PeCoffLoaderRelocateImageForRuntime () reapplies relocations to
prepare PE/COFF images for being invoked via a runtime virtual
mapping. Since the image has already been executed at this point,
it takes care to only update pointers that hold the same value they
held at image load time.
However, this check is incorrect for pairs of EFI_IMAGE_REL_BASED_HIGH
and EFI_IMAGE_REL_BASED_LOW relocations, since the check does not take
into account that the update may have affected only the other half of
the 32-bit word the pair refers to. For instance, if the load time
value and the current value are different in absolute value but equal
modulo 64 KB, the EFI_IMAGE_REL_BASED_LOW will be reapplied
inadvertently.
So record the entire 32-bit value in the fixup data for each of the
relocations, and compare the entire 32-bit value before applying
either of the them. To handle false negatives in the comparisons that
occur when the other relocation of a pair has been handled already,
keep a per-page record of which 32-bit words have been partially
relocated.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheu...@linaro.org>
---
MdePkg/Library/BasePeCoffLib/BasePeCoff.c | 47 ++++++++++++++++----
1 file changed, 38 insertions(+), 9 deletions(-)
diff --git a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
index 28c84062d125..23cb691ad729 100644
--- a/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
+++ b/MdePkg/Library/BasePeCoffLib/BasePeCoff.c
@@ -1106,17 +1106,20 @@ PeCoffLoaderRelocateImage (
Fixup32 = (UINT32 *) (Fixup16 - 1);
*Fixup16 = (UINT16) ((*Fixup32 + (UINT32) Adjust) >> 16);
if (FixupData != NULL) {
- *(UINT16 *) FixupData = *Fixup16;
- FixupData = FixupData + sizeof (UINT16);
+ FixupData = ALIGN_POINTER (FixupData, sizeof (UINT32));
+ *(UINT32 *) FixupData = *Fixup32 + (UINT32) Adjust;
+ FixupData = FixupData + sizeof (UINT32);
}
break;
case EFI_IMAGE_REL_BASED_LOW:
Fixup16 = (UINT16 *) Fixup;
- *Fixup16 = (UINT16) (*Fixup16 + (UINT16) Adjust);
+ Fixup32 = (UINT32 *) Fixup16;
+ *Fixup16 = (UINT16) ((*Fixup32 + (UINT32) Adjust) & 0xffff);
if (FixupData != NULL) {
- *(UINT16 *) FixupData = *Fixup16;
- FixupData = FixupData + sizeof (UINT16);
+ FixupData = ALIGN_POINTER (FixupData, sizeof (UINT32));
+ *(UINT32 *) FixupData = *Fixup32 + (UINT32) Adjust;
+ FixupData = FixupData + sizeof (UINT32);
}
break;
@@ -1725,6 +1728,8 @@ PeCoffLoaderRelocateImageForRuntime (
UINTN Adjust;
RETURN_STATUS Status;
UINT16 Magic;
+ UINT8 HighLowMask [SIZE_4KB / (8 *
sizeof(UINT32))];
+ UINTN HighLowMaskIndex;
OldBase = (CHAR8 *)((UINTN)ImageBase);
NewBase = (CHAR8 *)((UINTN)VirtImageBase);
@@ -1816,6 +1821,8 @@ PeCoffLoaderRelocateImageForRuntime (
RelocEnd = (UINT16 *) ((UINT8 *) RelocBase + RelocBase->SizeOfBlock);
FixupBase = (CHAR8 *) ((UINTN)ImageBase) + RelocBase->VirtualAddress;
+ ZeroMem (HighLowMask, sizeof (HighLowMask));
+
//
// Run this relocation record
//
@@ -1830,20 +1837,42 @@ PeCoffLoaderRelocateImageForRuntime (
case EFI_IMAGE_REL_BASED_HIGH:
Fixup16 = (UINT16 *) Fixup;
Fixup32 = (UINT32 *) (Fixup16 - 1);
- if (*(UINT16 *) FixupData == *Fixup16) {
+ HighLowMaskIndex = ((UINTN) Fixup32 & SIZE_4KB) >> 2;
+ FixupData = ALIGN_POINTER (FixupData, sizeof (UINT32));
+ if (*(UINT32 *) FixupData == *Fixup32 ||
+ (HighLowMask [HighLowMaskIndex >> 3] & (1 << (HighLowMaskIndex &
7))) != 0) {
+
*Fixup16 = (UINT16) ((*Fixup32 + (UINT32) Adjust) >> 16);
+
+ //
+ // Mark this location in the page as requiring the low relocation to
+ // be reapplied as well. This is necessary since the *Fixup
comparison
+ // with its FixupData will fail now that we have updated the high
word.
+ //
+ HighLowMask [HighLowMaskIndex >> 3] |= (1 << (HighLowMaskIndex & 7));
}
- FixupData = FixupData + sizeof (UINT16);
+ FixupData = FixupData + sizeof (UINT32);
break;
case EFI_IMAGE_REL_BASED_LOW:
Fixup16 = (UINT16 *) Fixup;
- if (*(UINT16 *) FixupData == *Fixup16) {
+ HighLowMaskIndex = ((UINTN) Fixup16 & SIZE_4KB) >> 2;
+ FixupData = ALIGN_POINTER (FixupData, sizeof (UINT32));
+ if (*(UINT32 *) FixupData == *(UINT32 *)Fixup ||
+ (HighLowMask [HighLowMaskIndex >> 3] & (1 << (HighLowMaskIndex &
7))) != 0) {
+
*Fixup16 = (UINT16) (*Fixup16 + ((UINT16) Adjust & 0xffff));
+
+ //
+ // Mark this location in the page as requiring the high relocation to
+ // be reapplied as well. This is necessary since the *Fixup
comparison
+ // with its FixupData will fail now that we have updated the low
word.
+ //
+ HighLowMask [HighLowMaskIndex >> 3] |= (1 << (HighLowMaskIndex & 7));
}
- FixupData = FixupData + sizeof (UINT16);
+ FixupData = FixupData + sizeof (UINT32);
break;
case EFI_IMAGE_REL_BASED_HIGHLOW:
--
1.9.1
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel
