diff --git a/Makefile b/Makefile index e7f6e49..0c26392 100644 --- a/Makefile +++ b/Makefile @@ -12,7 +12,7 @@ LIB_GCC = $(shell $(CC) -print-libgcc-file-name) EFI_LIBS = -lefi -lgnuefi --start-group Cryptlib/libcryptlib.a Cryptlib/OpenSSL/libopenssl.a --end-group $(LIB_GCC) EFI_CRT_OBJS = $(EFI_PATH)/crt0-efi-$(ARCH).o -EFI_LDS = $(EFI_PATH)/elf_$(ARCH)_efi.lds +EFI_LDS = elf_$(ARCH)_efi.lds CFLAGS = -ggdb -O0 -fno-stack-protector -fno-strict-aliasing -fpic \ -fshort-wchar -Wall -mno-red-zone -maccumulate-outgoing-args \ @@ -88,6 +88,7 @@ Cryptlib/OpenSSL/libopenssl.a: objcopy -j .text -j .sdata -j .data \ -j .dynamic -j .dynsym -j .rel \ -j .rela -j .reloc -j .eh_frame \ + -j .vendor_cert \ --target=efi-app-$(ARCH) $^ $@ objcopy -j .text -j .sdata -j .data \ -j .dynamic -j .dynsym -j .rel \ diff --git a/cert.S b/cert.S index 70b9c3f..4be0a24 100644 --- a/cert.S +++ b/cert.S @@ -4,6 +4,7 @@ .align 1 .type vendor_cert_size, @object .size vendor_cert_size, 4 + .section .vendor_cert, "", @progbits vendor_cert_size: .long .L0 - vendor_cert .globl vendor_cert @@ -11,6 +12,7 @@ vendor_cert_size: .align 1 .type vendor_cert, @object .size vendor_cert, .L0-vendor_cert + .section .vendor_cert, "", @progbits vendor_cert: .incbin VENDOR_CERT_FILE .L0: @@ -19,6 +21,7 @@ vendor_cert: .bss .type vendor_cert, @object .size vendor_cert, 1 + .section .vendor_cert, "", @progbits vendor_cert: .zero 1 @@ -27,6 +30,7 @@ vendor_cert: .align 4 .type vendor_cert_size, @object .size vendor_cert_size, 4 + .section .vendor_cert, "", @progbits vendor_cert_size: .long 1 #endif diff --git a/dbx.S b/dbx.S index 03db1ae..9ccdb67 100644 --- a/dbx.S +++ b/dbx.S @@ -4,6 +4,7 @@ .align 1 .type vendor_dbx_size, @object .size vendor_dbx_size, 4 + .section .vendor_cert, "", @progbits vendor_dbx_size: .long .L0 - vendor_dbx .globl vendor_dbx @@ -11,6 +12,7 @@ vendor_dbx_size: .align 1 .type vendor_dbx, @object .size vendor_dbx, .L0-vendor_dbx + .section .vendor_cert, "", @progbits vendor_dbx: .incbin VENDOR_DBX_FILE .L0: @@ -19,6 +21,7 @@ vendor_dbx: .bss .type vendor_dbx, @object .size vendor_dbx, 1 + .section .vendor_cert, "", @progbits vendor_dbx: .zero 1 @@ -27,6 +30,7 @@ vendor_dbx: .align 4 .type vendor_dbx_size, @object .size vendor_dbx_size, 4 + .section .vendor_cert, "", @progbits vendor_dbx_size: .long 0 #endif diff --git a/elf_ia32_efi.lds b/elf_ia32_efi.lds new file mode 100644 index 0000000..12d4085 --- /dev/null +++ b/elf_ia32_efi.lds @@ -0,0 +1,69 @@ +OUTPUT_FORMAT("elf32-i386", "elf32-i386", "elf32-i386") +OUTPUT_ARCH(i386) +ENTRY(_start) +SECTIONS +{ + . = 0; + ImageBase = .; + .hash : { *(.hash) } /* this MUST come first! */ + . = ALIGN(4096); + .text : + { + *(.text) + *(.text.*) + *(.gnu.linkonce.t.*) + } + .reloc : + { + *(.reloc) + } + . = ALIGN(4096); + .data : + { + *(.rodata*) + *(.data) + *(.data1) + *(.data.*) + *(.sdata) + *(.got.plt) + *(.got) + /* the EFI loader doesn't seem to like a .bss section, so we stick + it all into .data: */ + *(.sbss) + *(.scommon) + *(.dynbss) + *(.bss) + *(COMMON) + } + . = ALIGN(4096); + .vendor_cert : + { + *(.vendor_cert) + } + . = ALIGN(4096); + .dynamic : { *(.dynamic) } + . = ALIGN(4096); + .rel : + { + *(.rel.data) + *(.rel.data.*) + *(.rel.got) + *(.rel.stab) + *(.data.rel.ro.local) + *(.data.rel.local) + *(.data.rel.ro) + *(.data.rel*) + } + . = ALIGN(4096); + .dynsym : { *(.dynsym) } + . = ALIGN(4096); + .dynstr : { *(.dynstr) } + . = ALIGN(4096); + /DISCARD/ : + { + *(.rel.reloc) + *(.eh_frame) + *(.note.GNU-stack) + } + .comment 0 : { *(.comment) } +} diff --git a/elf_ia64_efi.lds b/elf_ia64_efi.lds new file mode 100644 index 0000000..d8dea4b --- /dev/null +++ b/elf_ia64_efi.lds @@ -0,0 +1,75 @@ +OUTPUT_FORMAT("elf64-ia64-little") +OUTPUT_ARCH(ia64) +ENTRY(_start_plabel) +SECTIONS +{ + . = 0; + ImageBase = .; + .hash : { *(.hash) } /* this MUST come first! */ + . = ALIGN(4096); + .text : + { + *(.text) + *(.text.*) + *(.gnu.linkonce.t.*) + } + . = ALIGN(4096); + __gp = ALIGN (8) + 0x200000; + .sdata : + { + *(.got.plt) + *(.got) + *(.srodata) + *(.sdata) + *(.sbss) + *(.scommon) + } + . = ALIGN(4096); + .data : + { + *(.rodata*) + *(.ctors) + *(.data*) + *(.gnu.linkonce.d*) + *(.plabel) /* data whose relocs we want to ignore */ + /* the EFI loader doesn't seem to like a .bss section, so we stick + it all into .data: */ + *(.dynbss) + *(.bss) + *(COMMON) + } + . = ALIGN(4096); + .vendor_cert : + { + *(.vendor_cert) + } + . = ALIGN(4096); + .dynamic : { *(.dynamic) } + . = ALIGN(4096); + .rela : + { + *(.rela.text) + *(.rela.data*) + *(.rela.sdata) + *(.rela.got) + *(.rela.gnu.linkonce.d*) + *(.rela.stab) + *(.rela.ctors) + } + . = ALIGN(4096); + .reloc : /* This is the PECOFF .reloc section! */ + { + *(.reloc) + } + . = ALIGN(4096); + .dynsym : { *(.dynsym) } + . = ALIGN(4096); + .dynstr : { *(.dynstr) } + /DISCARD/ : + { + *(.rela.plabel) + *(.rela.reloc) + *(.IA_64.unwind*) + *(.IA64.unwind*) + } +} diff --git a/elf_x86_64_efi.lds b/elf_x86_64_efi.lds new file mode 100644 index 0000000..f981102 --- /dev/null +++ b/elf_x86_64_efi.lds @@ -0,0 +1,68 @@ +/* Same as elf_x86_64_fbsd_efi.lds, except for OUTPUT_FORMAT below - KEEP IN SYNC */ +OUTPUT_FORMAT("elf64-x86-64", "elf64-x86-64", "elf64-x86-64") +OUTPUT_ARCH(i386:x86-64) +ENTRY(_start) +SECTIONS +{ + . = 0; + ImageBase = .; + .hash : { *(.hash) } /* this MUST come first! */ + . = ALIGN(4096); + .eh_frame : + { + *(.eh_frame) + } + . = ALIGN(4096); + .text : + { + *(.text) + } + . = ALIGN(4096); + .reloc : + { + *(.reloc) + } + . = ALIGN(4096); + .data : + { + *(.rodata*) + *(.got.plt) + *(.got) + *(.data*) + *(.sdata) + /* the EFI loader doesn't seem to like a .bss section, so we stick + it all into .data: */ + *(.sbss) + *(.scommon) + *(.dynbss) + *(.bss) + *(COMMON) + *(.rel.local) + } + . = ALIGN(4096); + .vendor_cert : + { + *(.vendor_cert) + } + . = ALIGN(4096); + .dynamic : { *(.dynamic) } + . = ALIGN(4096); + .rela : + { + *(.rela.data*) + *(.rela.got) + *(.rela.stab) + } + . = ALIGN(4096); + .dynsym : { *(.dynsym) } + . = ALIGN(4096); + .dynstr : { *(.dynstr) } + . = ALIGN(4096); + .ignored.reloc : + { + *(.rela.reloc) + *(.eh_frame) + *(.note.GNU-stack) + } + .comment 0 : { *(.comment) } +}