From 8fabb3ee87907f1bc39e7cde2a74d9127f3387f4 Mon Sep 17 00:00:00 2001 From: Andrea Bolognani Date: Wed, 18 Jun 2025 15:28:55 +0200 Subject: [PATCH 01/19] gnu-efi: Switch to upstream 4.0.4 release Replace the shim-specific fork with the upstream version, specifically the most recent release. Some adjustment to shim's code are necessary to adapt to this change. Signed-off-by: Andrea Bolognani --- .gitmodules | 4 ++-- gnu-efi | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitmodules b/.gitmodules index 756c2c5d9..232a93204 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,4 +1,4 @@ [submodule "gnu-efi"] path = gnu-efi - url = https://github.com/rhboot/gnu-efi.git - branch = shim-16.1 + url = https://github.com/ncroxon/gnu-efi.git + branch = master diff --git a/gnu-efi b/gnu-efi index dc7fd96f2..37cd8f069 160000 --- a/gnu-efi +++ b/gnu-efi @@ -1 +1 @@ -Subproject commit dc7fd96f23d6b582416f672844362d776d175cf4 +Subproject commit 37cd8f069bde6715eebdc5e38a8f15ee6de5edcf From 2c23f2ccc4a6e660b6f6df7c64dcd1a0d0c8d80e Mon Sep 17 00:00:00 2001 From: Andrea Bolognani Date: Wed, 30 Apr 2025 01:31:45 +0200 Subject: [PATCH 02/19] Set NO_GLIBC=1 when building gnu-efi shim is a standalone EFI application so it shouldn't be necessary to look at the glibc headers when building it, and in fact attempting to do so results in a build failure. Signed-off-by: Andrea Bolognani --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index f03b7f386..6b93e7d87 100644 --- a/Makefile +++ b/Makefile @@ -174,6 +174,7 @@ gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a: CCC_CC="$(COMPILER)" \ CC="$(CC)" \ ARCH=$(ARCH_GNUEFI) \ + NO_GLIBC=1 \ TOPDIR=$(TOPDIR)/gnu-efi \ -f $(TOPDIR)/gnu-efi/Makefile \ lib gnuefi inc $(IGNORE_COMPILER_ERRORS) From 2f08b1b4cb1465cd18208d89981e6cf179eda802 Mon Sep 17 00:00:00 2001 From: Andrea Bolognani Date: Wed, 30 Apr 2025 01:31:00 +0200 Subject: [PATCH 03/19] Adopt modern ReallocatePool() ABI We could theoretically set GNU_EFI_USE_REALLOCATEPOOL_ABI=0 to keep using the legacy ABI, but since gnu-efi uses the modern ABI internally and we call into its build systemd directly, doing that messes things up. Switching to the new ABI is just a matter of changing the order of arguments. Signed-off-by: Andrea Bolognani --- errlog.c | 7 ++++--- fallback.c | 6 +++--- shim.c | 7 ++++--- tpm.c | 5 +++-- 4 files changed, 14 insertions(+), 11 deletions(-) diff --git a/errlog.c b/errlog.c index b43a4bc28..c29db0bb4 100644 --- a/errlog.c +++ b/errlog.c @@ -35,8 +35,9 @@ VLogError(const char *file, int line, const char *func, const CHAR16 *fmt, if (file == NULL || func == NULL || fmt == NULL) return EFI_INVALID_PARAMETER; - newerrs = ReallocatePool(errs, (nerrs + 1) * sizeof(*errs), - (nerrs + 3) * sizeof(*errs)); + newerrs = ReallocatePool((nerrs + 1) * sizeof(*errs), + (nerrs + 3) * sizeof(*errs), + errs); if (!newerrs) return EFI_OUT_OF_RESOURCES; @@ -148,7 +149,7 @@ log_debug_print(const CHAR16 *fmt, ...) new_alloc_sz += buf_sz; new_alloc_sz = ALIGN_UP(new_alloc_sz, EFI_PAGE_SIZE); - new_debug_log = ReallocatePool(debug_log, debug_log_alloc, new_alloc_sz); + new_debug_log = ReallocatePool(debug_log_alloc, new_alloc_sz, debug_log); if (!new_debug_log) return 0; debug_log = (UINT8 *)new_debug_log; diff --git a/fallback.c b/fallback.c index 86ebe234c..71e33824e 100644 --- a/fallback.c +++ b/fallback.c @@ -359,9 +359,9 @@ find_boot_option(EFI_DEVICE_PATH *dp, EFI_DEVICE_PATH *fulldp, if (efi_status == EFI_BUFFER_TOO_SMALL) { VerbosePrint(L"Buffer too small for next variable name, re-allocating it to be %d bytes and retrying\n", varname_size); - varname = ReallocatePool(varname, - buffer_size, - varname_size); + varname = ReallocatePool(buffer_size, + varname_size, + varname); if (!varname) return EFI_OUT_OF_RESOURCES; buffer_size = varname_size; diff --git a/shim.c b/shim.c index b62042ed7..c6a599bd1 100644 --- a/shim.c +++ b/shim.c @@ -742,8 +742,9 @@ load_cert_file(EFI_HANDLE image_handle, CHAR16 *filename, CHAR16 *PathName, break; } - tmp = ReallocatePool(user_cert, original, - user_cert_size); + tmp = ReallocatePool(original, + user_cert_size, + user_cert); if (!tmp) { FreePool(data); return EFI_OUT_OF_RESOURCES; @@ -847,7 +848,7 @@ load_unbundled_trust(EFI_HANDLE image_handle) if (buffersize > 1024) goto done; } - buffer = ReallocatePool(buffer, old, buffersize); + buffer = ReallocatePool(old, buffersize, buffer); if (buffer == NULL) { perror(L"Failed to read directory %s - %r\n", PathName, EFI_OUT_OF_RESOURCES); diff --git a/tpm.c b/tpm.c index 7f4a1b092..75c733f17 100644 --- a/tpm.c +++ b/tpm.c @@ -363,8 +363,9 @@ static EFI_STATUS tpm_record_data_measurement(CHAR16 *VarName, EFI_GUID VendorGu if (measureddata == NULL) { measureddata = AllocatePool(sizeof(*measureddata)); } else { - measureddata = ReallocatePool(measureddata, measuredcount * sizeof(*measureddata), - (measuredcount + 1) * sizeof(*measureddata)); + measureddata = ReallocatePool(measuredcount * sizeof(*measureddata), + (measuredcount + 1) * sizeof(*measureddata), + measureddata); } if (measureddata == NULL) From 4147abf1c8175c8b91215598df36c6a47e3a302a Mon Sep 17 00:00:00 2001 From: Andrea Bolognani Date: Tue, 31 Mar 2026 09:32:06 +0200 Subject: [PATCH 04/19] Adopt modern CompareGuid() ABI We could theoretically set GNU_EFI_USE_COMPARE_ABI=0 to keep using the legacy ABI, but since gnu-efi uses the modern ABI internally and we call into its build systemd directly, doing that messes things up. In a very small handful of cases we actually rely on the behavior of the old ABI because we don't just need to know whether or not the two GUIDs are identical, but also their relative sorting order. CompareGuidForSorting(), which retains the old behavior, is introduced to deal with those scenarios. Signed-off-by: Andrea Bolognani --- MokManager.c | 44 +++++++++++++++++----------------- errlog.c | 2 +- fallback.c | 2 +- include/test.h | 4 +++- lib/configtable.c | 2 +- lib/variables.c | 2 +- load-options.c | 2 +- mock-variables.c | 10 ++++---- test-mock-variables.c | 56 +++++++++++++++++++++---------------------- test-mok-mirror.c | 8 +++---- tpm.c | 2 +- verify.c | 4 ++-- 12 files changed, 70 insertions(+), 68 deletions(-) diff --git a/MokManager.c b/MokManager.c index 010180fd4..7fa3d92d4 100644 --- a/MokManager.c +++ b/MokManager.c @@ -89,13 +89,13 @@ static EFI_STATUS get_sha1sum(void *Data, int DataSize, UINT8 * hash) static BOOLEAN is_sha2_hash(EFI_GUID Type) { - if (CompareGuid(&Type, &EFI_CERT_SHA224_GUID) == 0) + if (CompareGuid(&Type, &EFI_CERT_SHA224_GUID)) return TRUE; - else if (CompareGuid(&Type, &EFI_CERT_SHA256_GUID) == 0) + else if (CompareGuid(&Type, &EFI_CERT_SHA256_GUID)) return TRUE; - else if (CompareGuid(&Type, &EFI_CERT_SHA384_GUID) == 0) + else if (CompareGuid(&Type, &EFI_CERT_SHA384_GUID)) return TRUE; - else if (CompareGuid(&Type, &EFI_CERT_SHA512_GUID) == 0) + else if (CompareGuid(&Type, &EFI_CERT_SHA512_GUID)) return TRUE; return FALSE; @@ -103,15 +103,15 @@ static BOOLEAN is_sha2_hash(EFI_GUID Type) static UINT32 sha_size(EFI_GUID Type) { - if (CompareGuid(&Type, &EFI_CERT_SHA1_GUID) == 0) + if (CompareGuid(&Type, &EFI_CERT_SHA1_GUID)) return SHA1_DIGEST_SIZE; - else if (CompareGuid(&Type, &EFI_CERT_SHA224_GUID) == 0) + else if (CompareGuid(&Type, &EFI_CERT_SHA224_GUID)) return SHA224_DIGEST_LENGTH; - else if (CompareGuid(&Type, &EFI_CERT_SHA256_GUID) == 0) + else if (CompareGuid(&Type, &EFI_CERT_SHA256_GUID)) return SHA256_DIGEST_SIZE; - else if (CompareGuid(&Type, &EFI_CERT_SHA384_GUID) == 0) + else if (CompareGuid(&Type, &EFI_CERT_SHA384_GUID)) return SHA384_DIGEST_LENGTH; - else if (CompareGuid(&Type, &EFI_CERT_SHA512_GUID) == 0) + else if (CompareGuid(&Type, &EFI_CERT_SHA512_GUID)) return SHA512_DIGEST_LENGTH; return 0; @@ -121,7 +121,7 @@ static BOOLEAN is_valid_siglist(EFI_GUID Type, UINT32 SigSize) { UINT32 hash_sig_size; - if (CompareGuid (&Type, &X509_GUID) == 0 && SigSize != 0) + if (CompareGuid (&Type, &X509_GUID) && SigSize != 0) return TRUE; if (!is_sha2_hash(Type)) @@ -206,7 +206,7 @@ static MokListNode *build_mok_list(UINT32 num, void *Data, UINTN DataSize) } list[count].Type = CertList->SignatureType; - if (CompareGuid (&CertList->SignatureType, &X509_GUID) == 0) { + if (CompareGuid (&CertList->SignatureType, &X509_GUID)) { list[count].MokSize = CertList->SignatureSize - sizeof(EFI_GUID); list[count].Mok = (void *)Cert->SignatureData; @@ -463,19 +463,19 @@ static void show_sha_digest(EFI_GUID Type, UINT8 * hash) int i; int length; - if (CompareGuid(&Type, &EFI_CERT_SHA1_GUID) == 0) { + if (CompareGuid(&Type, &EFI_CERT_SHA1_GUID)) { length = SHA1_DIGEST_SIZE; text[0] = L"SHA1 hash"; - } else if (CompareGuid(&Type, &EFI_CERT_SHA224_GUID) == 0) { + } else if (CompareGuid(&Type, &EFI_CERT_SHA224_GUID)) { length = SHA224_DIGEST_LENGTH; text[0] = L"SHA224 hash"; - } else if (CompareGuid(&Type, &EFI_CERT_SHA256_GUID) == 0) { + } else if (CompareGuid(&Type, &EFI_CERT_SHA256_GUID)) { length = SHA256_DIGEST_SIZE; text[0] = L"SHA256 hash"; - } else if (CompareGuid(&Type, &EFI_CERT_SHA384_GUID) == 0) { + } else if (CompareGuid(&Type, &EFI_CERT_SHA384_GUID)) { length = SHA384_DIGEST_LENGTH; text[0] = L"SHA384 hash"; - } else if (CompareGuid(&Type, &EFI_CERT_SHA512_GUID) == 0) { + } else if (CompareGuid(&Type, &EFI_CERT_SHA512_GUID)) { length = SHA512_DIGEST_LENGTH; text[0] = L"SHA512 hash"; } else { @@ -564,7 +564,7 @@ static void show_mok_info(EFI_GUID Type, void *Mok, UINTN MokSize) if (!Mok || MokSize == 0) return; - if (CompareGuid (&Type, &X509_GUID) == 0) { + if (CompareGuid (&Type, &X509_GUID)) { UINT8 hash[SHA1_DIGEST_SIZE]; X509 *X509Cert; @@ -1062,7 +1062,7 @@ static EFI_STATUS write_back_mok_list(MokListNode * list, INTN key_num, DataSize += sizeof(EFI_SIGNATURE_LIST); type = list[i].Type; /* avoid -Werror=address-of-packed-member */ - if (CompareGuid(&type, &X509_GUID) == 0) + if (CompareGuid(&type, &X509_GUID)) DataSize += sizeof(EFI_GUID); DataSize += list[i].MokSize; } @@ -1093,7 +1093,7 @@ static EFI_STATUS write_back_mok_list(MokListNode * list, INTN key_num, CertList->SignatureType = list[i].Type; CertList->SignatureHeaderSize = 0; - if (CompareGuid(&(CertList->SignatureType), &X509_GUID) == 0) { + if (CompareGuid(&(CertList->SignatureType), &X509_GUID)) { CertList->SignatureListSize = list[i].MokSize + sizeof(EFI_SIGNATURE_LIST) + sizeof(EFI_GUID); CertList->SignatureSize = @@ -1136,7 +1136,7 @@ static void delete_cert(void *key, UINT32 key_size, for (i = 0; i < mok_num; i++) { type = mok[i].Type; /* avoid -Werror=address-of-packed-member */ - if (CompareGuid(&type, &X509_GUID) != 0) + if (!CompareGuid(&type, &X509_GUID)) continue; if (mok[i].MokSize == key_size && @@ -1189,7 +1189,7 @@ static void delete_hash_in_list(EFI_GUID Type, UINT8 * hash, UINT32 hash_size, for (i = 0; i < mok_num; i++) { type = mok[i].Type; /* avoid -Werror=address-of-packed-member */ - if ((CompareGuid(&type, &Type) != 0) || + if ((!CompareGuid(&type, &Type)) || (mok[i].MokSize < sig_size)) continue; @@ -1360,7 +1360,7 @@ static EFI_STATUS delete_keys(void *MokDel, UINTN MokDelSize, BOOLEAN MokX) dprint(L"deleting certs from %a\n", MokX ? "MokListX" : "MokList"); for (i = 0; i < del_num; i++) { type = del_key[i].Type; /* avoid -Werror=address-of-packed-member */ - if (CompareGuid(&type, &X509_GUID) == 0) { + if (CompareGuid(&type, &X509_GUID)) { dprint(L"deleting key %d (total %d):\n", i, mok_num); dhexdumpat(del_key[i].Mok, del_key[i].MokSize, 0); delete_cert(del_key[i].Mok, del_key[i].MokSize, diff --git a/errlog.c b/errlog.c index c29db0bb4..6455b7743 100644 --- a/errlog.c +++ b/errlog.c @@ -223,7 +223,7 @@ save_logs(void) EFI_CONFIGURATION_TABLE *CT; CT = &ST->ConfigurationTable[i]; - if (CompareGuid(&MOK_VARIABLE_STORE, &CT->VendorGuid) == 0) { + if (CompareGuid(&MOK_VARIABLE_STORE, &CT->VendorGuid)) { cfg_table = CT->VendorTable; break; } diff --git a/fallback.c b/fallback.c index 71e33824e..c73094c4c 100644 --- a/fallback.c +++ b/fallback.c @@ -260,7 +260,7 @@ check_masked_boot_option(CHAR8 *candidate, unsigned int candidate_size, DevicePathType(dp) != HARDWARE_DEVICE_PATH || DevicePathSubType(dp) != HW_VENDOR_DP || node_size != sizeof(ami_masked_device_path_guid) || - CompareGuid((EFI_GUID *)(cursor + sizeof(EFI_DEVICE_PATH)), + !CompareGuid((EFI_GUID *)(cursor + sizeof(EFI_DEVICE_PATH)), &ami_masked_device_path_guid)) return 1; diff --git a/include/test.h b/include/test.h index ccb611483..bffad7d55 100644 --- a/include/test.h +++ b/include/test.h @@ -185,7 +185,9 @@ guidcmp(const EFI_GUID * const guid0, const EFI_GUID * const guid1) return ret; } -#define CompareGuid(a, b) guidcmp(a, b) +#define CompareGuid(a, b) (guidcmp(a, b) == 0) + +#define CompareGuidForSorting(a, b) guidcmp(a, b) static inline char * efi_strerror(EFI_STATUS status) diff --git a/lib/configtable.c b/lib/configtable.c index 66e97f63f..60a28d66e 100644 --- a/lib/configtable.c +++ b/lib/configtable.c @@ -14,7 +14,7 @@ configtable_get_table(EFI_GUID *guid) for (i = 0; i < ST->NumberOfTableEntries; i++) { EFI_CONFIGURATION_TABLE *CT = &ST->ConfigurationTable[i]; - if (CompareGuid(guid, &CT->VendorGuid) == 0) { + if (CompareGuid(guid, &CT->VendorGuid)) { return CT->VendorTable; } } diff --git a/lib/variables.c b/lib/variables.c index 1a2c7d480..b2e99014a 100644 --- a/lib/variables.c +++ b/lib/variables.c @@ -449,7 +449,7 @@ variable_enroll_hash(const CHAR16 * const var, EFI_GUID owner, CopyMem(&d->SignatureData, hash, SHA256_DIGEST_SIZE); d->SignatureOwner = SHIM_LOCK_GUID; - if (CompareGuid(&owner, &SIG_DB) == 0) + if (CompareGuid(&owner, &SIG_DB)) efi_status = SetSecureVariable(var, sig, sizeof(sig), owner, EFI_VARIABLE_APPEND_WRITE, 0); else diff --git a/load-options.c b/load-options.c index 660eaa910..7316a6fef 100644 --- a/load-options.c +++ b/load-options.c @@ -404,7 +404,7 @@ parse_load_options(EFI_LOADED_IMAGE *li) if (li->LoadOptionsSize > 16) { if (CompareGuid((EFI_GUID *)(li->LoadOptions + (li->LoadOptionsSize - 16)), - &BDS_GUID) == 0) + &BDS_GUID)) li->LoadOptionsSize -= 16; } diff --git a/mock-variables.c b/mock-variables.c index 736171cb6..a7919d876 100644 --- a/mock-variables.c +++ b/mock-variables.c @@ -161,7 +161,7 @@ variable_cmp(const struct mock_variable * const v0, if (v0 == NULL || v1 == NULL) return (uintptr_t)v0 - (uintptr_t)v1; - ret = CompareGuid(&v0->guid, &v1->guid); + ret = CompareGuidForSorting(&v0->guid, &v1->guid); ret <<= 8ul; #if (defined(SHIM_DEBUG) && SHIM_DEBUG > 3) printf("%s:%d:%s(): "GUID_FMT" %s "GUID_FMT" (0x%011"PRIx64" %"PRId64")\n", @@ -361,7 +361,7 @@ mock_get_next_variable_name(UINTN *size, CHAR16 *name, EFI_GUID *guid) # endif #endif if (name[0] == 0) { - if (CompareGuid(&var->guid, guid) == 0) { + if (CompareGuid(&var->guid, guid)) { #if (defined(SHIM_DEBUG) && SHIM_DEBUG != 0) printf("%s:%d:%s(): found guid in entry var:%p var->name:%p\n", __FILE__, __LINE__-1, __func__, var, var->name); @@ -372,7 +372,7 @@ mock_get_next_variable_name(UINTN *size, CHAR16 *name, EFI_GUID *guid) } } else { if (found) { - if (CompareGuid(&var->guid, guid) == 0) { + if (CompareGuid(&var->guid, guid)) { result = var; break; } @@ -1235,7 +1235,7 @@ mock_config_table_cmp(const void *p0, const void *p1) #if (defined(SHIM_DEBUG) && SHIM_DEBUG != 0) printf("comparing %p to %p\n", p0, p1); #endif - cmp = CompareGuid(&entry0->VendorGuid, &entry1->VendorGuid); + cmp = CompareGuidForSorting(&entry0->VendorGuid, &entry1->VendorGuid); } if (mock_config_table_sort_policy == MOCK_SORT_DESCENDING) { @@ -1259,7 +1259,7 @@ mock_install_configuration_table(EFI_GUID *guid, VOID *table) for (UINTN i = 0; i < ST->NumberOfTableEntries; i++) { EFI_CONFIGURATION_TABLE *entry = &ST->ConfigurationTable[i]; - if (CompareGuid(guid, &entry->VendorGuid) == 0) { + if (CompareGuid(guid, &entry->VendorGuid)) { found = true; if (table) { // replace it diff --git a/test-mock-variables.c b/test-mock-variables.c index dd4a9eb11..98baa5fb5 100644 --- a/test-mock-variables.c +++ b/test-mock-variables.c @@ -448,7 +448,7 @@ dump_config_table_if_wrong(const char * const func, int line, ...) } entry = &ST->ConfigurationTable[idx]; - if (CompareGuid(guid, &entry->VendorGuid) != 0) + if (!CompareGuid(guid, &entry->VendorGuid)) okay = false; nexta: @@ -479,7 +479,7 @@ dump_config_table_if_wrong(const char * const func, int line, ...) printf("\t[%d]: %p ", idx, entry); printf("{.VendorGuid:" GUID_FMT ",", GUID_ARGS(entry->VendorGuid)); printf("&.VendorTable:%p}\n", entry->VendorTable); - if (CompareGuid(guid, &entry->VendorGuid) != 0) + if (!CompareGuid(guid, &entry->VendorGuid)) printf("\t\t\t expected:" GUID_FMT "\n", GUID_ARGS(*guid)); } next: @@ -549,8 +549,8 @@ test_install_config_table_0(void) assert_equal_goto(ST->NumberOfTableEntries, 1, err, "%lu != %lu\n"); sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[0].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[0].VendorGuid, &bguid), - err, "%d != 0 (%s != %s)\n", tmpstr, bstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[0].VendorGuid, &bguid), + true, err, "%d != true (%s != %s)\n", tmpstr, bstr); assert_equal_goto(ST->ConfigurationTable[0].VendorTable, bstrp, err, "%p != %p\n"); @@ -562,8 +562,8 @@ test_install_config_table_0(void) assert_equal_goto(ST->NumberOfTableEntries, 1, err, "%lu != %lu\n"); sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[0].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[0].VendorGuid, &bguid), - err, "%d != 0 (%s != %s)\n", tmpstr, bstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[0].VendorGuid, &bguid), + true, err, "%d != true (%s != %s)\n", tmpstr, bstr); assert_equal_goto(ST->ConfigurationTable[0].VendorTable, bstrp, err, "%p != %p\n"); @@ -602,14 +602,14 @@ test_install_config_table_0(void) -1, NULL); sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[aidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[aidx].VendorGuid, &aguid), - err, "%d != 0 (%s != %s)\n", tmpstr, astr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[aidx].VendorGuid, &aguid), + true, err, "%d != true (%s != %s)\n", tmpstr, astr); assert_equal_goto(ST->ConfigurationTable[aidx].VendorTable, astrp, err, "%p != %p\n"); sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[bidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[bidx].VendorGuid, &bguid), - err, "%d != 0 (%s != %s)\n", tmpstr, bstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[bidx].VendorGuid, &bguid), + true, err, "%d != true (%s != %s)\n", tmpstr, bstr); assert_equal_goto(ST->ConfigurationTable[bidx].VendorTable, bstrp, err, "%p != %p\n"); @@ -652,22 +652,22 @@ test_install_config_table_0(void) -1, NULL); sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[aidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[aidx].VendorGuid, &aguid), - err, "%d != 0 (%s != %s)\n", tmpstr, astr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[aidx].VendorGuid, &aguid), + true, err, "%d != true (%s != %s)\n", tmpstr, astr); assert_equal_goto(ST->ConfigurationTable[aidx].VendorTable, astrp, err, "%p != %p\n"); memcpy(&guids[aidx], &aguid, sizeof(EFI_GUID)); sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[bidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[bidx].VendorGuid, &bguid), - err, "%d != 0 (%s != %s)\n", tmpstr, bstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[bidx].VendorGuid, &bguid), + true, err, "%d != true (%s != %s)\n", tmpstr, bstr); assert_equal_goto(ST->ConfigurationTable[bidx].VendorTable, bstrp, err, "%p != %p\n"); memcpy(&guids[bidx], &bguid, sizeof(EFI_GUID)); sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[cidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[cidx].VendorGuid, &cguid), - err, "%d != 0 (%s != %s)\n", tmpstr, cstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[cidx].VendorGuid, &cguid), + true, err, "%d != true (%s != %s)\n", tmpstr, cstr); assert_equal_goto(ST->ConfigurationTable[cidx].VendorTable, cstrp, err, "%p != %p\n"); memcpy(&guids[cidx], &cguid, sizeof(EFI_GUID)); @@ -726,8 +726,8 @@ test_install_config_table_0(void) if (aidx >= 0) { sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[aidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[aidx].VendorGuid, &aguid), - err, "%d != 0 (%s != %s)\n", tmpstr, astr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[aidx].VendorGuid, &aguid), + true, err, "%d != true (%s != %s)\n", tmpstr, astr); assert_equal_goto(ST->ConfigurationTable[aidx].VendorTable, astrp, err, "%p != %p\n"); memcpy(&guids[aidx], &aguid, sizeof(EFI_GUID)); @@ -735,8 +735,8 @@ test_install_config_table_0(void) if (bidx >= 0) { sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[bidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[bidx].VendorGuid, &bguid), - err, "%d != 0 (%s != %s)\n", tmpstr, bstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[bidx].VendorGuid, &bguid), + true, err, "%d != true (%s != %s)\n", tmpstr, bstr); assert_equal_goto(ST->ConfigurationTable[bidx].VendorTable, bstrp, err, "%p != %p\n"); memcpy(&guids[bidx], &bguid, sizeof(EFI_GUID)); @@ -744,8 +744,8 @@ test_install_config_table_0(void) if (cidx >= 0) { sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[cidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[cidx].VendorGuid, &cguid), - err, "%d != 0 (%s != %s)\n", tmpstr, cstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[cidx].VendorGuid, &cguid), + true, err, "%d != true (%s != %s)\n", tmpstr, cstr); assert_equal_goto(ST->ConfigurationTable[cidx].VendorTable, cstrp, err, "%p != %p\n"); memcpy(&guids[cidx], &cguid, sizeof(EFI_GUID)); @@ -791,8 +791,8 @@ test_install_config_table_0(void) if (aidx >= 0) { sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[aidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[aidx].VendorGuid, &aguid), - err, "%d != 0 (%s != %s)\n", tmpstr, astr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[aidx].VendorGuid, &aguid), + true, err, "%d != true (%s != %s)\n", tmpstr, astr); assert_equal_goto(ST->ConfigurationTable[aidx].VendorTable, astrp, err, "%p != %p\n"); memcpy(&guids[aidx], &aguid, sizeof(EFI_GUID)); @@ -800,8 +800,8 @@ test_install_config_table_0(void) if (bidx >= 0) { sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[bidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[bidx].VendorGuid, &bguid), - err, "%d != 0 (%s != %s)\n", tmpstr, bstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[bidx].VendorGuid, &bguid), + true, err, "%d != true (%s != %s)\n", tmpstr, bstr); assert_equal_goto(ST->ConfigurationTable[bidx].VendorTable, bstrp, err, "%p != %p\n"); memcpy(&guids[bidx], &bguid, sizeof(EFI_GUID)); @@ -809,8 +809,8 @@ test_install_config_table_0(void) if (cidx >= 0) { sprintf(tmpstr, GUID_FMT, GUID_ARGS(ST->ConfigurationTable[cidx].VendorGuid)); - assert_zero_goto(CompareGuid(&ST->ConfigurationTable[cidx].VendorGuid, &cguid), - err, "%d != 0 (%s != %s)\n", tmpstr, cstr); + assert_equal_goto(CompareGuid(&ST->ConfigurationTable[cidx].VendorGuid, &cguid), + true, err, "%d != true (%s != %s)\n", tmpstr, cstr); assert_equal_goto(ST->ConfigurationTable[cidx].VendorTable, cstrp, err, "%p != %p\n"); memcpy(&guids[cidx], &cguid, sizeof(EFI_GUID)); diff --git a/test-mok-mirror.c b/test-mok-mirror.c index 38b7ed979..66e7fc2ce 100644 --- a/test-mok-mirror.c +++ b/test-mok-mirror.c @@ -82,7 +82,7 @@ setvar_post(CHAR16 *name, EFI_GUID *guid, UINT32 attrs, for (UINTN i = 0; test_vars[i].name != NULL; i++) { struct test_var *tv = &test_vars[i]; - if (CompareGuid(&tv->guid, guid) != 0 || + if (!CompareGuid(&tv->guid, guid) || StrCmp(tv->name, name) != 0) continue; tv->ops[tv->n_ops] = op; @@ -116,7 +116,7 @@ getvar_post(CHAR16 *name, EFI_GUID *guid, for (UINTN i = 0; test_vars[i].name != NULL; i++) { struct test_var *tv = &test_vars[i]; - if (CompareGuid(&tv->guid, guid) != 0 || + if (!CompareGuid(&tv->guid, guid) || StrCmp(tv->name, name) != 0) continue; tv->ops[tv->n_ops] = GET; @@ -144,7 +144,7 @@ check_variables(struct test_var *vars) int gets = 0; var = list_entry(pos, struct mock_variable, list); - if (CompareGuid(&tv->guid, &var->guid) != 0 || + if (!CompareGuid(&tv->guid, &var->guid) || StrCmp(var->name, tv->name) != 0) continue; found = true; @@ -292,7 +292,7 @@ test_mok_mirror(struct test_var *vars, for (size_t i = 0; i < ST->NumberOfTableEntries; i++) { EFI_CONFIGURATION_TABLE *ct = &ST->ConfigurationTable[i]; - if (CompareGuid(&ct->VendorGuid, &mok_config_guid) != 0) + if (!CompareGuid(&ct->VendorGuid, &mok_config_guid)) continue; pos = (void *)ct->VendorTable; diff --git a/tpm.c b/tpm.c index 75c733f17..2514d4645 100644 --- a/tpm.c +++ b/tpm.c @@ -348,7 +348,7 @@ static BOOLEAN tpm_data_measured(CHAR16 *VarName, EFI_GUID VendorGuid, UINTN Var for (i=0; i 0) && (dbsize >= CertList->SignatureListSize)) { - if (CompareGuid (&CertList->SignatureType, &EFI_CERT_TYPE_X509_GUID) == 0) { + if (CompareGuid (&CertList->SignatureType, &EFI_CERT_TYPE_X509_GUID)) { Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize); CertSize = CertList->SignatureSize - sizeof(EFI_GUID); dprint(L"trying to verify cert %d (%s)\n", i++, dbname); @@ -218,7 +218,7 @@ check_db_hash_in_ram(EFI_SIGNATURE_LIST *CertList, UINTN dbsize, UINT8 *data, while ((dbsize > 0) && (dbsize >= CertList->SignatureListSize)) { CertCount = (CertList->SignatureListSize -sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize; Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize); - if (CompareGuid(&CertList->SignatureType, &CertType) == 0) { + if (CompareGuid(&CertList->SignatureType, &CertType)) { for (Index = 0; Index < CertCount; Index++) { if (CompareMem (Cert->SignatureData, data, SignatureSize) == 0) { // From d9af01e3ec5943d44342ad1bc89ff2cd44c83f3f Mon Sep 17 00:00:00 2001 From: Jason Montleon Date: Mon, 8 Jul 2024 12:04:32 -0400 Subject: [PATCH 05/19] Correct signedness when calling string functions. Signed-off-by: Jason Montleon --- Cryptlib/SysCall/BaseStrings.c | 4 ++-- csv.c | 2 +- errlog.c | 4 ++-- httpboot.c | 20 ++++++++++---------- mok.c | 8 ++++---- netboot.c | 22 +++++++++++----------- sbat.c | 18 +++++++++--------- tpm.c | 2 +- 8 files changed, 40 insertions(+), 40 deletions(-) diff --git a/Cryptlib/SysCall/BaseStrings.c b/Cryptlib/SysCall/BaseStrings.c index 29a16100a..11f9567f7 100644 --- a/Cryptlib/SysCall/BaseStrings.c +++ b/Cryptlib/SysCall/BaseStrings.c @@ -3,7 +3,7 @@ CHAR8 * AsciiStrCat(CHAR8 *Destination, const CHAR8 *Source) { - UINTN dest_len = strlen((CHAR8 *)Destination); + UINTN dest_len = strlen((char *)Destination); UINTN i; for (i = 0; Source[i] != '\0'; i++) @@ -61,7 +61,7 @@ WriteUnaligned32(UINT32 *Buffer, UINT32 Value) UINTN AsciiStrSize(const CHAR8 *string) { - return strlen(string) + 1; + return strlen((char *)string) + 1; } /* Based on AsciiStrDecimalToUintnS() in edk2 diff --git a/csv.c b/csv.c index 18460cd7b..81dbb833e 100644 --- a/csv.c +++ b/csv.c @@ -63,7 +63,7 @@ parse_csv_data(char *data, char *data_end, size_t n_columns, list_t *list) } max = (uintptr_t)end - (uintptr_t)line + (end > line ? 1 : 0); - if (is_utf8_bom(line, max)) + if (is_utf8_bom((CHAR8 *)line, max)) line += UTF8_BOM_SIZE; diff --git a/errlog.c b/errlog.c index 6455b7743..6971e80b4 100644 --- a/errlog.c +++ b/errlog.c @@ -261,7 +261,7 @@ save_logs(void) entry = (struct mok_variable_config_entry *)((uintptr_t)new_table + pos); if (errlog_sz) { - strcpy(entry->name, "shim-err.txt"); + strcpy((char *)entry->name, "shim-err.txt"); entry->data_size = errlog_sz; format_error_log(&entry->data[0], errlog_sz); @@ -269,7 +269,7 @@ save_logs(void) entry = (struct mok_variable_config_entry *)((uintptr_t)new_table + pos); } if (dbglog_sz) { - strcpy(entry->name, "shim-dbg.txt"); + strcpy((char *)entry->name, "shim-dbg.txt"); entry->data_size = dbglog_sz; format_debug_log(&entry->data[0], dbglog_sz); diff --git a/httpboot.c b/httpboot.c index ccbe0281d..3a801c366 100644 --- a/httpboot.c +++ b/httpboot.c @@ -175,7 +175,7 @@ find_httpboot (EFI_HANDLE device) /* Save the current URI */ UriNode = (URI_DEVICE_PATH *)Node; - uri_size = strlen(UriNode->Uri); + uri_size = strlen((char *)UriNode->Uri); uri = AllocatePool(uri_size + 1); if (!uri) { perror(L"Failed to allocate uri\n"); @@ -201,10 +201,10 @@ generate_next_uri (CONST CHAR8 *current_uri, CONST CHAR8 *next_loader, UINTN path_len = 0; UINTN count = 0; - if (strncmp(current_uri, (CHAR8 *)"http://", 7) == 0) { + if (strncmp((char *)current_uri, "http://", 7) == 0) { ptr = current_uri + 7; count += 7; - } else if (strncmp(current_uri, (CHAR8 *)"https://", 8) == 0) { + } else if (strncmp((char *)current_uri, "https://", 8) == 0) { ptr = current_uri + 8; count += 8; } else { @@ -212,7 +212,7 @@ generate_next_uri (CONST CHAR8 *current_uri, CONST CHAR8 *next_loader, } /* Extract the path */ - next_len = strlen(next_loader); + next_len = strlen((char *)next_loader); while (*ptr != '\0') { count++; if (*ptr == '/') @@ -237,9 +237,9 @@ extract_hostname (CONST CHAR8 *url, CHAR8 **hostname) CONST CHAR8 *ptr, *start; UINTN host_len = 0; - if (strncmp(url, (CHAR8 *)"http://", 7) == 0) + if (strncmp((char *)url, "http://", 7) == 0) start = url + 7; - else if (strncmp(url, (CHAR8 *)"https://", 8) == 0) + else if (strncmp((char *)url, "https://", 8) == 0) start = url + 8; else return EFI_INVALID_PARAMETER; @@ -618,8 +618,8 @@ receive_http_response(EFI_HTTP_PROTOCOL *http, VOID **buffer, UINT64 *buf_size) /* Check the length of the file */ for (i = 0; i < rx_message.HeaderCount; i++) { - if (!strcasecmp(rx_message.Headers[i].FieldName, - (CHAR8 *)"Content-Length")) { + if (!strcasecmp((char *)rx_message.Headers[i].FieldName, + "Content-Length")) { new_buf_size = ascii_to_int(rx_message.Headers[i].FieldValue); if (buf_size_set && new_buf_size != *buf_size) { perror(L"Content-Length is invalid\n"); @@ -784,8 +784,8 @@ httpboot_fetch_buffer (EFI_HANDLE image, VOID **buffer, UINT64 *buf_size, if (!uri) return EFI_NOT_READY; - next_loader = (CHAR8 *)AllocatePool((strlen(name) + 1) * sizeof (CHAR8)); - translate_slashes(next_loader, name); + next_loader = (CHAR8 *)AllocatePool((strlen((char *)name) + 1) * sizeof (CHAR8)); + translate_slashes((char *)next_loader, (char *)name); /* Create the URI for the next loader based on the original URI */ efi_status = generate_next_uri(uri, next_loader, &next_uri); diff --git a/mok.c b/mok.c index a94516e3c..a13355e41 100644 --- a/mok.c +++ b/mok.c @@ -213,15 +213,15 @@ format_variable_info(UINT8 *buf, size_t bufsz, var_set_t *var_set = &var_sets[i]; UINTN rc; rc = AsciiSPrint((CHAR8 *)buf + pos, bufsz - pos, - "%a_max_storage_sz: 0x%lx\n", + (const CHAR8 *)"%a_max_storage_sz: 0x%lx\n", var_set->prefix, var_set->max_storage_sz); pos += rc; rc = AsciiSPrint((CHAR8 *)buf + pos, bufsz - pos, - "%a_remaining_sz: 0x%lx\n", + (const CHAR8 *)"%a_remaining_sz: 0x%lx\n", var_set->prefix, var_set->remaining_sz); pos += rc; rc = AsciiSPrint((CHAR8 *)buf + pos, bufsz - pos, - "%a_max_var_sz: 0x%lx\n", + (const CHAR8 *)"%a_max_var_sz: 0x%lx\n", var_set->prefix, var_set->max_var_sz); pos += rc; } @@ -1422,7 +1422,7 @@ EFI_STATUS import_mok_state(EFI_HANDLE image_handle) struct mok_state_variable *v = &mok_state_variables[i]; ZeroMem(&config_template, sizeof(config_template)); - strncpy(config_template.name, (CHAR8 *)v->rtname8, 255); + strncpy((char *)config_template.name, v->rtname8, 255); config_template.name[255] = '\0'; config_template.data_size = v->data_size; diff --git a/netboot.c b/netboot.c index 0ec43e5a6..520b28c7a 100644 --- a/netboot.c +++ b/netboot.c @@ -146,7 +146,7 @@ static CHAR8 *str2ip6(CHAR8 *str) if (dotcount > MAX_IP6_DOTS) return (CHAR8 *)ip; - len = strlen(str); + len = strlen((char *)str); a = b = str; for (i = 0; i < len; i++) { @@ -203,7 +203,7 @@ static BOOLEAN extract_tftp_info(CHAR8 *url, CHAR8 *name) while (name[template_len++] != '\0'); template = (CHAR8 *)AllocatePool((template_len + 1) * sizeof (CHAR8)); - translate_slashes(template, name); + translate_slashes((char *)template, (char *)name); // to check against str2ip6() errors memset(ip6inv, 0, sizeof(ip6inv)); @@ -243,17 +243,17 @@ static BOOLEAN extract_tftp_info(CHAR8 *url, CHAR8 *name) FreePool(template); return FALSE; } - full_path = AllocateZeroPool(strlen(end)+strlen(template)+1); + full_path = AllocateZeroPool(strlen((char *)end)+strlen((char *)template)+1); if (!full_path) { FreePool(template); return FALSE; } - memcpy(full_path, end, strlen(end)); + memcpy(full_path, end, strlen((char *)end)); end = (CHAR8 *)strrchr((char *)full_path, '/'); if (!end) end = (CHAR8 *)full_path; - memcpy(end, template, strlen(template)); - end[strlen(template)] = '\0'; + memcpy(end, template, strlen((char *)template)); + end[strlen((char *)template)] = '\0'; FreePool(template); return TRUE; @@ -284,8 +284,8 @@ static EFI_STATUS parseDhcp4(CHAR8 *name) while (name[template_len++] != '\0'); template = (CHAR8 *)AllocatePool((template_len + 1) * sizeof (CHAR8)); - translate_slashes(template, name); - template_len = strlen(template) + 1; + translate_slashes((char *)template, (char *)name); + template_len = strlen((char *)template) + 1; if(pxe->Mode->ProxyOfferReceived) { /* @@ -305,7 +305,7 @@ static EFI_STATUS parseDhcp4(CHAR8 *name) pkt_v4 = &pxe->Mode->PxeReply.Dhcpv4; } - INTN dir_len = strnlen((CHAR8 *)pkt_v4->BootpBootFile, 127); + INTN dir_len = strnlen((char *)pkt_v4->BootpBootFile, 127); INTN i; UINT8 *dir = pkt_v4->BootpBootFile; @@ -323,7 +323,7 @@ static EFI_STATUS parseDhcp4(CHAR8 *name) } if (dir_len > 0) { - strncpy(full_path, (CHAR8 *)dir, dir_len); + strncpy((char *)full_path, (char *)dir, dir_len); if (full_path[dir_len-1] == '/' && template[0] == '/') full_path[dir_len-1] = '\0'; /* @@ -338,7 +338,7 @@ static EFI_STATUS parseDhcp4(CHAR8 *name) } if (dir_len == 0 && dir[0] != '/' && template[0] == '/') template_ofs++; - strcat(full_path, template + template_ofs); + strcat((char *)full_path, (char *)template + template_ofs); memcpy(&tftp_addr.v4, pkt_v4->BootpSiAddr, 4); FreePool(template); diff --git a/sbat.c b/sbat.c index 8f29e3982..830de6469 100644 --- a/sbat.c +++ b/sbat.c @@ -95,12 +95,12 @@ parse_sbat_section(char *section_base, size_t section_size, struct csv_row * row; size_t i; const char **ptrs[] = { - &entry->component_name, - &entry->component_generation, - &entry->vendor_name, - &entry->vendor_package_name, - &entry->vendor_version, - &entry->vendor_url, + (const char **)&entry->component_name, + (const char **)&entry->component_generation, + (const char **)&entry->vendor_name, + (const char **)&entry->vendor_package_name, + (const char **)&entry->vendor_version, + (const char **)&entry->vendor_url, }; @@ -280,9 +280,9 @@ parse_sbat_var_data(list_t *entry_list, UINT8 *data, UINTN datasize) struct csv_row * row; size_t i; const char **ptrs[] = { - &entry->component_name, - &entry->component_generation, - &entry->sbat_datestamp, + (const char **)&entry->component_name, + (const char **)&entry->component_generation, + (const char **)&entry->sbat_datestamp, }; row = list_entry(pos, struct csv_row, list); diff --git a/tpm.c b/tpm.c index 2514d4645..a67418ead 100644 --- a/tpm.c +++ b/tpm.c @@ -296,7 +296,7 @@ EFI_STATUS tpm_log_event(EFI_PHYSICAL_ADDRESS buf, UINTN size, UINT8 pcr, const CHAR8 *description) { return tpm_log_event_raw(buf, size, pcr, description, - strlen(description) + 1, EV_IPL, NULL); + strlen((char *)description) + 1, EV_IPL, NULL); } EFI_STATUS tpm_log_pe(EFI_PHYSICAL_ADDRESS buf, UINTN size, From d12d4a18276629d460ed2af37c197919b5411c3a Mon Sep 17 00:00:00 2001 From: Callum Farmer Date: Sat, 11 Jan 2025 20:26:09 +0000 Subject: [PATCH 06/19] Remove GNU_EFI_USE_EXTERNAL_STDARG Signed-off-by: Callum Farmer --- Cryptlib/Include/OpenSslSupport.h | 3 --- Cryptlib/Library/BaseLib.h | 4 ---- Makefile | 1 - include/system/efistdarg.h | 4 ---- include/system/stdarg.h | 16 ---------------- shim.h | 4 ---- 6 files changed, 32 deletions(-) diff --git a/Cryptlib/Include/OpenSslSupport.h b/Cryptlib/Include/OpenSslSupport.h index 0c2fb8b0c..54f53fd60 100644 --- a/Cryptlib/Include/OpenSslSupport.h +++ b/Cryptlib/Include/OpenSslSupport.h @@ -18,9 +18,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #if defined(__x86_64__) /* shim.h will check if the compiler is new enough in some other CU */ -#if !defined(GNU_EFI_USE_EXTERNAL_STDARG) -#define GNU_EFI_USE_EXTERNAL_STDARG -#endif #if !defined(GNU_EFI_USE_MS_ABI) #define GNU_EFI_USE_MS_ABI diff --git a/Cryptlib/Library/BaseLib.h b/Cryptlib/Library/BaseLib.h index 94b25c935..5e07239de 100644 --- a/Cryptlib/Library/BaseLib.h +++ b/Cryptlib/Library/BaseLib.h @@ -1,10 +1,6 @@ #if defined(__x86_64__) /* shim.h will check if the compiler is new enough in some other CU */ -#if !defined(GNU_EFI_USE_EXTERNAL_STDARG) -#define GNU_EFI_USE_EXTERNAL_STDARG -#endif - #if !defined(GNU_EFI_USE_MS_ABI) #define GNU_EFI_USE_MS_ABI #endif diff --git a/Makefile b/Makefile index 6b93e7d87..7c5ebcc33 100644 --- a/Makefile +++ b/Makefile @@ -166,7 +166,6 @@ MokManager.o: $(MOK_SOURCES) $(MMSONAME): $(MOK_OBJS) $(LIBS) $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a -gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a: CFLAGS+=-DGNU_EFI_USE_EXTERNAL_STDARG gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a: mkdir -p gnu-efi/lib gnu-efi/gnuefi $(MAKE) -C gnu-efi \ diff --git a/include/system/efistdarg.h b/include/system/efistdarg.h index 034977cca..837c4f23f 100644 --- a/include/system/efistdarg.h +++ b/include/system/efistdarg.h @@ -8,10 +8,6 @@ #ifndef _EFISTDARG_H_ #define _EFISTDARG_H_ -#ifndef GNU_EFI_USE_EXTERNAL_STDARG -#define GNU_EFI_USE_EXTERNAL_STDARG -#endif - #include #endif /* !_EFISTDARG_H_ */ diff --git a/include/system/stdarg.h b/include/system/stdarg.h index 68c171b8f..813edd748 100644 --- a/include/system/stdarg.h +++ b/include/system/stdarg.h @@ -15,10 +15,6 @@ typedef __builtin_va_list __builtin_sysv_va_list; #pragma GCC diagnostic pop #endif -#ifndef GNU_EFI_USE_EXTERNAL_STDARG -#define GNU_EFI_USE_EXTERNAL_STDARG -#endif - #ifdef SHIM_UNIT_TEST #include_next #endif @@ -26,13 +22,6 @@ typedef __builtin_va_list __builtin_sysv_va_list; #if defined(__aarch64__) || defined(__arm__) || defined(__i386__) || \ defined(__i486__) || defined(__i686__) || defined(__COVERITY__) -typedef __builtin_va_list ms_va_list; -typedef __builtin_va_list __builtin_ms_va_list; -#define ms_va_copy(dest, start) __builtin_va_copy(dest, start) -#define ms_va_start(marker, arg) __builtin_va_start(marker, arg) -#define ms_va_arg(marker, type) __builtin_va_arg(marker, type) -#define ms_va_end(marker) __builtin_va_end(marker) - typedef __builtin_va_list sysv_va_list; #define sysv_va_copy(dest, start) __builtin_va_copy(dest, start) #define sysv_va_start(marker, arg) __builtin_va_start(marker, arg) @@ -49,11 +38,6 @@ typedef __builtin_va_list VA_LIST; #elif defined(__x86_64__) -typedef __builtin_ms_va_list ms_va_list; -#define ms_va_copy(dest, start) __builtin_ms_va_copy(dest, start) -#define ms_va_start(marker, arg) __builtin_ms_va_start(marker, arg) -#define ms_va_arg(marker, type) __builtin_va_arg(marker, type) -#define ms_va_end(marker) __builtin_ms_va_end(marker) typedef __builtin_sysv_va_list sysv_va_list; #define sysv_va_copy(dest, start) __builtin_sysv_va_copy(dest, start) #define sysv_va_start(marker, arg) __builtin_sysv_va_start(marker, arg) diff --git a/shim.h b/shim.h index 8b52ce7a4..b76c16d9e 100644 --- a/shim.h +++ b/shim.h @@ -31,10 +31,6 @@ #pragma GCC diagnostic ignored "-Wpointer-bool-conversion" #endif -#if !defined(GNU_EFI_USE_EXTERNAL_STDARG) -#define GNU_EFI_USE_EXTERNAL_STDARG -#endif - #if !defined(GNU_EFI_USE_MS_ABI) #define GNU_EFI_USE_MS_ABI #endif From 5bbeb3732be76fed2582d507fcacb8ae86929473 Mon Sep 17 00:00:00 2001 From: Callum Farmer Date: Sun, 12 Jan 2025 17:12:40 +0000 Subject: [PATCH 07/19] Avoid misuse of Print sys_va_list funcs Signed-off-by: Callum Farmer --- errlog.c | 6 +++--- lib/console.c | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/errlog.c b/errlog.c index 6971e80b4..49028f03e 100644 --- a/errlog.c +++ b/errlog.c @@ -19,7 +19,7 @@ vdprint_(const CHAR16 *fmt, const char *file, int line, const char *func, if (verbose) { ms_va_copy(args2, args); console_print(L"%a:%d:%a() ", file, line, func); - efi_status = VPrint(fmt, args2); + efi_status = MS_VPrint(fmt, args2); ms_va_end(args2); } return efi_status; @@ -45,7 +45,7 @@ VLogError(const char *file, int line, const char *func, const CHAR16 *fmt, if (!newerrs[nerrs]) return EFI_OUT_OF_RESOURCES; ms_va_copy(args2, args); - newerrs[nerrs+1] = VPoolPrint(fmt, args2); + newerrs[nerrs+1] = MS_VPoolPrint(fmt, args2); if (!newerrs[nerrs+1]) return EFI_OUT_OF_RESOURCES; ms_va_end(args2); @@ -135,7 +135,7 @@ log_debug_print(const CHAR16 *fmt, ...) UINTN ret = 0; ms_va_start(args, fmt); - buf = VPoolPrint(fmt, args); + buf = MS_VPoolPrint(fmt, args); if (!buf) return 0; ms_va_end(args); diff --git a/lib/console.c b/lib/console.c index f60383209..991dcee69 100644 --- a/lib/console.c +++ b/lib/console.c @@ -96,7 +96,7 @@ console_print(const CHAR16 *fmt, ...) setup_console(1); ms_va_start(args, fmt); - ret = VPrint(fmt, args); + ret = MS_VPrint(fmt, args); ms_va_end(args); return ret; @@ -116,7 +116,7 @@ console_print_at(UINTN col, UINTN row, const CHAR16 *fmt, ...) co->SetCursorPosition(co, col, row); ms_va_start(args, fmt); - ret = VPrint(fmt, args); + ret = MS_VPrint(fmt, args); ms_va_end(args); return ret; From 5826f7f738a6b7bf8c710ae586daa3000a331879 Mon Sep 17 00:00:00 2001 From: Callum Farmer Date: Tue, 14 Jan 2025 09:37:59 +0000 Subject: [PATCH 08/19] avoid conflicting CompareGuid Signed-off-by: Callum Farmer --- include/test.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/test.h b/include/test.h index bffad7d55..4b717ddea 100644 --- a/include/test.h +++ b/include/test.h @@ -185,6 +185,10 @@ guidcmp(const EFI_GUID * const guid0, const EFI_GUID * const guid1) return ret; } +#if defined(CompareGuid) +#undef CompareGuid +#endif + #define CompareGuid(a, b) (guidcmp(a, b) == 0) #define CompareGuidForSorting(a, b) guidcmp(a, b) From 8e434c0f64a2dbb89dacd7571020d2cc4be32146 Mon Sep 17 00:00:00 2001 From: Callum Farmer Date: Tue, 11 Feb 2025 12:55:25 +0000 Subject: [PATCH 09/19] disable gnuefi_signed_strncmp Signed-off-by: Callum Farmer --- test-str.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test-str.c b/test-str.c index 30f8dd0b4..9218a8ebb 100644 --- a/test-str.c +++ b/test-str.c @@ -484,7 +484,7 @@ gnuefi_strncmp ( * This is still broken, and fails the test case as written on arm. * We no longer use this, so we do not strictly need to run it. */ -#if !defined(__arm__) && !defined(__aarch64__) +#if 0 static inline INTN gnuefi_signed_strncmp ( IN CONST CHAR8 *s1, @@ -719,7 +719,7 @@ test_strncmp(void) * This is still broken, and fails the test case as written on arm. * We no longer use this, so we do not strictly need to run it. */ -#if !defined(__arm__) && !defined(__aarch64__) +#if 0 /* * gnu-efi's broken strncmpa with the return type fixed */ From 6a980e286a28fb004a5aacfd1a20bbcfe4573f4b Mon Sep 17 00:00:00 2001 From: Callum Farmer Date: Mon, 13 Jan 2025 15:23:03 +0000 Subject: [PATCH 10/19] fix gnu-efi paths Signed-off-by: Callum Farmer --- Make.defaults | 6 +++--- Makefile | 8 +++++--- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/Make.defaults b/Make.defaults index afbf44d0a..b9c3f4a71 100644 --- a/Make.defaults +++ b/Make.defaults @@ -160,8 +160,8 @@ endif LIB_GCC = $(shell $(CC) $(ARCH_CFLAGS) -print-libgcc-file-name) EFI_LIBS = -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC) FORMAT ?= --output-target efi-app-$(ARCH) -LOCAL_EFI_PATH = gnu-efi/$(ARCH_GNUEFI)/gnuefi -LIBDIR = gnu-efi/$(ARCH_GNUEFI)/lib +LOCAL_EFI_PATH = $(TOPDIR)/gnu-efi/$(ARCH_GNUEFI)/gnuefi +LIBDIR = $(TOPDIR)/gnu-efi/$(ARCH_GNUEFI)/lib MMSTEM ?= mm$(ARCH_SUFFIX) MMNAME = $(MMSTEM).efi @@ -192,7 +192,7 @@ ifneq ($(origin SBAT_AUTOMATIC_DATE), undefined) DEFINES += -DSBAT_AUTOMATIC_DATE=$(SBAT_AUTOMATIC_DATE) endif -LDFLAGS = --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(LOCAL_EFI_PATH) -L$(LIBDIR) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1 $(ARCH_LDFLAGS) --no-undefined +LDFLAGS = --hash-style=sysv -nostdlib -znocombreloc -T $(EFI_LDS) -shared -Bsymbolic -L$(LIBDIR) -L$(LOCAL_EFI_PATH) -LCryptlib -LCryptlib/OpenSSL $(EFI_CRT_OBJS) --build-id=sha1 $(ARCH_LDFLAGS) --no-undefined ifneq ($(DEBUG),) export DEBUG diff --git a/Makefile b/Makefile index 7c5ebcc33..55318457a 100644 --- a/Makefile +++ b/Makefile @@ -150,8 +150,8 @@ $(SHIMNAME) $(MMNAME) $(FBNAME) : | post-process-pe LIBS = Cryptlib/libcryptlib.a \ Cryptlib/OpenSSL/libopenssl.a \ lib/lib.a \ - gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a \ - gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a + $(TOPDIR)/gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a \ + $(TOPDIR)/gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a $(SHIMSONAME): $(OBJS) $(LIBS) $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a @@ -166,7 +166,7 @@ MokManager.o: $(MOK_SOURCES) $(MMSONAME): $(MOK_OBJS) $(LIBS) $(LD) -o $@ $(LDFLAGS) $^ $(EFI_LIBS) lib/lib.a -gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a: +$(TOPDIR)/gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a $(TOPDIR)/gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a: mkdir -p gnu-efi/lib gnu-efi/gnuefi $(MAKE) -C gnu-efi \ COMPILER="$(COMPILER)" \ @@ -175,6 +175,7 @@ gnu-efi/$(ARCH_GNUEFI)/gnuefi/libgnuefi.a gnu-efi/$(ARCH_GNUEFI)/lib/libefi.a: ARCH=$(ARCH_GNUEFI) \ NO_GLIBC=1 \ TOPDIR=$(TOPDIR)/gnu-efi \ + VPATH=$(TOPDIR)/gnu-efi \ -f $(TOPDIR)/gnu-efi/Makefile \ lib gnuefi inc $(IGNORE_COMPILER_ERRORS) @@ -358,6 +359,7 @@ clean-gnu-efi: COMPILER="$(COMPILER)" \ ARCH=$(ARCH_GNUEFI) \ TOPDIR=$(TOPDIR)/gnu-efi \ + VPATH=$(TOPDIR)/gnu-efi \ -f $(TOPDIR)/gnu-efi/Makefile \ clean ; \ fi From 4b96f2a37990bf372790b03d352a4618b74d26a6 Mon Sep 17 00:00:00 2001 From: Callum Farmer Date: Mon, 13 Oct 2025 14:38:25 +0100 Subject: [PATCH 11/19] Fix some lds issues * De-duplicate uses of .note.gnu.build-id/.eh_frame * Push .reloc after .data (see ncroxon/gnu-efi@03bfe2f5ced3cfda8cc693bbb2ff647b8087d5a8) * ARM updates: * use new .text placement (0x1000) fixes allocation issue (ncroxon/gnu-efi@24a4cd0e5653fd84b004c00c808c45cc3fb7a7e2) * add needed symbols from gnu-efi * Add missed reloc section (ncroxon/gnu-efi@eadee98bf007a577d461cf9529eae655c9aebd03) Signed-off-by: Callum Farmer --- elf_aarch64_efi.lds | 15 +++++++-------- elf_arm_efi.lds | 18 +++++++++++++++--- elf_ia32_efi.lds | 13 +++++++------ elf_x86_64_efi.lds | 15 +++++++-------- 4 files changed, 36 insertions(+), 25 deletions(-) diff --git a/elf_aarch64_efi.lds b/elf_aarch64_efi.lds index ff2e408ae..7f26a1457 100644 --- a/elf_aarch64_efi.lds +++ b/elf_aarch64_efi.lds @@ -5,7 +5,8 @@ SECTIONS { . = 0; ImageBase = .; - .hash : { *(.hash) } /* this MUST come first! */ + /* this MUST come first! */ + .hash : { *(.hash) } . = ALIGN(65536); .eh_frame : { @@ -21,11 +22,6 @@ SECTIONS _etext = .; } . = ALIGN(65536); - .reloc : - { - *(.reloc) - } - . = ALIGN(65536); .note.gnu.build-id : { *(.note.gnu.build-id) } @@ -57,6 +53,11 @@ SECTIONS *(COMMON) *(.rel.local) } + . = ALIGN(65536); + .reloc : + { + *(.reloc) + } . = ALIGN(65536); .vendor_cert : @@ -92,9 +93,7 @@ SECTIONS .ignored.reloc : { *(.rela.reloc) - *(.eh_frame) *(.note.GNU-stack) } .comment 0 : { *(.comment) } - .note.gnu.build-id : { *(.note.gnu.build-id) } } diff --git a/elf_arm_efi.lds b/elf_arm_efi.lds index 533462193..66185a4fc 100644 --- a/elf_arm_efi.lds +++ b/elf_arm_efi.lds @@ -3,9 +3,10 @@ OUTPUT_ARCH(arm) ENTRY(_start) SECTIONS { - .text 0x0 : { - _text = .; + .text 0 : { *(.text.head) + . = 0x1000; + _text = .; *(.text) *(.text.*) *(.gnu.linkonce.t.*) @@ -45,6 +46,16 @@ SECTIONS _edata = .; _data_vsize = _evdata - _data; _data_size = . - _data; + . = ALIGN(4096); + _reloc = .; + .areloc : { + *(.areloc) + _evreloc = .; + . = ALIGN(4096); + _ereloc = .; + } =0 + _reloc_vsize = _evreloc - _reloc; + _reloc_size = _ereloc - _reloc; /* * Note that _sbat must be the beginning of the data, and _esbat must be the @@ -99,7 +110,8 @@ SECTIONS _erodata = .; _rodata_size = . - _rodata; _rodata_vsize = _evrodata - _rodata; - _alldata_size = . - _data; + _image_end = .; + _alldata_size = _image_end - _data; /DISCARD/ : { diff --git a/elf_ia32_efi.lds b/elf_ia32_efi.lds index e8da91bdf..3f22c9336 100644 --- a/elf_ia32_efi.lds +++ b/elf_ia32_efi.lds @@ -5,7 +5,8 @@ SECTIONS { . = 0; ImageBase = .; - .hash : { *(.hash) } /* this MUST come first! */ + /* .hash and/or .gnu.hash MUST come first! */ + .hash : { *(.hash) } . = ALIGN(4096); .text : { @@ -16,11 +17,6 @@ SECTIONS _etext = .; } . = ALIGN(4096); - .reloc : - { - *(.reloc) - } - . = ALIGN(4096); .note.gnu.build-id : { *(.note.gnu.build-id) } @@ -52,6 +48,11 @@ SECTIONS *(.bss) *(COMMON) } + . = ALIGN(4096); + .reloc : + { + *(.reloc) + } . = ALIGN(4096); .vendor_cert : diff --git a/elf_x86_64_efi.lds b/elf_x86_64_efi.lds index 39aff6b07..56a1c71bf 100644 --- a/elf_x86_64_efi.lds +++ b/elf_x86_64_efi.lds @@ -6,7 +6,8 @@ SECTIONS { . = 0; ImageBase = .; - .hash : { *(.hash) } /* this MUST come first! */ + /* this MUST come first! */ + .hash : { *(.hash) } . = ALIGN(4096); .eh_frame : { @@ -22,11 +23,6 @@ SECTIONS _etext = .; } . = ALIGN(4096); - .reloc : - { - *(.reloc) - } - . = ALIGN(4096); .note.gnu.build-id : { *(.note.gnu.build-id) } @@ -58,6 +54,11 @@ SECTIONS *(COMMON) *(.rel.local) } + . = ALIGN(4096); + .reloc : + { + *(.reloc) + } . = ALIGN(4096); .vendor_cert : @@ -93,9 +94,7 @@ SECTIONS .ignored.reloc : { *(.rela.reloc) - *(.eh_frame) *(.note.GNU-stack) } .comment 0 : { *(.comment) } - .note.gnu.build-id : { *(.note.gnu.build-id) } } From f2f9fe82240a3d63bf7b8172ee26ad7a4335d7b4 Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Mon, 5 Apr 2021 12:14:44 +0200 Subject: [PATCH 12/19] Initial RISC-V support Add what is needed to build on riscv64. Signed-off-by: Heinrich Schuchardt --- Cryptlib/Include/OpenSslSupport.h | 3 +- Cryptlib/Makefile | 3 + Cryptlib/OpenSSL/Makefile | 3 + Make.defaults | 10 +++ elf_riscv64_efi.lds | 111 ++++++++++++++++++++++++++++++ include/asm.h | 2 + include/peimage.h | 2 + include/system/stdarg.h | 12 +++- lib/Makefile | 3 + pe-relocate.c | 6 ++ shim.h | 15 ++++ 11 files changed, 168 insertions(+), 2 deletions(-) create mode 100644 elf_riscv64_efi.lds diff --git a/Cryptlib/Include/OpenSslSupport.h b/Cryptlib/Include/OpenSslSupport.h index 54f53fd60..a0a60bf4d 100644 --- a/Cryptlib/Include/OpenSslSupport.h +++ b/Cryptlib/Include/OpenSslSupport.h @@ -58,7 +58,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #define CONFIG_HEADER_BN_H -#if defined(MDE_CPU_X64) || defined(MDE_CPU_AARCH64) || defined(MDE_CPU_IA64) +#if defined(MDE_CPU_X64) || defined(MDE_CPU_AARCH64) || \ + defined(MDE_CPU_IA64) || defined(MDE_CPU_RISCV64) // // With GCC we would normally use SIXTY_FOUR_BIT_LONG, but MSVC needs // SIXTY_FOUR_BIT, because 'long' is 32-bit and only 'long long' is diff --git a/Cryptlib/Makefile b/Cryptlib/Makefile index 68a9395e1..39c3e8d09 100644 --- a/Cryptlib/Makefile +++ b/Cryptlib/Makefile @@ -40,6 +40,9 @@ endif ifeq ($(ARCH),arm) DEFINES += -DMDE_CPU_ARM endif +ifeq ($(ARCH),riscv64) +DEFINES += -DMDE_CPU_RISCV64 +endif ifeq ($(ENABLE_CODESIGN_EKU),1) DEFINES += -DENABLE_CODESIGN_EKU endif diff --git a/Cryptlib/OpenSSL/Makefile b/Cryptlib/OpenSSL/Makefile index e517bcfd1..2f18b2faf 100644 --- a/Cryptlib/OpenSSL/Makefile +++ b/Cryptlib/OpenSSL/Makefile @@ -52,6 +52,9 @@ endif ifeq ($(ARCH),arm) DEFINES += -DMDE_CPU_ARM endif +ifeq ($(ARCH),riscv64) +DEFINES += -DMDE_CPU_RISCV64 +endif LDFLAGS = -nostdlib -znocombreloc diff --git a/Make.defaults b/Make.defaults index b9c3f4a71..37027c899 100644 --- a/Make.defaults +++ b/Make.defaults @@ -100,6 +100,16 @@ ifeq ($(ARCH),arm) ARCH_LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM) ARCH_SECTION_ALIGNMENT ?= 0x1000 endif +ifeq ($(ARCH),riscv64) + ARCH_CFLAGS ?= -DMDE_CPU_RISCV64 -DPAGE_SIZE=4096 + ARCH_GNUEFI ?= riscv64 + ARCH_SUFFIX ?= riscv64 + ARCH_SUFFIX_UPPER ?= RISCV64 + FORMAT := -O binary + SUBSYSTEM := 0xa + ARCH_LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM) + TIMESTAMP_LOCATION := 72 +endif DEFINES = -DDEFAULT_LOADER='L"$(DEFAULT_LOADER)"' \ -DDEFAULT_LOADER_CHAR='"$(DEFAULT_LOADER)"' diff --git a/elf_riscv64_efi.lds b/elf_riscv64_efi.lds new file mode 100644 index 000000000..82bf11857 --- /dev/null +++ b/elf_riscv64_efi.lds @@ -0,0 +1,111 @@ +OUTPUT_FORMAT("elf64-littleriscv", "elf64-littleriscv", "elf64-littleriscv") +OUTPUT_ARCH(riscv) +ENTRY(_start) +SECTIONS +{ + .text 0x0 : { + _text = .; + *(.text.head) + *(.text) + *(.text.*) + *(.gnu.linkonce.t.*) + _evtext = .; + . = ALIGN(4096); + } + _etext = .; + _text_size = . - _text; + _text_vsize = _evtext - _text; + + . = ALIGN(4096); + .data : + { + _data = .; + *(.sdata) + *(.data) + *(.data1) + *(.data.*) + *(.got.plt) + *(.got) + + *(.dynamic) + + /* the EFI loader doesn't seem to like a .bss section, so we stick + it all into .data: */ + . = ALIGN(16); + _bss = .; + *(.sbss) + *(.scommon) + *(.dynbss) + *(.bss) + *(COMMON) + _evdata = .; + . = ALIGN(4096); + _bss_end = .; + } + _edata = .; + _data_vsize = _evdata - _data; + _data_size = . - _data; + + /* + * Note that _sbat must be the beginning of the data, and _esbat must be the + * end and must be before any section padding. The sbat self-check uses + * _esbat to find the bounds of the data, and if the padding is included, the + * CSV parser (correctly) rejects the data as having NUL values in one of the + * required columns. + */ + . = ALIGN(4096); + .sbat : + { + _sbat = .; + *(.sbat) + *(.sbat.*) + _esbat = .; + . = ALIGN(4096); + _epsbat = .; + } + _sbat_size = _epsbat - _sbat; + _sbat_vsize = _esbat - _sbat; + + . = ALIGN(4096); + .rodata : + { + _rodata = .; + *(.rodata*) + *(.srodata) + . = ALIGN(16); + *(.note.gnu.build-id) + . = ALIGN(4096); + *(.vendor_cert) + *(.data.ident) + . = ALIGN(4096); + } + . = ALIGN(4096); + .rela : + { + *(.rela.dyn) + *(.rela.plt) + *(.rela.got) + *(.rela.data) + *(.rela.data*) + } + . = ALIGN(4096); + .dyn : + { + *(.dynsym) + *(.dynstr) + _evrodata = .; + . = ALIGN(4096); + } + _erodata = .; + _rodata_size = . - _rodata; + _rodata_vsize = _evrodata - _rodata; + _alldata_size = . - _data; + + /DISCARD/ : + { + *(.rel.reloc) + *(.eh_frame) + *(.note.GNU-stack) + } + .comment 0 : { *(.comment) } +} diff --git a/include/asm.h b/include/asm.h index f5118b235..5596d933a 100644 --- a/include/asm.h +++ b/include/asm.h @@ -19,6 +19,8 @@ static inline uint64_t read_counter(void) __asm__ __volatile__ ("mrs %0, pmccntr_el0" : "=r" (val)); #elif defined(__arm__) __asm__ __volatile__ ("mrc p15, 0, %0, c9, c13, 0" : "=r" (val)); +#elif defined(__riscv) && __riscv_xlen == 64 + __asm__ __volatile__ ("csrr %0, 0xc01" : "=r" (val) : : "memory"); #else #error unsupported arch #endif diff --git a/include/peimage.h b/include/peimage.h index 8c84d18f1..293ec1a7a 100644 --- a/include/peimage.h +++ b/include/peimage.h @@ -50,6 +50,8 @@ #define IMAGE_FILE_MACHINE_X64 0x8664 #define IMAGE_FILE_MACHINE_ARMTHUMB_MIXED 0x01c2 #define IMAGE_FILE_MACHINE_ARM64 0xaa64 +#define IMAGE_FILE_MACHINE_RISCV32 0x5032 +#define IMAGE_FILE_MACHINE_RISCV64 0x5064 // // EXE file formats diff --git a/include/system/stdarg.h b/include/system/stdarg.h index 813edd748..591c8df93 100644 --- a/include/system/stdarg.h +++ b/include/system/stdarg.h @@ -20,13 +20,23 @@ typedef __builtin_va_list __builtin_sysv_va_list; #endif #if defined(__aarch64__) || defined(__arm__) || defined(__i386__) || \ - defined(__i486__) || defined(__i686__) || defined(__COVERITY__) + defined(__i486__) || defined(__i686__) || defined(__COVERITY__) || defined(__riscv) typedef __builtin_va_list sysv_va_list; #define sysv_va_copy(dest, start) __builtin_va_copy(dest, start) #define sysv_va_start(marker, arg) __builtin_va_start(marker, arg) #define sysv_va_arg(marker, type) __builtin_va_arg(marker, type) #define sysv_va_end(marker) __builtin_va_end(marker) + +/* + * gnu-efi needs this. + */ +typedef __builtin_va_list va_list; +# define va_start(v,l) __builtin_va_start(v,l) +# define va_end(v) __builtin_va_end(v) +# define va_arg(v,l) __builtin_va_arg(v,l) +# define va_copy(d,s) __builtin_va_copy(d,s) + /* * OpenSSL's X509ConstructCertificateStack needs this. */ diff --git a/lib/Makefile b/lib/Makefile index f81c5c9bd..0b79246bd 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -30,6 +30,9 @@ endif ifeq ($(ARCH),arm) DEFINES += -DMDE_CPU_ARM endif +ifeq ($(ARCH),riscv64) +DEFINES += -DMDE_CPU_RISCV64 +endif LDFLAGS = -nostdlib -znocombreloc diff --git a/pe-relocate.c b/pe-relocate.c index 1f82d7836..464ac38c3 100644 --- a/pe-relocate.c +++ b/pe-relocate.c @@ -280,6 +280,8 @@ allow_64_bit(void) if (in_protocol) return 1; return 0; +#elif defined (__riscv) && __riscv_xlen == 64 + return 1; #else /* assuming everything else is 32-bit... */ return 0; #endif @@ -300,6 +302,8 @@ allow_32_bit(void) return 1; #elif defined(__aarch64__) return 0; +#elif defined (__riscv) && __riscv_xlen == 64 + return 0; #else /* assuming everything else is 32-bit... */ return 1; #endif @@ -326,6 +330,8 @@ static const UINT16 machine_type = IMAGE_FILE_MACHINE_I386; #elif defined(__ia64__) IMAGE_FILE_MACHINE_IA64; +#elif defined(__riscv) && __riscv_xlen == 64 + IMAGE_FILE_MACHINE_RISCV64; #else #error this architecture is not supported by shim #endif diff --git a/shim.h b/shim.h index b76c16d9e..88f50435c 100644 --- a/shim.h +++ b/shim.h @@ -125,6 +125,21 @@ #endif #endif +#if defined(__riscv) && __riscv_xlen == 64 +#ifndef DEFAULT_LOADER +#define DEFAULT_LOADER L"\\grubriscv64.efi" +#endif +#ifndef DEFAULT_LOADER_CHAR +#define DEFAULT_LOADER_CHAR "\\grubriscv64.efi" +#endif +#ifndef EFI_ARCH +#define EFI_ARCH L"riscv64" +#endif +#ifndef DEBUGDIR +#define DEBUGDIR L"/usr/lib/debug/usr/share/shim/riscv64/" +#endif +#endif + #ifndef DEBUGSRC #define DEBUGSRC L"/usr/src/debug/shim-" VERSIONSTR "." EFI_ARCH #endif From 917f8bdd6adcf7f94a1d64064dd412f548ed1783 Mon Sep 17 00:00:00 2001 From: Brian 'redbeard' Harrington Date: Tue, 26 Mar 2024 17:13:50 -0700 Subject: [PATCH 13/19] bug: Remove extraneous configuration from RISC-V @davidlt and @xypron pointed out prior changed to binutils 2.42 which added support for RISC-V EFI objects. This reflects the upstream preference to avoid adding additional architectures which are emitting flat binary files via `objcopy` (i.e. `-O binary` architectures). Signed-off-by: Brian 'redbeard' Harrington --- Make.defaults | 4 ---- 1 file changed, 4 deletions(-) diff --git a/Make.defaults b/Make.defaults index 37027c899..931fbc86c 100644 --- a/Make.defaults +++ b/Make.defaults @@ -105,10 +105,6 @@ ifeq ($(ARCH),riscv64) ARCH_GNUEFI ?= riscv64 ARCH_SUFFIX ?= riscv64 ARCH_SUFFIX_UPPER ?= RISCV64 - FORMAT := -O binary - SUBSYSTEM := 0xa - ARCH_LDFLAGS += --defsym=EFI_SUBSYSTEM=$(SUBSYSTEM) - TIMESTAMP_LOCATION := 72 endif DEFINES = -DDEFAULT_LOADER='L"$(DEFAULT_LOADER)"' \ From 4290de9b1c76caaa2b6294365045d8b4f468aa3f Mon Sep 17 00:00:00 2001 From: Andrea Bolognani Date: Tue, 31 Mar 2026 14:20:38 +0200 Subject: [PATCH 14/19] fixup! add section alignment for riscv64 Signed-off-by: Andrea Bolognani --- Make.defaults | 1 + 1 file changed, 1 insertion(+) diff --git a/Make.defaults b/Make.defaults index 931fbc86c..32ad1bb38 100644 --- a/Make.defaults +++ b/Make.defaults @@ -105,6 +105,7 @@ ifeq ($(ARCH),riscv64) ARCH_GNUEFI ?= riscv64 ARCH_SUFFIX ?= riscv64 ARCH_SUFFIX_UPPER ?= RISCV64 + ARCH_SECTION_ALIGNMENT ?= 0x1000 endif DEFINES = -DDEFAULT_LOADER='L"$(DEFAULT_LOADER)"' \ From cff3f26afed9fd9a6b45365fca8429d86d057bb3 Mon Sep 17 00:00:00 2001 From: Andrea Bolognani Date: Thu, 11 Dec 2025 01:27:31 +0100 Subject: [PATCH 15/19] fixup! drop va_list related definitions from stdarg.h They don't seem to be necessary when building against the latest upstream version of gnu-efi. Signed-off-by: Andrea Bolognani --- include/system/stdarg.h | 9 --------- 1 file changed, 9 deletions(-) diff --git a/include/system/stdarg.h b/include/system/stdarg.h index 591c8df93..3d080ace0 100644 --- a/include/system/stdarg.h +++ b/include/system/stdarg.h @@ -28,15 +28,6 @@ typedef __builtin_va_list sysv_va_list; #define sysv_va_arg(marker, type) __builtin_va_arg(marker, type) #define sysv_va_end(marker) __builtin_va_end(marker) -/* - * gnu-efi needs this. - */ -typedef __builtin_va_list va_list; -# define va_start(v,l) __builtin_va_start(v,l) -# define va_end(v) __builtin_va_end(v) -# define va_arg(v,l) __builtin_va_arg(v,l) -# define va_copy(d,s) __builtin_va_copy(d,s) - /* * OpenSSL's X509ConstructCertificateStack needs this. */ From c5ec15e15552b74d3808e1daa7b21c6f2a5fd28b Mon Sep 17 00:00:00 2001 From: Jason Montleon Date: Mon, 24 Jun 2024 02:29:30 -0400 Subject: [PATCH 16/19] Sync elf_riscv64_efi.lds with gnu-efi 4.0.4 The SBAT-related definitions are missing from upstream gnu-efi, so those are retained. The rest of the file is completely identical to the upstream counterpart. Signed-off-by: Jason Montleon --- elf_riscv64_efi.lds | 135 ++++++++++++++++++++++++++------------------ 1 file changed, 80 insertions(+), 55 deletions(-) diff --git a/elf_riscv64_efi.lds b/elf_riscv64_efi.lds index 82bf11857..ca0e2c236 100644 --- a/elf_riscv64_efi.lds +++ b/elf_riscv64_efi.lds @@ -1,21 +1,33 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later OR BSD-2-Clause */ + OUTPUT_FORMAT("elf64-littleriscv", "elf64-littleriscv", "elf64-littleriscv") OUTPUT_ARCH(riscv) ENTRY(_start) SECTIONS { - .text 0x0 : { + . = 0; + ImageBase = .; + /* .hash and/or .gnu.hash MUST come first! */ + .hash : { *(.hash) } + .gnu.hash : { *(.gnu.hash) } + . = ALIGN(4096); + .eh_frame : { *(.eh_frame) } + .eh_frame_hdr : { *(.eh_frame_hdr) } + .gcc_except_table : { *(.gcc_except_table*) } + . = ALIGN(4096); + .text : { _text = .; - *(.text.head) *(.text) *(.text.*) *(.gnu.linkonce.t.*) - _evtext = .; - . = ALIGN(4096); + *(.plt) + . = ALIGN(16); } _etext = .; - _text_size = . - _text; - _text_vsize = _evtext - _text; - + _text_size = _etext - _text; + . = ALIGN(65536); + _DYNAMIC = .; + .dynamic : { *(.dynamic) } . = ALIGN(4096); .data : { @@ -27,7 +39,32 @@ SECTIONS *(.got.plt) *(.got) - *(.dynamic) + /* + * Note that these aren't the using the GNU "CONSTRUCTOR" output section + * command, so they don't start with a size. Because of p2align and the + * end/END definitions, and the fact that they're mergeable, they can also + * have NULLs which aren't guaranteed to be at the end. + */ + . = ALIGN(16); + __init_array_start = .; + *(SORT(.init_array.*)) + *(.init_array) + __init_array_end = .; + . = ALIGN(16); + __CTOR_LIST__ = .; + *(SORT(.ctors.*)) + *(.ctors) + __CTOR_END__ = .; + . = ALIGN(16); + __DTOR_LIST__ = .; + *(SORT(.dtors.*)) + *(.dtors) + __DTOR_END__ = .; + . = ALIGN(16); + __fini_array_start = .; + *(SORT(.fini_array.*)) + *(.fini_array) + __fini_array_end = .; /* the EFI loader doesn't seem to like a .bss section, so we stick it all into .data: */ @@ -36,23 +73,41 @@ SECTIONS *(.sbss) *(.scommon) *(.dynbss) - *(.bss) + *(.bss*) *(COMMON) - _evdata = .; - . = ALIGN(4096); + *(.rel.local) + . = ALIGN(16); + _bss_end = .; } + . = ALIGN(4096); + .reloc : + { + KEEP (*(.reloc)) + } + + . = ALIGN(4096); + .rela : + { + *(.rela.text*) + *(.rela.data*) + *(.rela.got) + *(.rela.dyn) + *(.rela.stab) + *(.rela.init_array*) + *(.rela.fini_array*) + *(.rela.ctors*) + *(.rela.dtors*) + + } + . = ALIGN(4096); + .rela.plt : { *(.rela.plt) } + . = ALIGN(4096); + .rodata : { *(.rodata*) } + . = ALIGN(512); _edata = .; - _data_vsize = _evdata - _data; - _data_size = . - _data; + _data_size = _edata - _data; - /* - * Note that _sbat must be the beginning of the data, and _esbat must be the - * end and must be before any section padding. The sbat self-check uses - * _esbat to find the bounds of the data, and if the padding is included, the - * CSV parser (correctly) rejects the data as having NUL values in one of the - * required columns. - */ . = ALIGN(4096); .sbat : { @@ -67,44 +122,14 @@ SECTIONS _sbat_vsize = _esbat - _sbat; . = ALIGN(4096); - .rodata : - { - _rodata = .; - *(.rodata*) - *(.srodata) - . = ALIGN(16); - *(.note.gnu.build-id) - . = ALIGN(4096); - *(.vendor_cert) - *(.data.ident) - . = ALIGN(4096); - } + .dynsym : { *(.dynsym) } . = ALIGN(4096); - .rela : - { - *(.rela.dyn) - *(.rela.plt) - *(.rela.got) - *(.rela.data) - *(.rela.data*) - } + .dynstr : { *(.dynstr) } . = ALIGN(4096); - .dyn : - { - *(.dynsym) - *(.dynstr) - _evrodata = .; - . = ALIGN(4096); - } - _erodata = .; - _rodata_size = . - _rodata; - _rodata_vsize = _evrodata - _rodata; - _alldata_size = . - _data; - - /DISCARD/ : + .note.gnu.build-id : { *(.note.gnu.build-id) } + .ignored.reloc : { - *(.rel.reloc) - *(.eh_frame) + *(.rela.reloc) *(.note.GNU-stack) } .comment 0 : { *(.comment) } From 799a755120dfa052cbda687f0daa21df4756dcca Mon Sep 17 00:00:00 2001 From: Brian Redbeard Date: Thu, 9 Apr 2026 00:41:14 -0700 Subject: [PATCH 17/19] elf_riscv64_efi.lds: Fix section layout to match shim conventions The riscv64 linker script was derived from gnu-efi 4.0.4 and carried over several layout decisions that conflict with how shim's PE/COFF post-processing and runtime expect sections to be arranged. This brings it in line with the x86_64, ia32, and aarch64 linker scripts. Add missing output sections that shim relies on: - .vendor_cert: holds vendor certificates emitted by cert.S. Without this section the linker treats it as an orphan and places it unpredictably, breaking vendor certificate verification at runtime. - .sbatlevel: holds the SBAT variable payload (sbat_var_payload_header) emitted by sbat_var.S. Without it the symbol lands at an arbitrary address and SBAT automatic/latest variable parsing reads garbage. - .data.ident: holds shim version/build identification emitted by version.c. All other 64-bit architectures place this in its own section so it can be inspected in the PE binary. Merge .rodata into the .data output section. On x86_64, ia32, and aarch64, .rodata* is placed inside .data. Having .rodata as a standalone output section creates a separate PE/COFF section that post-process-pe may not handle correctly. Move .note.gnu.build-id before .data (matching x86_64/ia32/aarch64) instead of after .dynstr where it was appended without alignment. Place .reloc, .vendor_cert, and .dynamic between .data and .rela, matching the section ordering used by every other architecture. Fix _edata alignment from ALIGN(512) to implicit section alignment. 512 is the PE file alignment, not the section alignment, and every other architecture relies on the preceding section's page alignment rather than inserting a sub-page alignment here. Remove manual '_DYNAMIC = .' definition before the .dynamic section. No other architecture defines this symbol manually; the linker provides it automatically from the .dynamic section. Remove KEEP() around .reloc contents. No other architecture uses KEEP for this section, and shim does not link with --gc-sections, making it a no-op. Fix inconsistent indentation on ALIGN(16) directives within .data. Signed-off-by: Brian Redbeard --- elf_riscv64_efi.lds | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/elf_riscv64_efi.lds b/elf_riscv64_efi.lds index ca0e2c236..ec7fe6440 100644 --- a/elf_riscv64_efi.lds +++ b/elf_riscv64_efi.lds @@ -25,13 +25,25 @@ SECTIONS } _etext = .; _text_size = _etext - _text; - . = ALIGN(65536); - _DYNAMIC = .; - .dynamic : { *(.dynamic) } + . = ALIGN(4096); + .note.gnu.build-id : { + *(.note.gnu.build-id) + } + + . = ALIGN(4096); + .data.ident : { + *(.data.ident) + } + . = ALIGN(4096); + .sbatlevel : { + *(.sbatlevel) + } + . = ALIGN(4096); .data : { _data = .; + *(.rodata*) *(.sdata) *(.data) *(.data1) @@ -50,12 +62,12 @@ SECTIONS *(SORT(.init_array.*)) *(.init_array) __init_array_end = .; - . = ALIGN(16); + . = ALIGN(16); __CTOR_LIST__ = .; *(SORT(.ctors.*)) *(.ctors) __CTOR_END__ = .; - . = ALIGN(16); + . = ALIGN(16); __DTOR_LIST__ = .; *(SORT(.dtors.*)) *(.dtors) @@ -83,9 +95,16 @@ SECTIONS . = ALIGN(4096); .reloc : { - KEEP (*(.reloc)) + *(.reloc) } + . = ALIGN(4096); + .vendor_cert : + { + *(.vendor_cert) + } + . = ALIGN(4096); + .dynamic : { *(.dynamic) } . = ALIGN(4096); .rela : { @@ -98,13 +117,9 @@ SECTIONS *(.rela.fini_array*) *(.rela.ctors*) *(.rela.dtors*) - } . = ALIGN(4096); .rela.plt : { *(.rela.plt) } - . = ALIGN(4096); - .rodata : { *(.rodata*) } - . = ALIGN(512); _edata = .; _data_size = _edata - _data; @@ -126,7 +141,6 @@ SECTIONS . = ALIGN(4096); .dynstr : { *(.dynstr) } . = ALIGN(4096); - .note.gnu.build-id : { *(.note.gnu.build-id) } .ignored.reloc : { *(.rela.reloc) From 60eb64e65e57b3f43e912a93b9194f0ccaa4eb21 Mon Sep 17 00:00:00 2001 From: Jason Montleon Date: Tue, 25 Jun 2024 23:11:38 -0400 Subject: [PATCH 18/19] Implement __riscv_flush_icache Signed-off-by: Jason Montleon --- lib/Makefile | 1 + lib/edk2asm.h | 4 ++++ lib/riscv64_cache.S | 10 ++++++++++ 3 files changed, 15 insertions(+) create mode 100644 lib/edk2asm.h create mode 100644 lib/riscv64_cache.S diff --git a/lib/Makefile b/lib/Makefile index 0b79246bd..80178f8bf 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -32,6 +32,7 @@ DEFINES += -DMDE_CPU_ARM endif ifeq ($(ARCH),riscv64) DEFINES += -DMDE_CPU_RISCV64 +LIBFILES += riscv64_cache.o endif LDFLAGS = -nostdlib -znocombreloc diff --git a/lib/edk2asm.h b/lib/edk2asm.h new file mode 100644 index 000000000..f713b89e8 --- /dev/null +++ b/lib/edk2asm.h @@ -0,0 +1,4 @@ +#define ASM_PFX(x) x +#define GCC_ASM_EXPORT(x) \ + .globl x ; \ + .type x, %function diff --git a/lib/riscv64_cache.S b/lib/riscv64_cache.S new file mode 100644 index 000000000..cf219cc6e --- /dev/null +++ b/lib/riscv64_cache.S @@ -0,0 +1,10 @@ +#include "edk2asm.h" + + .file "riscv64_cache.S" + .text + +GCC_ASM_EXPORT(__riscv_flush_icache) + +ASM_PFX(__riscv_flush_icache): + fence.i + ret From 3baaf8829844f6499b26ae952b2b64c38f27f48a Mon Sep 17 00:00:00 2001 From: Andrea Bolognani Date: Tue, 31 Mar 2026 14:32:56 +0200 Subject: [PATCH 19/19] CI: Add riscv64 cross-build jobs Signed-off-by: Andrea Bolognani --- .github/workflows/pullrequest.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index d74b6ea6e..693d0baa3 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -78,6 +78,21 @@ jobs: gccarch: x86_64 makearch: ia32 distro: f43 + - arch: amd64 + efiarch: riscv64 + gccarch: riscv64 + makearch: riscv64 + distro: f45 + - arch: amd64 + efiarch: riscv64 + gccarch: riscv64 + makearch: riscv64 + distro: f44 + - arch: amd64 + efiarch: riscv64 + gccarch: riscv64 + makearch: riscv64 + distro: f43 steps: - name: Checkout