This commit adds the new config options to allow the user to modify the
following fields in the PE-COFF header.
UINT16 MajorOperatingSystemVersion
UINT16 MinorOperatingSystemVersion
UINT16 MajorImageVersion
UINT16 MinorImageVersion
Those fields are mainly for the executables or libraries in Windows NT
or higher to specify the minimum supported Windows version and the
version of the image itself.
Given the fact that those fields are ignored in UEFI, we can safely reuse
those fields for other purposes, e.g. Security Version(*).
(*) https://github.com/lcp/shim/wiki/Security-Version
v2 changes:
- Modify the header direct instead of using an external script as
suggested by Ard Biesheuvel
- Include arm and arm64
Cc: Russell King <[email protected]>
Cc: Matt Fleming <[email protected]>
Cc: Ard Biesheuvel <[email protected]>
Cc: Catalin Marinas <[email protected]>
Cc: Will Deacon <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Ingo Molnar <[email protected]>
Cc: "H. Peter Anvin" <[email protected]>
Cc: Joey Lee <[email protected]>
Cc: Vojtech Pavlik <[email protected]>
Signed-off-by: Gary Lin <[email protected]>
---
arch/arm/Kconfig | 24 ++++++++++++++++++++++++
arch/arm/boot/compressed/efi-header.S | 8 ++++----
arch/arm64/Kconfig | 24 ++++++++++++++++++++++++
arch/arm64/kernel/head.S | 8 ++++----
arch/x86/Kconfig | 24 ++++++++++++++++++++++++
arch/x86/boot/header.S | 8 ++++----
6 files changed, 84 insertions(+), 12 deletions(-)
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index 0d4e71b42c77..4965ad2ccc23 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -2090,6 +2090,30 @@ config EFI
is only useful for kernels that may run on systems that have
UEFI firmware.
+config EFI_MAJOR_OS
+ hex "EFI Major OS Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MINOR_OS
+ hex "EFI Minor OS Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MAJOR_IMAGE
+ hex "EFI Major Image Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MINOR_IMAGE
+ hex "EFI Minor Image Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
endmenu
menu "CPU Power Management"
diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S
index 9d5dc4fda3c1..67715472a76f 100644
--- a/arch/arm/boot/compressed/efi-header.S
+++ b/arch/arm/boot/compressed/efi-header.S
@@ -69,10 +69,10 @@ extra_header_fields:
.long 0 @ ImageBase
.long 0x200 @ SectionAlignment
.long 0x200 @ FileAlignment
- .short 0 @ MajorOperatingSystemVersion
- .short 0 @ MinorOperatingSystemVersion
- .short 0 @ MajorImageVersion
- .short 0 @ MinorImageVersion
+ .short CONFIG_EFI_MAJOR_OS @ MajorOperatingSystemVersion
+ .short CONFIG_EFI_MINOR_OS @ MinorOperatingSystemVersion
+ .short CONFIG_EFI_MAJOR_IMAGE @ MajorImageVersion
+ .short CONFIG_EFI_MINOR_IMAGE @ MinorImageVersion
.short 0 @ MajorSubsystemVersion
.short 0 @ MinorSubsystemVersion
.long 0 @ Win32VersionValue
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 3741859765cf..c782c422e58c 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
@@ -1033,6 +1033,30 @@ config EFI
allow the kernel to be booted as an EFI application. This
is only useful on systems that have UEFI firmware.
+config EFI_MAJOR_OS
+ hex "EFI Major OS Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MINOR_OS
+ hex "EFI Minor OS Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MAJOR_IMAGE
+ hex "EFI Major Image Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MINOR_IMAGE
+ hex "EFI Minor Image Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
config DMI
bool "Enable support for SMBIOS (DMI) tables"
depends on EFI
diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
index 4fb6ccd886d1..9faa4b04d0ef 100644
--- a/arch/arm64/kernel/head.S
+++ b/arch/arm64/kernel/head.S
@@ -129,10 +129,10 @@ extra_header_fields:
.quad 0 // ImageBase
.long 0x1000 // SectionAlignment
.long PECOFF_FILE_ALIGNMENT // FileAlignment
- .short 0 // MajorOperatingSystemVersion
- .short 0 // MinorOperatingSystemVersion
- .short 0 // MajorImageVersion
- .short 0 // MinorImageVersion
+ .short CONFIG_EFI_MAJOR_OS // MajorOperatingSystemVersion
+ .short CONFIG_EFI_MINOR_OS // MinorOperatingSystemVersion
+ .short CONFIG_EFI_MAJOR_IMAGE // MajorImageVersion
+ .short CONFIG_EFI_MINOR_IMAGE // MinorImageVersion
.short 0 // MajorSubsystemVersion
.short 0 // MinorSubsystemVersion
.long 0 // Win32VersionValue
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 5bbdef151805..233933fde7dd 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1803,6 +1803,30 @@ config EFI_STUB
See Documentation/efi-stub.txt for more information.
+config EFI_MAJOR_OS
+ hex "EFI Major OS Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MINOR_OS
+ hex "EFI Minor OS Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MAJOR_IMAGE
+ hex "EFI Major Image Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
+config EFI_MINOR_IMAGE
+ hex "EFI Minor Image Version"
+ range 0x0 0xFFFF
+ default "0x0"
+ depends on EFI_STUB
+
config EFI_MIXED
bool "EFI mixed-mode support"
depends on EFI_STUB && X86_64
diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
index 3dd5be33aaa7..863813007207 100644
--- a/arch/x86/boot/header.S
+++ b/arch/x86/boot/header.S
@@ -156,10 +156,10 @@ extra_header_fields:
#endif
.long 0x20 # SectionAlignment
.long 0x20 # FileAlignment
- .word 0 # MajorOperatingSystemVersion
- .word 0 # MinorOperatingSystemVersion
- .word 0 # MajorImageVersion
- .word 0 # MinorImageVersion
+ .word CONFIG_EFI_MAJOR_OS # MajorOperatingSystemVersion
+ .word CONFIG_EFI_MINOR_OS # MinorOperatingSystemVersion
+ .word CONFIG_EFI_MAJOR_IMAGE # MajorImageVersion
+ .word CONFIG_EFI_MINOR_IMAGE # MinorImageVersion
.word 0 # MajorSubsystemVersion
.word 0 # MinorSubsystemVersion
.long 0 # Win32VersionValue
--
2.12.0
On 13 April 2017 at 04:58, Gary Lin <[email protected]> wrote:
> This commit adds the new config options to allow the user to modify the
> following fields in the PE-COFF header.
>
> UINT16 MajorOperatingSystemVersion
> UINT16 MinorOperatingSystemVersion
> UINT16 MajorImageVersion
> UINT16 MinorImageVersion
>
> Those fields are mainly for the executables or libraries in Windows NT
> or higher to specify the minimum supported Windows version and the
> version of the image itself.
>
> Given the fact that those fields are ignored in UEFI, we can safely reuse
> those fields for other purposes, e.g. Security Version(*).
>
> (*) https://github.com/lcp/shim/wiki/Security-Version
>
> v2 changes:
> - Modify the header direct instead of using an external script as
> suggested by Ard Biesheuvel
> - Include arm and arm64
>
Thanks for the update. Could we put the Kconfig changes in
drivers/firmware/efi/Kconfig, rather than duplicating them 3 times?
> Cc: Russell King <[email protected]>
> Cc: Matt Fleming <[email protected]>
> Cc: Ard Biesheuvel <[email protected]>
> Cc: Catalin Marinas <[email protected]>
> Cc: Will Deacon <[email protected]>
> Cc: Thomas Gleixner <[email protected]>
> Cc: Ingo Molnar <[email protected]>
> Cc: "H. Peter Anvin" <[email protected]>
> Cc: Joey Lee <[email protected]>
> Cc: Vojtech Pavlik <[email protected]>
> Signed-off-by: Gary Lin <[email protected]>
> ---
> arch/arm/Kconfig | 24 ++++++++++++++++++++++++
> arch/arm/boot/compressed/efi-header.S | 8 ++++----
> arch/arm64/Kconfig | 24 ++++++++++++++++++++++++
> arch/arm64/kernel/head.S | 8 ++++----
> arch/x86/Kconfig | 24 ++++++++++++++++++++++++
> arch/x86/boot/header.S | 8 ++++----
> 6 files changed, 84 insertions(+), 12 deletions(-)
>
> diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> index 0d4e71b42c77..4965ad2ccc23 100644
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
> @@ -2090,6 +2090,30 @@ config EFI
> is only useful for kernels that may run on systems that have
> UEFI firmware.
>
> +config EFI_MAJOR_OS
> + hex "EFI Major OS Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MINOR_OS
> + hex "EFI Minor OS Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MAJOR_IMAGE
> + hex "EFI Major Image Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MINOR_IMAGE
> + hex "EFI Minor Image Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> endmenu
>
> menu "CPU Power Management"
> diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S
> index 9d5dc4fda3c1..67715472a76f 100644
> --- a/arch/arm/boot/compressed/efi-header.S
> +++ b/arch/arm/boot/compressed/efi-header.S
> @@ -69,10 +69,10 @@ extra_header_fields:
> .long 0 @ ImageBase
> .long 0x200 @ SectionAlignment
> .long 0x200 @ FileAlignment
> - .short 0 @ MajorOperatingSystemVersion
> - .short 0 @ MinorOperatingSystemVersion
> - .short 0 @ MajorImageVersion
> - .short 0 @ MinorImageVersion
> + .short CONFIG_EFI_MAJOR_OS @ MajorOperatingSystemVersion
> + .short CONFIG_EFI_MINOR_OS @ MinorOperatingSystemVersion
> + .short CONFIG_EFI_MAJOR_IMAGE @ MajorImageVersion
> + .short CONFIG_EFI_MINOR_IMAGE @ MinorImageVersion
> .short 0 @ MajorSubsystemVersion
> .short 0 @ MinorSubsystemVersion
> .long 0 @ Win32VersionValue
> diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> index 3741859765cf..c782c422e58c 100644
> --- a/arch/arm64/Kconfig
> +++ b/arch/arm64/Kconfig
> @@ -1033,6 +1033,30 @@ config EFI
> allow the kernel to be booted as an EFI application. This
> is only useful on systems that have UEFI firmware.
>
> +config EFI_MAJOR_OS
> + hex "EFI Major OS Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MINOR_OS
> + hex "EFI Minor OS Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MAJOR_IMAGE
> + hex "EFI Major Image Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MINOR_IMAGE
> + hex "EFI Minor Image Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> config DMI
> bool "Enable support for SMBIOS (DMI) tables"
> depends on EFI
> diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
> index 4fb6ccd886d1..9faa4b04d0ef 100644
> --- a/arch/arm64/kernel/head.S
> +++ b/arch/arm64/kernel/head.S
> @@ -129,10 +129,10 @@ extra_header_fields:
> .quad 0 // ImageBase
> .long 0x1000 // SectionAlignment
> .long PECOFF_FILE_ALIGNMENT // FileAlignment
> - .short 0 // MajorOperatingSystemVersion
> - .short 0 // MinorOperatingSystemVersion
> - .short 0 // MajorImageVersion
> - .short 0 // MinorImageVersion
> + .short CONFIG_EFI_MAJOR_OS // MajorOperatingSystemVersion
> + .short CONFIG_EFI_MINOR_OS // MinorOperatingSystemVersion
> + .short CONFIG_EFI_MAJOR_IMAGE // MajorImageVersion
> + .short CONFIG_EFI_MINOR_IMAGE // MinorImageVersion
> .short 0 // MajorSubsystemVersion
> .short 0 // MinorSubsystemVersion
> .long 0 // Win32VersionValue
> diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> index 5bbdef151805..233933fde7dd 100644
> --- a/arch/x86/Kconfig
> +++ b/arch/x86/Kconfig
> @@ -1803,6 +1803,30 @@ config EFI_STUB
>
> See Documentation/efi-stub.txt for more information.
>
> +config EFI_MAJOR_OS
> + hex "EFI Major OS Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MINOR_OS
> + hex "EFI Minor OS Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MAJOR_IMAGE
> + hex "EFI Major Image Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> +config EFI_MINOR_IMAGE
> + hex "EFI Minor Image Version"
> + range 0x0 0xFFFF
> + default "0x0"
> + depends on EFI_STUB
> +
> config EFI_MIXED
> bool "EFI mixed-mode support"
> depends on EFI_STUB && X86_64
> diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
> index 3dd5be33aaa7..863813007207 100644
> --- a/arch/x86/boot/header.S
> +++ b/arch/x86/boot/header.S
> @@ -156,10 +156,10 @@ extra_header_fields:
> #endif
> .long 0x20 # SectionAlignment
> .long 0x20 # FileAlignment
> - .word 0 # MajorOperatingSystemVersion
> - .word 0 # MinorOperatingSystemVersion
> - .word 0 # MajorImageVersion
> - .word 0 # MinorImageVersion
> + .word CONFIG_EFI_MAJOR_OS # MajorOperatingSystemVersion
> + .word CONFIG_EFI_MINOR_OS # MinorOperatingSystemVersion
> + .word CONFIG_EFI_MAJOR_IMAGE # MajorImageVersion
> + .word CONFIG_EFI_MINOR_IMAGE # MinorImageVersion
> .word 0 # MajorSubsystemVersion
> .word 0 # MinorSubsystemVersion
> .long 0 # Win32VersionValue
> --
> 2.12.0
>
On Thu, Apr 13, 2017 at 08:26:04AM +0100, Ard Biesheuvel wrote:
> On 13 April 2017 at 04:58, Gary Lin <[email protected]> wrote:
> > This commit adds the new config options to allow the user to modify the
> > following fields in the PE-COFF header.
> >
> > UINT16 MajorOperatingSystemVersion
> > UINT16 MinorOperatingSystemVersion
> > UINT16 MajorImageVersion
> > UINT16 MinorImageVersion
> >
> > Those fields are mainly for the executables or libraries in Windows NT
> > or higher to specify the minimum supported Windows version and the
> > version of the image itself.
> >
> > Given the fact that those fields are ignored in UEFI, we can safely reuse
> > those fields for other purposes, e.g. Security Version(*).
> >
> > (*) https://github.com/lcp/shim/wiki/Security-Version
> >
> > v2 changes:
> > - Modify the header direct instead of using an external script as
> > suggested by Ard Biesheuvel
> > - Include arm and arm64
> >
>
> Thanks for the update. Could we put the Kconfig changes in
> drivers/firmware/efi/Kconfig, rather than duplicating them 3 times?
Sure. Will send a v3 to update Kconfig.
Thanks,
Gary Lin
>
> > Cc: Russell King <[email protected]>
> > Cc: Matt Fleming <[email protected]>
> > Cc: Ard Biesheuvel <[email protected]>
> > Cc: Catalin Marinas <[email protected]>
> > Cc: Will Deacon <[email protected]>
> > Cc: Thomas Gleixner <[email protected]>
> > Cc: Ingo Molnar <[email protected]>
> > Cc: "H. Peter Anvin" <[email protected]>
> > Cc: Joey Lee <[email protected]>
> > Cc: Vojtech Pavlik <[email protected]>
> > Signed-off-by: Gary Lin <[email protected]>
> > ---
> > arch/arm/Kconfig | 24 ++++++++++++++++++++++++
> > arch/arm/boot/compressed/efi-header.S | 8 ++++----
> > arch/arm64/Kconfig | 24 ++++++++++++++++++++++++
> > arch/arm64/kernel/head.S | 8 ++++----
> > arch/x86/Kconfig | 24 ++++++++++++++++++++++++
> > arch/x86/boot/header.S | 8 ++++----
> > 6 files changed, 84 insertions(+), 12 deletions(-)
> >
> > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> > index 0d4e71b42c77..4965ad2ccc23 100644
> > --- a/arch/arm/Kconfig
> > +++ b/arch/arm/Kconfig
> > @@ -2090,6 +2090,30 @@ config EFI
> > is only useful for kernels that may run on systems that have
> > UEFI firmware.
> >
> > +config EFI_MAJOR_OS
> > + hex "EFI Major OS Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MINOR_OS
> > + hex "EFI Minor OS Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MAJOR_IMAGE
> > + hex "EFI Major Image Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MINOR_IMAGE
> > + hex "EFI Minor Image Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > endmenu
> >
> > menu "CPU Power Management"
> > diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S
> > index 9d5dc4fda3c1..67715472a76f 100644
> > --- a/arch/arm/boot/compressed/efi-header.S
> > +++ b/arch/arm/boot/compressed/efi-header.S
> > @@ -69,10 +69,10 @@ extra_header_fields:
> > .long 0 @ ImageBase
> > .long 0x200 @ SectionAlignment
> > .long 0x200 @ FileAlignment
> > - .short 0 @ MajorOperatingSystemVersion
> > - .short 0 @ MinorOperatingSystemVersion
> > - .short 0 @ MajorImageVersion
> > - .short 0 @ MinorImageVersion
> > + .short CONFIG_EFI_MAJOR_OS @ MajorOperatingSystemVersion
> > + .short CONFIG_EFI_MINOR_OS @ MinorOperatingSystemVersion
> > + .short CONFIG_EFI_MAJOR_IMAGE @ MajorImageVersion
> > + .short CONFIG_EFI_MINOR_IMAGE @ MinorImageVersion
> > .short 0 @ MajorSubsystemVersion
> > .short 0 @ MinorSubsystemVersion
> > .long 0 @ Win32VersionValue
> > diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> > index 3741859765cf..c782c422e58c 100644
> > --- a/arch/arm64/Kconfig
> > +++ b/arch/arm64/Kconfig
> > @@ -1033,6 +1033,30 @@ config EFI
> > allow the kernel to be booted as an EFI application. This
> > is only useful on systems that have UEFI firmware.
> >
> > +config EFI_MAJOR_OS
> > + hex "EFI Major OS Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MINOR_OS
> > + hex "EFI Minor OS Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MAJOR_IMAGE
> > + hex "EFI Major Image Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MINOR_IMAGE
> > + hex "EFI Minor Image Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > config DMI
> > bool "Enable support for SMBIOS (DMI) tables"
> > depends on EFI
> > diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
> > index 4fb6ccd886d1..9faa4b04d0ef 100644
> > --- a/arch/arm64/kernel/head.S
> > +++ b/arch/arm64/kernel/head.S
> > @@ -129,10 +129,10 @@ extra_header_fields:
> > .quad 0 // ImageBase
> > .long 0x1000 // SectionAlignment
> > .long PECOFF_FILE_ALIGNMENT // FileAlignment
> > - .short 0 // MajorOperatingSystemVersion
> > - .short 0 // MinorOperatingSystemVersion
> > - .short 0 // MajorImageVersion
> > - .short 0 // MinorImageVersion
> > + .short CONFIG_EFI_MAJOR_OS // MajorOperatingSystemVersion
> > + .short CONFIG_EFI_MINOR_OS // MinorOperatingSystemVersion
> > + .short CONFIG_EFI_MAJOR_IMAGE // MajorImageVersion
> > + .short CONFIG_EFI_MINOR_IMAGE // MinorImageVersion
> > .short 0 // MajorSubsystemVersion
> > .short 0 // MinorSubsystemVersion
> > .long 0 // Win32VersionValue
> > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> > index 5bbdef151805..233933fde7dd 100644
> > --- a/arch/x86/Kconfig
> > +++ b/arch/x86/Kconfig
> > @@ -1803,6 +1803,30 @@ config EFI_STUB
> >
> > See Documentation/efi-stub.txt for more information.
> >
> > +config EFI_MAJOR_OS
> > + hex "EFI Major OS Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MINOR_OS
> > + hex "EFI Minor OS Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MAJOR_IMAGE
> > + hex "EFI Major Image Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > +config EFI_MINOR_IMAGE
> > + hex "EFI Minor Image Version"
> > + range 0x0 0xFFFF
> > + default "0x0"
> > + depends on EFI_STUB
> > +
> > config EFI_MIXED
> > bool "EFI mixed-mode support"
> > depends on EFI_STUB && X86_64
> > diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
> > index 3dd5be33aaa7..863813007207 100644
> > --- a/arch/x86/boot/header.S
> > +++ b/arch/x86/boot/header.S
> > @@ -156,10 +156,10 @@ extra_header_fields:
> > #endif
> > .long 0x20 # SectionAlignment
> > .long 0x20 # FileAlignment
> > - .word 0 # MajorOperatingSystemVersion
> > - .word 0 # MinorOperatingSystemVersion
> > - .word 0 # MajorImageVersion
> > - .word 0 # MinorImageVersion
> > + .word CONFIG_EFI_MAJOR_OS # MajorOperatingSystemVersion
> > + .word CONFIG_EFI_MINOR_OS # MinorOperatingSystemVersion
> > + .word CONFIG_EFI_MAJOR_IMAGE # MajorImageVersion
> > + .word CONFIG_EFI_MINOR_IMAGE # MinorImageVersion
> > .word 0 # MajorSubsystemVersion
> > .word 0 # MinorSubsystemVersion
> > .long 0 # Win32VersionValue
> > --
> > 2.12.0
> >
>
On Thu, Apr 13, 2017 at 12:47 AM, Gary Lin <[email protected]> wrote:
> On Thu, Apr 13, 2017 at 08:26:04AM +0100, Ard Biesheuvel wrote:
>> On 13 April 2017 at 04:58, Gary Lin <[email protected]> wrote:
>> > This commit adds the new config options to allow the user to modify the
>> > following fields in the PE-COFF header.
>> >
>> > UINT16 MajorOperatingSystemVersion
>> > UINT16 MinorOperatingSystemVersion
>> > UINT16 MajorImageVersion
>> > UINT16 MinorImageVersion
>> >
>> > Those fields are mainly for the executables or libraries in Windows NT
>> > or higher to specify the minimum supported Windows version and the
>> > version of the image itself.
>> >
>> > Given the fact that those fields are ignored in UEFI, we can safely reuse
>> > those fields for other purposes, e.g. Security Version(*).
>> >
>> > (*) https://github.com/lcp/shim/wiki/Security-Version
>> >
>> > v2 changes:
>> > - Modify the header direct instead of using an external script as
>> > suggested by Ard Biesheuvel
>> > - Include arm and arm64
>> >
>>
>> Thanks for the update. Could we put the Kconfig changes in
>> drivers/firmware/efi/Kconfig, rather than duplicating them 3 times?
>
> Sure. Will send a v3 to update Kconfig.
>
> Thanks,
>
> Gary Lin
I think it would be nice to have a comment in the code (or maybe help
in the kconfig, or Documentation/efi-stub.txt) that indicates the
expected use of these variables, as the field names and PE/COFF spec
won't help here.
Thanks,
Roy
>
>>
>> > Cc: Russell King <[email protected]>
>> > Cc: Matt Fleming <[email protected]>
>> > Cc: Ard Biesheuvel <[email protected]>
>> > Cc: Catalin Marinas <[email protected]>
>> > Cc: Will Deacon <[email protected]>
>> > Cc: Thomas Gleixner <[email protected]>
>> > Cc: Ingo Molnar <[email protected]>
>> > Cc: "H. Peter Anvin" <[email protected]>
>> > Cc: Joey Lee <[email protected]>
>> > Cc: Vojtech Pavlik <[email protected]>
>> > Signed-off-by: Gary Lin <[email protected]>
>> > ---
>> > arch/arm/Kconfig | 24 ++++++++++++++++++++++++
>> > arch/arm/boot/compressed/efi-header.S | 8 ++++----
>> > arch/arm64/Kconfig | 24 ++++++++++++++++++++++++
>> > arch/arm64/kernel/head.S | 8 ++++----
>> > arch/x86/Kconfig | 24 ++++++++++++++++++++++++
>> > arch/x86/boot/header.S | 8 ++++----
>> > 6 files changed, 84 insertions(+), 12 deletions(-)
>> >
>> > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
>> > index 0d4e71b42c77..4965ad2ccc23 100644
>> > --- a/arch/arm/Kconfig
>> > +++ b/arch/arm/Kconfig
>> > @@ -2090,6 +2090,30 @@ config EFI
>> > is only useful for kernels that may run on systems that have
>> > UEFI firmware.
>> >
>> > +config EFI_MAJOR_OS
>> > + hex "EFI Major OS Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MINOR_OS
>> > + hex "EFI Minor OS Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MAJOR_IMAGE
>> > + hex "EFI Major Image Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MINOR_IMAGE
>> > + hex "EFI Minor Image Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > endmenu
>> >
>> > menu "CPU Power Management"
>> > diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S
>> > index 9d5dc4fda3c1..67715472a76f 100644
>> > --- a/arch/arm/boot/compressed/efi-header.S
>> > +++ b/arch/arm/boot/compressed/efi-header.S
>> > @@ -69,10 +69,10 @@ extra_header_fields:
>> > .long 0 @ ImageBase
>> > .long 0x200 @ SectionAlignment
>> > .long 0x200 @ FileAlignment
>> > - .short 0 @ MajorOperatingSystemVersion
>> > - .short 0 @ MinorOperatingSystemVersion
>> > - .short 0 @ MajorImageVersion
>> > - .short 0 @ MinorImageVersion
>> > + .short CONFIG_EFI_MAJOR_OS @ MajorOperatingSystemVersion
>> > + .short CONFIG_EFI_MINOR_OS @ MinorOperatingSystemVersion
>> > + .short CONFIG_EFI_MAJOR_IMAGE @ MajorImageVersion
>> > + .short CONFIG_EFI_MINOR_IMAGE @ MinorImageVersion
>> > .short 0 @ MajorSubsystemVersion
>> > .short 0 @ MinorSubsystemVersion
>> > .long 0 @ Win32VersionValue
>> > diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
>> > index 3741859765cf..c782c422e58c 100644
>> > --- a/arch/arm64/Kconfig
>> > +++ b/arch/arm64/Kconfig
>> > @@ -1033,6 +1033,30 @@ config EFI
>> > allow the kernel to be booted as an EFI application. This
>> > is only useful on systems that have UEFI firmware.
>> >
>> > +config EFI_MAJOR_OS
>> > + hex "EFI Major OS Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MINOR_OS
>> > + hex "EFI Minor OS Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MAJOR_IMAGE
>> > + hex "EFI Major Image Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MINOR_IMAGE
>> > + hex "EFI Minor Image Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > config DMI
>> > bool "Enable support for SMBIOS (DMI) tables"
>> > depends on EFI
>> > diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
>> > index 4fb6ccd886d1..9faa4b04d0ef 100644
>> > --- a/arch/arm64/kernel/head.S
>> > +++ b/arch/arm64/kernel/head.S
>> > @@ -129,10 +129,10 @@ extra_header_fields:
>> > .quad 0 // ImageBase
>> > .long 0x1000 // SectionAlignment
>> > .long PECOFF_FILE_ALIGNMENT // FileAlignment
>> > - .short 0 // MajorOperatingSystemVersion
>> > - .short 0 // MinorOperatingSystemVersion
>> > - .short 0 // MajorImageVersion
>> > - .short 0 // MinorImageVersion
>> > + .short CONFIG_EFI_MAJOR_OS // MajorOperatingSystemVersion
>> > + .short CONFIG_EFI_MINOR_OS // MinorOperatingSystemVersion
>> > + .short CONFIG_EFI_MAJOR_IMAGE // MajorImageVersion
>> > + .short CONFIG_EFI_MINOR_IMAGE // MinorImageVersion
>> > .short 0 // MajorSubsystemVersion
>> > .short 0 // MinorSubsystemVersion
>> > .long 0 // Win32VersionValue
>> > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
>> > index 5bbdef151805..233933fde7dd 100644
>> > --- a/arch/x86/Kconfig
>> > +++ b/arch/x86/Kconfig
>> > @@ -1803,6 +1803,30 @@ config EFI_STUB
>> >
>> > See Documentation/efi-stub.txt for more information.
>> >
>> > +config EFI_MAJOR_OS
>> > + hex "EFI Major OS Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MINOR_OS
>> > + hex "EFI Minor OS Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MAJOR_IMAGE
>> > + hex "EFI Major Image Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > +config EFI_MINOR_IMAGE
>> > + hex "EFI Minor Image Version"
>> > + range 0x0 0xFFFF
>> > + default "0x0"
>> > + depends on EFI_STUB
>> > +
>> > config EFI_MIXED
>> > bool "EFI mixed-mode support"
>> > depends on EFI_STUB && X86_64
>> > diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
>> > index 3dd5be33aaa7..863813007207 100644
>> > --- a/arch/x86/boot/header.S
>> > +++ b/arch/x86/boot/header.S
>> > @@ -156,10 +156,10 @@ extra_header_fields:
>> > #endif
>> > .long 0x20 # SectionAlignment
>> > .long 0x20 # FileAlignment
>> > - .word 0 # MajorOperatingSystemVersion
>> > - .word 0 # MinorOperatingSystemVersion
>> > - .word 0 # MajorImageVersion
>> > - .word 0 # MinorImageVersion
>> > + .word CONFIG_EFI_MAJOR_OS # MajorOperatingSystemVersion
>> > + .word CONFIG_EFI_MINOR_OS # MinorOperatingSystemVersion
>> > + .word CONFIG_EFI_MAJOR_IMAGE # MajorImageVersion
>> > + .word CONFIG_EFI_MINOR_IMAGE # MinorImageVersion
>> > .word 0 # MajorSubsystemVersion
>> > .word 0 # MinorSubsystemVersion
>> > .long 0 # Win32VersionValue
>> > --
>> > 2.12.0
>> >
>>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-efi" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
On Mon, Apr 17, 2017 at 11:09:38AM -0700, Roy Franz (HPE) wrote:
> On Thu, Apr 13, 2017 at 12:47 AM, Gary Lin <[email protected]> wrote:
> > On Thu, Apr 13, 2017 at 08:26:04AM +0100, Ard Biesheuvel wrote:
> >> On 13 April 2017 at 04:58, Gary Lin <[email protected]> wrote:
> >> > This commit adds the new config options to allow the user to modify the
> >> > following fields in the PE-COFF header.
> >> >
> >> > UINT16 MajorOperatingSystemVersion
> >> > UINT16 MinorOperatingSystemVersion
> >> > UINT16 MajorImageVersion
> >> > UINT16 MinorImageVersion
> >> >
> >> > Those fields are mainly for the executables or libraries in Windows NT
> >> > or higher to specify the minimum supported Windows version and the
> >> > version of the image itself.
> >> >
> >> > Given the fact that those fields are ignored in UEFI, we can safely reuse
> >> > those fields for other purposes, e.g. Security Version(*).
> >> >
> >> > (*) https://github.com/lcp/shim/wiki/Security-Version
> >> >
> >> > v2 changes:
> >> > - Modify the header direct instead of using an external script as
> >> > suggested by Ard Biesheuvel
> >> > - Include arm and arm64
> >> >
> >>
> >> Thanks for the update. Could we put the Kconfig changes in
> >> drivers/firmware/efi/Kconfig, rather than duplicating them 3 times?
> >
> > Sure. Will send a v3 to update Kconfig.
> >
> > Thanks,
> >
> > Gary Lin
>
> I think it would be nice to have a comment in the code (or maybe help
> in the kconfig, or Documentation/efi-stub.txt) that indicates the
> expected use of these variables, as the field names and PE/COFF spec
> won't help here.
>
Agree. Since HPA has the concern about using the PE/COFF header, I just
raised the issue to UEFI forum and wait for the response. I'll update the
patch and document after sorting out the problem.
Thanks,
Gary Lin
> Thanks,
> Roy
>
> >
> >>
> >> > Cc: Russell King <[email protected]>
> >> > Cc: Matt Fleming <[email protected]>
> >> > Cc: Ard Biesheuvel <[email protected]>
> >> > Cc: Catalin Marinas <[email protected]>
> >> > Cc: Will Deacon <[email protected]>
> >> > Cc: Thomas Gleixner <[email protected]>
> >> > Cc: Ingo Molnar <[email protected]>
> >> > Cc: "H. Peter Anvin" <[email protected]>
> >> > Cc: Joey Lee <[email protected]>
> >> > Cc: Vojtech Pavlik <[email protected]>
> >> > Signed-off-by: Gary Lin <[email protected]>
> >> > ---
> >> > arch/arm/Kconfig | 24 ++++++++++++++++++++++++
> >> > arch/arm/boot/compressed/efi-header.S | 8 ++++----
> >> > arch/arm64/Kconfig | 24 ++++++++++++++++++++++++
> >> > arch/arm64/kernel/head.S | 8 ++++----
> >> > arch/x86/Kconfig | 24 ++++++++++++++++++++++++
> >> > arch/x86/boot/header.S | 8 ++++----
> >> > 6 files changed, 84 insertions(+), 12 deletions(-)
> >> >
> >> > diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
> >> > index 0d4e71b42c77..4965ad2ccc23 100644
> >> > --- a/arch/arm/Kconfig
> >> > +++ b/arch/arm/Kconfig
> >> > @@ -2090,6 +2090,30 @@ config EFI
> >> > is only useful for kernels that may run on systems that have
> >> > UEFI firmware.
> >> >
> >> > +config EFI_MAJOR_OS
> >> > + hex "EFI Major OS Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MINOR_OS
> >> > + hex "EFI Minor OS Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MAJOR_IMAGE
> >> > + hex "EFI Major Image Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MINOR_IMAGE
> >> > + hex "EFI Minor Image Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > endmenu
> >> >
> >> > menu "CPU Power Management"
> >> > diff --git a/arch/arm/boot/compressed/efi-header.S b/arch/arm/boot/compressed/efi-header.S
> >> > index 9d5dc4fda3c1..67715472a76f 100644
> >> > --- a/arch/arm/boot/compressed/efi-header.S
> >> > +++ b/arch/arm/boot/compressed/efi-header.S
> >> > @@ -69,10 +69,10 @@ extra_header_fields:
> >> > .long 0 @ ImageBase
> >> > .long 0x200 @ SectionAlignment
> >> > .long 0x200 @ FileAlignment
> >> > - .short 0 @ MajorOperatingSystemVersion
> >> > - .short 0 @ MinorOperatingSystemVersion
> >> > - .short 0 @ MajorImageVersion
> >> > - .short 0 @ MinorImageVersion
> >> > + .short CONFIG_EFI_MAJOR_OS @ MajorOperatingSystemVersion
> >> > + .short CONFIG_EFI_MINOR_OS @ MinorOperatingSystemVersion
> >> > + .short CONFIG_EFI_MAJOR_IMAGE @ MajorImageVersion
> >> > + .short CONFIG_EFI_MINOR_IMAGE @ MinorImageVersion
> >> > .short 0 @ MajorSubsystemVersion
> >> > .short 0 @ MinorSubsystemVersion
> >> > .long 0 @ Win32VersionValue
> >> > diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
> >> > index 3741859765cf..c782c422e58c 100644
> >> > --- a/arch/arm64/Kconfig
> >> > +++ b/arch/arm64/Kconfig
> >> > @@ -1033,6 +1033,30 @@ config EFI
> >> > allow the kernel to be booted as an EFI application. This
> >> > is only useful on systems that have UEFI firmware.
> >> >
> >> > +config EFI_MAJOR_OS
> >> > + hex "EFI Major OS Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MINOR_OS
> >> > + hex "EFI Minor OS Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MAJOR_IMAGE
> >> > + hex "EFI Major Image Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MINOR_IMAGE
> >> > + hex "EFI Minor Image Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > config DMI
> >> > bool "Enable support for SMBIOS (DMI) tables"
> >> > depends on EFI
> >> > diff --git a/arch/arm64/kernel/head.S b/arch/arm64/kernel/head.S
> >> > index 4fb6ccd886d1..9faa4b04d0ef 100644
> >> > --- a/arch/arm64/kernel/head.S
> >> > +++ b/arch/arm64/kernel/head.S
> >> > @@ -129,10 +129,10 @@ extra_header_fields:
> >> > .quad 0 // ImageBase
> >> > .long 0x1000 // SectionAlignment
> >> > .long PECOFF_FILE_ALIGNMENT // FileAlignment
> >> > - .short 0 // MajorOperatingSystemVersion
> >> > - .short 0 // MinorOperatingSystemVersion
> >> > - .short 0 // MajorImageVersion
> >> > - .short 0 // MinorImageVersion
> >> > + .short CONFIG_EFI_MAJOR_OS // MajorOperatingSystemVersion
> >> > + .short CONFIG_EFI_MINOR_OS // MinorOperatingSystemVersion
> >> > + .short CONFIG_EFI_MAJOR_IMAGE // MajorImageVersion
> >> > + .short CONFIG_EFI_MINOR_IMAGE // MinorImageVersion
> >> > .short 0 // MajorSubsystemVersion
> >> > .short 0 // MinorSubsystemVersion
> >> > .long 0 // Win32VersionValue
> >> > diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
> >> > index 5bbdef151805..233933fde7dd 100644
> >> > --- a/arch/x86/Kconfig
> >> > +++ b/arch/x86/Kconfig
> >> > @@ -1803,6 +1803,30 @@ config EFI_STUB
> >> >
> >> > See Documentation/efi-stub.txt for more information.
> >> >
> >> > +config EFI_MAJOR_OS
> >> > + hex "EFI Major OS Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MINOR_OS
> >> > + hex "EFI Minor OS Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MAJOR_IMAGE
> >> > + hex "EFI Major Image Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > +config EFI_MINOR_IMAGE
> >> > + hex "EFI Minor Image Version"
> >> > + range 0x0 0xFFFF
> >> > + default "0x0"
> >> > + depends on EFI_STUB
> >> > +
> >> > config EFI_MIXED
> >> > bool "EFI mixed-mode support"
> >> > depends on EFI_STUB && X86_64
> >> > diff --git a/arch/x86/boot/header.S b/arch/x86/boot/header.S
> >> > index 3dd5be33aaa7..863813007207 100644
> >> > --- a/arch/x86/boot/header.S
> >> > +++ b/arch/x86/boot/header.S
> >> > @@ -156,10 +156,10 @@ extra_header_fields:
> >> > #endif
> >> > .long 0x20 # SectionAlignment
> >> > .long 0x20 # FileAlignment
> >> > - .word 0 # MajorOperatingSystemVersion
> >> > - .word 0 # MinorOperatingSystemVersion
> >> > - .word 0 # MajorImageVersion
> >> > - .word 0 # MinorImageVersion
> >> > + .word CONFIG_EFI_MAJOR_OS # MajorOperatingSystemVersion
> >> > + .word CONFIG_EFI_MINOR_OS # MinorOperatingSystemVersion
> >> > + .word CONFIG_EFI_MAJOR_IMAGE # MajorImageVersion
> >> > + .word CONFIG_EFI_MINOR_IMAGE # MinorImageVersion
> >> > .word 0 # MajorSubsystemVersion
> >> > .word 0 # MinorSubsystemVersion
> >> > .long 0 # Win32VersionValue
> >> > --
> >> > 2.12.0
> >> >
> >>
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-efi" in
> > the body of a message to [email protected]
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
>