Module Name: src
Committed By: maxv
Date: Thu Jun 20 17:33:31 UTC 2019
Modified Files:
src/doc: TODO.kaslr
src/sys/arch/i386/stand/efiboot: boot.c
src/sys/arch/i386/stand/lib: exec.c
src/sys/lib/libsa: loadfile_elf32.c
Log Message:
Add KASLR support in UEFI.
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/doc/TODO.kaslr
cvs rdiff -u -r1.10 -r1.11 src/sys/arch/i386/stand/efiboot/boot.c
cvs rdiff -u -r1.69 -r1.70 src/sys/arch/i386/stand/lib/exec.c
cvs rdiff -u -r1.53 -r1.54 src/sys/lib/libsa/loadfile_elf32.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/TODO.kaslr
diff -u src/doc/TODO.kaslr:1.9 src/doc/TODO.kaslr:1.10
--- src/doc/TODO.kaslr:1.9 Sat Nov 24 17:54:18 2018
+++ src/doc/TODO.kaslr Thu Jun 20 17:33:30 2019
@@ -46,4 +46,4 @@
-- Sort the kernel sections by size, from largest to smallest, to save
memory.
--- Add the "pkboot" command in the EFI bootloader.
+[DONE] -- Add the "pkboot" command in the EFI bootloader.
Index: src/sys/arch/i386/stand/efiboot/boot.c
diff -u src/sys/arch/i386/stand/efiboot/boot.c:1.10 src/sys/arch/i386/stand/efiboot/boot.c:1.11
--- src/sys/arch/i386/stand/efiboot/boot.c:1.10 Wed Apr 11 10:32:09 2018
+++ src/sys/arch/i386/stand/efiboot/boot.c Thu Jun 20 17:33:31 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: boot.c,v 1.10 2018/04/11 10:32:09 nonaka Exp $ */
+/* $NetBSD: boot.c,v 1.11 2019/06/20 17:33:31 maxv Exp $ */
/*-
* Copyright (c) 2016 Kimihiro Nonaka <[email protected]>
@@ -62,6 +62,7 @@ static const char * const names[][2] = {
void command_help(char *);
void command_quit(char *);
void command_boot(char *);
+void command_pkboot(char *);
void command_consdev(char *);
void command_dev(char *);
void command_devpath(char *);
@@ -84,6 +85,7 @@ const struct bootblk_command commands[]
{ "?", command_help },
{ "quit", command_quit },
{ "boot", command_boot },
+ { "pkboot", command_pkboot },
{ "consdev", command_consdev },
{ "dev", command_dev },
{ "devpath", command_devpath },
@@ -362,7 +364,8 @@ command_help(char *arg)
printf("commands are:\n"
"boot [xdNx:][filename] [-12acdqsvxz]\n"
- " (ex. \"hd0a:netbsd.old -s\"\n"
+ " (ex. \"hd0a:netbsd.old -s\")\n"
+ "pkboot [xdNx:][filename] [-12acdqsvxz]\n"
"dev [xd[N[x]]:]\n"
"consdev {pc|com[0123][,{speed}]|com,{ioport}[,{speed}]}\n"
"devpath\n"
@@ -435,6 +438,15 @@ command_boot(char *arg)
}
void
+command_pkboot(char *arg)
+{
+ extern int has_prekern;
+ has_prekern = 1;
+ command_boot(arg);
+ has_prekern = 0;
+}
+
+void
command_dev(char *arg)
{
static char savedevname[MAXDEVNAME + 1];
Index: src/sys/arch/i386/stand/lib/exec.c
diff -u src/sys/arch/i386/stand/lib/exec.c:1.69 src/sys/arch/i386/stand/lib/exec.c:1.70
--- src/sys/arch/i386/stand/lib/exec.c:1.69 Sat Oct 7 10:26:38 2017
+++ src/sys/arch/i386/stand/lib/exec.c Thu Jun 20 17:33:31 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: exec.c,v 1.69 2017/10/07 10:26:38 maxv Exp $ */
+/* $NetBSD: exec.c,v 1.70 2019/06/20 17:33:31 maxv Exp $ */
/*
* Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -275,6 +275,7 @@ common_load_prekern(const char *file, u_
{
paddr_t kernpa_start, kernpa_end;
char prekernpath[] = "/prekern";
+ u_long prekern_start;
int fd, flags;
*extmem = getextmem();
@@ -283,13 +284,17 @@ common_load_prekern(const char *file, u_
marks[MARK_START] = loadaddr;
/* Load the prekern (static) */
- flags = LOAD_KERNEL & ~(LOAD_HDR|COUNT_HDR|LOAD_SYM|COUNT_SYM);
+ flags = LOAD_KERNEL & ~(LOAD_HDR|LOAD_SYM);
if ((fd = loadfile(prekernpath, marks, flags)) == -1)
return EIO;
close(fd);
- marks[MARK_END] = (1UL << 21); /* the kernel starts at 2MB XXX */
- kernpa_start = marks[MARK_END];
+ prekern_start = marks[MARK_START];
+
+ /* The kernel starts at 2MB. */
+ marks[MARK_START] = loadaddr;
+ marks[MARK_END] = loadaddr + (1UL << 21);
+ kernpa_start = (1UL << 21);
/* Load the kernel (dynamic) */
flags = (LOAD_KERNEL | LOAD_DYN) & ~(floppy ? LOAD_BACKWARDS : 0);
@@ -297,7 +302,7 @@ common_load_prekern(const char *file, u_
return EIO;
close(fd);
- kernpa_end = marks[MARK_END];
+ kernpa_end = marks[MARK_END] - loadaddr;
/* If the root fs type is unusual, load its module. */
if (fsmod != NULL)
@@ -319,6 +324,7 @@ common_load_prekern(const char *file, u_
bi_getmemmap();
#endif
+ marks[MARK_START] = prekern_start;
marks[MARK_END] = (((u_long)marks[MARK_END] + sizeof(int) - 1)) &
(-sizeof(int));
image_end = marks[MARK_END];
@@ -518,7 +524,7 @@ exec_netbsd(const char *file, physaddr_t
}
efi_kernel_start = marks[MARK_START];
- efi_kernel_size = image_end - efi_loadaddr - efi_kernel_start;
+ efi_kernel_size = image_end - (efi_loadaddr + efi_kernel_start);
#endif
startprog(marks[MARK_ENTRY], BOOT_NARGS, boot_argv,
x86_trunc_page(basemem * 1024));
@@ -541,6 +547,15 @@ count_netbsd(const char *file, u_long *r
u_long sz;
int err, fd;
+ if (has_prekern) {
+ /*
+ * Hardcoded for now. Need to count both the prekern and the
+ * kernel. 128MB is enough in all cases, so use that.
+ */
+ *rsz = (128UL << 20);
+ return 0;
+ }
+
howto = AB_SILENT;
memset(marks, 0, sizeof(marks));
Index: src/sys/lib/libsa/loadfile_elf32.c
diff -u src/sys/lib/libsa/loadfile_elf32.c:1.53 src/sys/lib/libsa/loadfile_elf32.c:1.54
--- src/sys/lib/libsa/loadfile_elf32.c:1.53 Thu Aug 23 17:35:42 2018
+++ src/sys/lib/libsa/loadfile_elf32.c Thu Jun 20 17:33:30 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: loadfile_elf32.c,v 1.53 2018/08/23 17:35:42 jmcneill Exp $ */
+/* $NetBSD: loadfile_elf32.c,v 1.54 2019/06/20 17:33:30 maxv Exp $ */
/*
* Copyright (c) 1997, 2008, 2017 The NetBSD Foundation, Inc.
@@ -340,7 +340,7 @@ ELFNAMEEND(readfile_global)(int fd, u_lo
static int
ELFNAMEEND(loadfile_dynamic)(int fd, Elf_Ehdr *elf, u_long *marks, int flags)
{
- const u_long offset = 0;
+ const u_long offset = marks[MARK_START];
Elf_Shdr *shdr;
Elf_Addr shpp, addr;
int i, j, loaded;
@@ -348,7 +348,7 @@ ELFNAMEEND(loadfile_dynamic)(int fd, Elf
Elf_Addr maxp, elfp = 0;
int ret;
- maxp = marks[MARK_END];
+ maxp = marks[MARK_END] - offset;
internalize_ehdr(elf->e_ident[EI_DATA], elf);
