Blame SOURCES/0151-efi-Set-image-base-address-before-jumping-to-the-PE-.patch

5593c8
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
5593c8
From: Javier Martinez Canillas <javierm@redhat.com>
5593c8
Date: Thu, 23 Apr 2020 15:06:46 +0200
5593c8
Subject: [PATCH] efi: Set image base address before jumping to the PE/COFF
5593c8
 entry point
5593c8
5593c8
Upstream GRUB uses the EFI LoadImage() and StartImage() to boot the Linux
5593c8
kernel. But our custom EFI loader that supports Secure Boot instead uses
5593c8
the EFI handover protocol (for x86) or jumping directly to the PE/COFF
5593c8
entry point (for aarch64).
5593c8
5593c8
This is done to allow the bootloader to verify the images using the shim
5593c8
lock protocol to avoid booting untrusted binaries.
5593c8
5593c8
Since the bootloader loads the kernel from the boot media instead of using
5593c8
LoadImage(), it is responsible to set the Loaded Image base address before
5593c8
booting the kernel.
5593c8
5593c8
Otherwise the kernel EFI stub will complain that it was not set correctly
5593c8
and print the following warning message:
5593c8
5593c8
EFI stub: ERROR: FIRMWARE BUG: efi_loaded_image_t::image_base has bogus value
5593c8
5593c8
Resolves: rhbz#1814690
5593c8
5593c8
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
5593c8
---
5593c8
 grub-core/loader/efi/linux.c | 14 ++++++++++++++
5593c8
 1 file changed, 14 insertions(+)
5593c8
5593c8
diff --git a/grub-core/loader/efi/linux.c b/grub-core/loader/efi/linux.c
1c6ba0
index 0622dfa48d..e8b9ecb17f 100644
5593c8
--- a/grub-core/loader/efi/linux.c
5593c8
+++ b/grub-core/loader/efi/linux.c
5593c8
@@ -72,6 +72,7 @@ grub_err_t
5593c8
 grub_efi_linux_boot (void *kernel_addr, grub_off_t handover_offset,
5593c8
 		     void *kernel_params)
5593c8
 {
5593c8
+  grub_efi_loaded_image_t *loaded_image = NULL;
5593c8
   handover_func hf;
5593c8
   int offset = 0;
5593c8
 
5593c8
@@ -79,6 +80,19 @@ grub_efi_linux_boot (void *kernel_addr, grub_off_t handover_offset,
5593c8
   offset = 512;
5593c8
 #endif
5593c8
 
5593c8
+  /*
5593c8
+   * Since the EFI loader is not calling the LoadImage() and StartImage()
5593c8
+   * services for loading the kernel and booting respectively, it has to
5593c8
+   * set the Loaded Image base address.
5593c8
+   */
5593c8
+  loaded_image = grub_efi_get_loaded_image (grub_efi_image_handle);
5593c8
+  if (loaded_image)
5593c8
+    loaded_image->image_base = kernel_addr;
5593c8
+  else
5593c8
+    grub_dprintf ("linux", "Loaded Image base address could not be set\n");
5593c8
+
5593c8
+  grub_dprintf ("linux", "kernel_addr: %p handover_offset: %p params: %p\n",
5593c8
+		kernel_addr, (void *)(grub_efi_uintn_t)handover_offset, kernel_params);
5593c8
   hf = (handover_func)((char *)kernel_addr + handover_offset + offset);
5593c8
   hf (grub_efi_image_handle, grub_efi_system_table, kernel_params);
5593c8