[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v4 00/10] UEFI NX support and NX Linux loader using shim loader p
From: |
Mate Kukri |
Subject: |
[PATCH v4 00/10] UEFI NX support and NX Linux loader using shim loader protocol |
Date: |
Wed, 12 Jun 2024 16:57:03 +0100 |
Currently the patchset consists of:
- Reworked Fedora NX patches to make GRUB itself work under NX.
- Julian Andres Klode's loader framework patch (used in Debian and Ubuntu for
the downstream loader).
- Implemented shim loader protocol support using the above loader framework.
- Added patch to disallow using the legacy Linux loader when NX is required.
Future work:
- Implement NX in non-Linux loaders where applicable.
(Note that this is non-crtitical for security, as non-UEFI/Linux loaders are
disabled
by SB lockdown, but would be nice to avoid crashes for unsuspecting users on
future
hardware).
Julian Andres Klode (1):
efi: Provide wrappers for load_image, start_image, unload_image
Mate Kukri (6):
modules: load module sections at page-aligned addresses
nx: add memory attribute get/set API
nx: set page permissions for loaded modules.
nx: set the nx compatible flag in EFI grub images
efi: Use shim's loader protocol for EFI image verification and loading
efi: Disallow fallback to legacy Linux loader when shim says NX is
required.
Peter Jones (3):
modules: make .module_license read-only
modules: strip .llvm_addrsig sections and similar.
modules: Don't allocate space for non-allocable sections.
docs/grub-dev.texi | 6 +-
grub-core/genmod.sh.in | 5 +-
grub-core/kern/arm/dl.c | 13 +++
grub-core/kern/arm64/dl.c | 13 +++
grub-core/kern/dl.c | 160 +++++++++++++++++++++++------
grub-core/kern/efi/efi.c | 57 ++++++++++
grub-core/kern/efi/mm.c | 127 +++++++++++++++++++++++
grub-core/kern/efi/sb.c | 61 +++++++----
grub-core/kern/emu/full.c | 13 +++
grub-core/kern/i386/dl.c | 13 +++
grub-core/kern/ia64/dl.c | 9 ++
grub-core/kern/mips/dl.c | 8 ++
grub-core/kern/powerpc/dl.c | 9 ++
grub-core/kern/riscv/dl.c | 13 +++
grub-core/kern/sparc64/dl.c | 9 ++
grub-core/kern/x86_64/dl.c | 13 +++
grub-core/loader/efi/chainloader.c | 13 +--
grub-core/loader/efi/linux.c | 40 +++-----
include/grub/dl.h | 50 ++++++++-
include/grub/efi/api.h | 32 ++++++
include/grub/efi/efi.h | 42 ++++++++
include/grub/efi/pe32.h | 2 +
include/grub/efi/sb.h | 5 +-
include/grub/mm.h | 33 ++++++
util/mkimage.c | 1 +
25 files changed, 652 insertions(+), 95 deletions(-)
--
2.39.2
- [PATCH v4 00/10] UEFI NX support and NX Linux loader using shim loader protocol,
Mate Kukri <=
- [PATCH v4 06/10] nx: set page permissions for loaded modules., Mate Kukri, 2024/06/12
- [PATCH v4 02/10] modules: strip .llvm_addrsig sections and similar., Mate Kukri, 2024/06/12
- [PATCH v4 01/10] modules: make .module_license read-only, Mate Kukri, 2024/06/12
- [PATCH v4 03/10] modules: Don't allocate space for non-allocable sections., Mate Kukri, 2024/06/12
- [PATCH v4 05/10] nx: add memory attribute get/set API, Mate Kukri, 2024/06/12