diff options
| author | Ard Biesheuvel <ardb@kernel.org> | 2022-05-02 01:08:16 +0200 |
|---|---|---|
| committer | Ard Biesheuvel <ardb@kernel.org> | 2022-09-20 09:50:30 +0200 |
| commit | a050910972bb25152b42ad2e544652117c5ad915 (patch) | |
| tree | 3db3945c1e4c4b2acd94a3c8a267580b17877a7a /drivers/firmware/efi/libstub/Makefile | |
| parent | 514377d8a7da608ce618cdbeb5a2110a5a5178fc (diff) | |
| download | linux-a050910972bb25152b42ad2e544652117c5ad915.tar.gz linux-a050910972bb25152b42ad2e544652117c5ad915.tar.bz2 linux-a050910972bb25152b42ad2e544652117c5ad915.zip | |
efi/libstub: implement generic EFI zboot
Implement a minimal EFI app that decompresses the real kernel image and
launches it using the firmware's LoadImage and StartImage boot services.
This removes the need for any arch-specific hacks.
Note that on systems that have UEFI secure boot policies enabled,
LoadImage/StartImage require images to be signed, or their hashes known
a priori, in order to be permitted to boot.
There are various possible strategies to work around this requirement,
but they all rely either on overriding internal PI/DXE protocols (which
are not part of the EFI spec) or omitting the firmware provided
LoadImage() and StartImage() boot services, which is also undesirable,
given that they encapsulate platform specific policies related to secure
boot and measured boot, but also related to memory permissions (whether
or not and which types of heap allocations have both write and execute
permissions.)
The only generic and truly portable way around this is to simply sign
both the inner and the outer image with the same key/cert pair, so this
is what is implemented here.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Diffstat (limited to 'drivers/firmware/efi/libstub/Makefile')
| -rw-r--r-- | drivers/firmware/efi/libstub/Makefile | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/drivers/firmware/efi/libstub/Makefile b/drivers/firmware/efi/libstub/Makefile index da2798030581..4c59f39dbd40 100644 --- a/drivers/firmware/efi/libstub/Makefile +++ b/drivers/firmware/efi/libstub/Makefile @@ -77,6 +77,12 @@ lib-$(CONFIG_LOONGARCH) += loongarch-stub.o CFLAGS_arm32-stub.o := -DTEXT_OFFSET=$(TEXT_OFFSET) +zboot-obj-$(CONFIG_RISCV) := lib-clz_ctz.o lib-ashldi3.o +lib-$(CONFIG_EFI_ZBOOT) += zboot.o $(zboot-obj-y) + +extra-y := $(lib-y) +lib-y := $(patsubst %.o,%.stub.o,$(lib-y)) + # Even when -mbranch-protection=none is set, Clang will generate a # .note.gnu.property for code-less object files (like lib/ctype.c), # so work around this by explicitly removing the unwanted section. @@ -116,9 +122,6 @@ STUBCOPY_RELOC-$(CONFIG_ARM) := R_ARM_ABS # a verification pass to see if any absolute relocations exist in any of the # object files. # -extra-y := $(lib-y) -lib-y := $(patsubst %.o,%.stub.o,$(lib-y)) - STUBCOPY_FLAGS-$(CONFIG_ARM64) += --prefix-alloc-sections=.init \ --prefix-symbols=__efistub_ STUBCOPY_RELOC-$(CONFIG_ARM64) := R_AARCH64_ABS |