Received: by 2002:a05:7412:251c:b0:e2:908c:2ebd with SMTP id w28csp1150274rda; Mon, 23 Oct 2023 04:23:46 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFw3WxX31bMYC1P2B2jpox9Nss41gykfVGzk6MBno6HIAKV0F/ahvLnto6gkuL4i7Wgc9D3 X-Received: by 2002:a05:6358:c602:b0:168:cfc5:82c with SMTP id fd2-20020a056358c60200b00168cfc5082cmr4762808rwb.13.1698060226132; Mon, 23 Oct 2023 04:23:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698060226; cv=none; d=google.com; s=arc-20160816; b=P5axz+SroTYHJyX/CPjrpiCv4P29ut3T/Q7AcaQHPuAmrVibnGyhBNlCvt1CdSz6/4 FWKd2YAwx978rcski/GE9qYoDEvdWWYv6UK91Xorl4kd+tas2nj9MK6QRzAQrqaN07eE eC9z+hQRV5zD0yHhGB/Sww3geR+0zjrnwc1Ou7yelFI/fJuCcQkTGc9T57UGaUKu9N51 i+lLg/f63GDxf+e10V+1dPDkwVrT/S02iT65j3Qt70CVqNERoVRoHjVx9xkt8NDG49/R mTOyifyl70s43qVM1Kl91FeqLp1xyQG7yRdl3Aup5u4bDiG1G65ZfigdURj3+1XIKiG0 P3FQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=glLG5TEhfKd3JiZvDQuB9V+Fcua4mDvO1k0ZC6eacp0=; fh=zUWSkYn3Lyjc3skt8mdD7CLgtnUwjH/7T5COGnH40dg=; b=ARjQrNl0VYrfn7ml/HAplhGmtBBzuuPalK8Occ6CvPyQSHAfPOn6to3imOD3VCfj2T y/s0gRcujEQfT8xlUL6S8LxLRfN6UXhW2OetHePmUv47i6hqL0pV8QI2v1Ugg5GBehy3 mfAI/YK8xMDNgfPAiZ5XvEUfuvQOK25Y5ZvIyxKb0FOtEjU9HjrxUddoOOKxQ3A0zH1u 0OMHN/jZZ8ASlZVOSvCTUcQJdOQhuHTHmzT+EcNgEtPB4w0ywTUPvXgqBvfpxNhRdBEn Q9dFTINoE2Nv2ZuseSAfg3Z6vWt4k/KIz8NcCQ+ydwiOJ8aqHkEU69hV+eABJyv7T9rD jHGA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="atv/E5gn"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id 16-20020a630110000000b00578d460cd7esi6098206pgb.431.2023.10.23.04.23.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Oct 2023 04:23:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="atv/E5gn"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 6B2388075034; Mon, 23 Oct 2023 04:23:41 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233936AbjJWLX1 (ORCPT + 99 others); Mon, 23 Oct 2023 07:23:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35912 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233903AbjJWLXQ (ORCPT ); Mon, 23 Oct 2023 07:23:16 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 76A8E170B; Mon, 23 Oct 2023 04:23:08 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5600FC433C8; Mon, 23 Oct 2023 11:23:07 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1698060187; bh=glLG5TEhfKd3JiZvDQuB9V+Fcua4mDvO1k0ZC6eacp0=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=atv/E5gn+WmLReO/x2YKldnKkDthQNncv6YsghD8O/XQOsuHFgnRzr+fS8OnupBE4 BbF1H3Ub6HISCeCvgvE9RKMozLiSvG3HIv4//GCiySQzZwu+vm3mmr+2RZ8FmE2Bik +HxqkXSq/+wkV8f3jzGUgr1/VJtxrx0JDwqg9wFxD/SnjgdFqsCutrQMredIk8IVuf Oo5akXVFtqeCkY37mV1PbBwlCPWvQKlli5xV1xND9num/mtWK2bgqnggjk+sgy5p/h EUXhX8m00pVO5vvjOGDwXyVbNgx7Mt2FoetnntVlGu5IqX2TTwNBLcxszDvS4t/nuL uVxJtkMsyPYfw== Received: by mail-lj1-f177.google.com with SMTP id 38308e7fff4ca-2c16757987fso46004781fa.3; Mon, 23 Oct 2023 04:23:07 -0700 (PDT) X-Gm-Message-State: AOJu0YzrrVvzO2/KbYj/HLSHv0v7WfIqT4LAY1iHBJHBUTRa0X3J+WSH IFg6+o8EeRf70AyITFwzLq6G8jicp7Qcx1hVHq8= X-Received: by 2002:a2e:905a:0:b0:2c5:50d:3fc3 with SMTP id n26-20020a2e905a000000b002c5050d3fc3mr5766127ljg.7.1698060185523; Mon, 23 Oct 2023 04:23:05 -0700 (PDT) MIME-Version: 1.0 References: <20230912090051.4014114-17-ardb@google.com> In-Reply-To: From: Ard Biesheuvel Date: Mon, 23 Oct 2023 13:22:53 +0200 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH v2 00/15] x86/boot: Rework PE header generation To: Jan Hendrik Farr Cc: Ard Biesheuvel , linux-efi@vger.kernel.org, linux-kernel@vger.kernel.org, Evgeniy Baskov , Borislav Petkov , Dave Hansen , Ingo Molnar , Thomas Gleixner , Peter Jones , Matthew Garrett , Gerd Hoffmann , Kees Cook , "H. Peter Anvin" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Mon, 23 Oct 2023 04:23:41 -0700 (PDT) On Tue, 3 Oct 2023 at 04:03, Jan Hendrik Farr wrote: > > On 12 09:00:51, Ard Biesheuvel wrote: > > From: Ard Biesheuvel > > > > Now that the EFI stub boot flow no longer relies on memory that is > > executable and writable at the same time, we can reorganize the PE/COFF > > view of the kernel image and expose the decompressor binary's code and > > r/o data as a .text section and data/bss as a .data section, using 4k > > alignment and limited permissions. > > > > Doing so is necessary for compatibility with hardening measures that are > > being rolled out on x86 PCs built to run Windows (i.e., the majority of > > them). The EFI boot environment that the Linux EFI stub executes in is > > especially sensitive to safety issues, given that a vulnerability in the > > loader of one OS can be abused to attack another. > > This split is also useful for the work of kexecing the next kernel as an > EFI application. With the current EFI stub I have to set the memory both > writable and executable which results in W^X warnings with a default > config. > > What made this more confusing was that the flags of the .text section in > current EFI stub bzImages are set to > IMAGE_SCN_MEM_EXECUTE | IMAGE_SCN_MEM_READ. So if you load that section > according to those flags the EFI stub will quickly run into issues. > > I assume current firmware on x86 machines does not set any restricted > permissions on the memory. Can someone enlighten me on their behavior? > No current x86 firmware does not use restricted permissions at all. All memory is mapped with both writable and executable permissions, except maybe the stack. The x86 Linux kernel has been depending on this behavior too, up until recently (fixes are in -rc now for the v6.6 release). Before this, it would copy its own executable image around in memory. So EFI based kexec will need to support this behavior if it targets older x86 kernels, although I am skeptical that this is a useful design goal. I have been experimenting with running the EFI stub code in user space all the way until ExitBootServices(). The same might work for UKI if it is layered cleanly on top of the EFI APIs (rather than poking into system registers or page tables under the hood). How this would work with signed images etc is TBD but I quite like the idea of running everything in user space and having a minimal purgatory (or none at all) if we can simply populate the entire address space while running unprivileged, and just branch to it in the kexec() syscall. I imagine this being something like a userspace helper that is signed/trusted itself, and gets invoked by the kernel to run EFI images that are trusted and tagged as being executable unprivileged.