdbPathSize);
+
+  if (!RETURN_ERROR (Status)) {
+ #ifdef __CC_ARM
+ #if (__ARMCC_VERSION < 500000)
+    // Print out the command for the RVD debugger to load symbols for this image
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "load /a /ni /np %a &0x%p\n", DeCygwinPathIfNeeded (PdbPath, Temp, sizeof (Temp)), UefiImageLoaderGetImageAddress (ImageContext)));
+ #else
+    // Print out the command for the DS-5 to load symbols for this image
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "add-symbol-file %a -o 0x%p\n", DeCygwinPathIfNeeded (PdbPath, Temp, sizeof (Temp)), UefiImageLoaderGetImageAddress (ImageContext)));
+ #endif
+ #elif __GNUC__
+    // This may not work correctly if you generate PE/COFF directly as then the Offset would not be required
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "add-symbol-file %a -o 0x%p\n", DeCygwinPathIfNeeded (PdbPath, Temp, sizeof (Temp)), UefiImageLoaderGetImageAddress (ImageContext)));
+ #else
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "Loading driver at 0x%11p EntryPoint=0x%11p\n", (VOID *)(UINTN)UefiImageLoaderGetImageAddress (ImageContext), FUNCTION_ENTRY_POINT (UefiImageLoaderGetImageEntryPoint (ImageContext))));
+ #endif
+  } else {
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "Loading driver at 0x%11p EntryPoint=0x%11p\n", (VOID *)(UINTN)UefiImageLoaderGetImageAddress (ImageContext), FUNCTION_ENTRY_POINT (UefiImageLoaderGetImageEntryPoint (ImageContext))));
+  }
+}
+
+/**
+  Performs additional actions just before a PE/COFF image is unloaded.  Any resources
+  that were allocated by UefiImageLoaderRelocateImageExtraAction() must be freed.
+
+  If ImageContext is NULL, then ASSERT().
+
+  @param  ImageContext  Pointer to the image context structure that describes the
+                        PE/COFF image that is being unloaded.
+
+**/
+VOID
+EFIAPI
+UefiImageLoaderUnloadImageExtraAction (
+  IN OUT UEFI_IMAGE_LOADER_IMAGE_CONTEXT  *ImageContext
+  )
+{
+  RETURN_STATUS Status;
+  CONST CHAR8   *PdbPath;
+  UINT32        PdbPathSize;
+#if defined (__CC_ARM) || defined (__GNUC__)
+  CHAR8         Temp[512];
+#endif
+
+  Status = UefiImageGetSymbolsPath (ImageContext, &PdbPath, &PdbPathSize);
+
+  if (!RETURN_ERROR (Status)) {
+ #ifdef __CC_ARM
+    // Print out the command for the RVD debugger to load symbols for this image
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "unload symbols_only %a\n", DeCygwinPathIfNeeded (PdbPath, Temp, sizeof (Temp))));
+ #elif __GNUC__
+    // This may not work correctly if you generate PE/COFF directly as then the Offset would not be required
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "remove-symbol-file %a 0x%08x\n", DeCygwinPathIfNeeded (PdbPath, Temp, sizeof (Temp)), (UINTN)UefiImageLoaderGetImageAddress (ImageContext)));
+ #else
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "Unloading %a\n", PdbPath));
+ #endif
+  } else {
+    DEBUG ((DEBUG_LOAD | DEBUG_INFO, "Unloading driver at 0x%11p\n", (VOID *)(UINTN)UefiImageLoaderGetImageAddress (ImageContext)));
+  }
+}
diff --git a/ArmPkg/Library/DebugUefiImageExtraActionLib/DebugUefiImageExtraActionLib.inf b/ArmPkg/Library/DebugUefiImageExtraActionLib/DebugUefiImageExtraActionLib.inf
@@ -0,0 +1,33 @@
+#/** @file
+# UEFI Image extra action library for DXE phase that run Unix emulator.
+#
+# Lib to provide memory journal status code reporting Routines
+# Copyright (c) 2007 - 2010, Intel Corporation. All rights reserved.<BR>
+# Portions copyright (c) 2010, Apple Inc. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#
+#**/
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = DebugUnixUefiImageExtraActionLib
+  FILE_GUID                      = C3E9448E-1726-42fb-9368-41F75B038C0C
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = UefiImageExtraActionLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = ARM
+#
+
+[Sources.common]
+  DebugUefiImageExtraActionLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+
+[LibraryClasses]
+  DebugLib