1 // SPDX-License-Identifier: GPL-2.0+
5 * based partly on wine code
7 * Copyright (c) 2016 Alexander Graf
12 #include <efi_loader.h>
16 #include <crypto/pkcs7_parser.h>
17 #include <linux/err.h>
19 const efi_guid_t efi_global_variable_guid = EFI_GLOBAL_VARIABLE_GUID;
20 const efi_guid_t efi_guid_device_path = EFI_DEVICE_PATH_PROTOCOL_GUID;
21 const efi_guid_t efi_guid_loaded_image = EFI_LOADED_IMAGE_PROTOCOL_GUID;
22 const efi_guid_t efi_guid_loaded_image_device_path =
23 EFI_LOADED_IMAGE_DEVICE_PATH_PROTOCOL_GUID;
24 const efi_guid_t efi_simple_file_system_protocol_guid =
25 EFI_SIMPLE_FILE_SYSTEM_PROTOCOL_GUID;
26 const efi_guid_t efi_file_info_guid = EFI_FILE_INFO_GUID;
28 static int machines[] = {
29 #if defined(__aarch64__)
30 IMAGE_FILE_MACHINE_ARM64,
31 #elif defined(__arm__)
32 IMAGE_FILE_MACHINE_ARM,
33 IMAGE_FILE_MACHINE_THUMB,
34 IMAGE_FILE_MACHINE_ARMNT,
37 #if defined(__x86_64__)
38 IMAGE_FILE_MACHINE_AMD64,
39 #elif defined(__i386__)
40 IMAGE_FILE_MACHINE_I386,
43 #if defined(__riscv) && (__riscv_xlen == 32)
44 IMAGE_FILE_MACHINE_RISCV32,
47 #if defined(__riscv) && (__riscv_xlen == 64)
48 IMAGE_FILE_MACHINE_RISCV64,
53 * efi_print_image_info() - print information about a loaded image
55 * If the program counter is located within the image the offset to the base
59 * @image: loaded image
60 * @pc: program counter (use NULL to suppress offset output)
63 static efi_status_t efi_print_image_info(struct efi_loaded_image_obj *obj,
64 struct efi_loaded_image *image,
68 printf(" [0x%p:0x%p]",
69 image->image_base, image->image_base + image->image_size - 1);
70 if (pc && pc >= image->image_base &&
71 pc < image->image_base + image->image_size)
72 printf(" pc=0x%zx", pc - image->image_base);
74 printf(" '%pD'", image->file_path);
80 * efi_print_image_infos() - print information about all loaded images
82 * @pc: program counter (use NULL to suppress offset output)
84 void efi_print_image_infos(void *pc)
86 struct efi_object *efiobj;
87 struct efi_handler *handler;
89 list_for_each_entry(efiobj, &efi_obj_list, link) {
90 list_for_each_entry(handler, &efiobj->protocols, link) {
91 if (!guidcmp(handler->guid, &efi_guid_loaded_image)) {
93 (struct efi_loaded_image_obj *)efiobj,
94 handler->protocol_interface, pc);
101 * efi_loader_relocate() - relocate UEFI binary
103 * @rel: pointer to the relocation table
104 * @rel_size: size of the relocation table in bytes
105 * @efi_reloc: actual load address of the image
106 * @pref_address: preferred load address of the image
107 * Return: status code
109 static efi_status_t efi_loader_relocate(const IMAGE_BASE_RELOCATION *rel,
110 unsigned long rel_size, void *efi_reloc,
111 unsigned long pref_address)
113 unsigned long delta = (unsigned long)efi_reloc - pref_address;
114 const IMAGE_BASE_RELOCATION *end;
120 end = (const IMAGE_BASE_RELOCATION *)((const char *)rel + rel_size);
121 while (rel < end && rel->SizeOfBlock) {
122 const uint16_t *relocs = (const uint16_t *)(rel + 1);
123 i = (rel->SizeOfBlock - sizeof(*rel)) / sizeof(uint16_t);
125 uint32_t offset = (uint32_t)(*relocs & 0xfff) +
127 int type = *relocs >> EFI_PAGE_SHIFT;
128 uint64_t *x64 = efi_reloc + offset;
129 uint32_t *x32 = efi_reloc + offset;
130 uint16_t *x16 = efi_reloc + offset;
133 case IMAGE_REL_BASED_ABSOLUTE:
135 case IMAGE_REL_BASED_HIGH:
136 *x16 += ((uint32_t)delta) >> 16;
138 case IMAGE_REL_BASED_LOW:
139 *x16 += (uint16_t)delta;
141 case IMAGE_REL_BASED_HIGHLOW:
142 *x32 += (uint32_t)delta;
144 case IMAGE_REL_BASED_DIR64:
145 *x64 += (uint64_t)delta;
148 case IMAGE_REL_BASED_RISCV_HI20:
149 *x32 = ((*x32 & 0xfffff000) + (uint32_t)delta) |
152 case IMAGE_REL_BASED_RISCV_LOW12I:
153 case IMAGE_REL_BASED_RISCV_LOW12S:
154 /* We know that we're 4k aligned */
156 printf("Unsupported reloc offset\n");
157 return EFI_LOAD_ERROR;
162 printf("Unknown Relocation off %x type %x\n",
164 return EFI_LOAD_ERROR;
168 rel = (const IMAGE_BASE_RELOCATION *)relocs;
173 void __weak invalidate_icache_all(void)
175 /* If the system doesn't support icache_all flush, cross our fingers */
179 * efi_set_code_and_data_type() - determine the memory types to be used for code
182 * @loaded_image_info: image descriptor
183 * @image_type: field Subsystem of the optional header for
184 * Windows specific field
186 static void efi_set_code_and_data_type(
187 struct efi_loaded_image *loaded_image_info,
190 switch (image_type) {
191 case IMAGE_SUBSYSTEM_EFI_APPLICATION:
192 loaded_image_info->image_code_type = EFI_LOADER_CODE;
193 loaded_image_info->image_data_type = EFI_LOADER_DATA;
195 case IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER:
196 loaded_image_info->image_code_type = EFI_BOOT_SERVICES_CODE;
197 loaded_image_info->image_data_type = EFI_BOOT_SERVICES_DATA;
199 case IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER:
200 case IMAGE_SUBSYSTEM_EFI_ROM:
201 loaded_image_info->image_code_type = EFI_RUNTIME_SERVICES_CODE;
202 loaded_image_info->image_data_type = EFI_RUNTIME_SERVICES_DATA;
205 printf("%s: invalid image type: %u\n", __func__, image_type);
206 /* Let's assume it is an application */
207 loaded_image_info->image_code_type = EFI_LOADER_CODE;
208 loaded_image_info->image_data_type = EFI_LOADER_DATA;
213 #ifdef CONFIG_EFI_SECURE_BOOT
215 * cmp_pe_section() - compare virtual addresses of two PE image sections
216 * @arg1: pointer to pointer to first section header
217 * @arg2: pointer to pointer to second section header
219 * Compare the virtual addresses of two sections of an portable executable.
220 * The arguments are defined as const void * to allow usage with qsort().
222 * Return: -1 if the virtual address of arg1 is less than that of arg2,
223 * 0 if the virtual addresses are equal, 1 if the virtual address
224 * of arg1 is greater than that of arg2.
226 static int cmp_pe_section(const void *arg1, const void *arg2)
228 const IMAGE_SECTION_HEADER *section1, *section2;
230 section1 = *((const IMAGE_SECTION_HEADER **)arg1);
231 section2 = *((const IMAGE_SECTION_HEADER **)arg2);
233 if (section1->VirtualAddress < section2->VirtualAddress)
235 else if (section1->VirtualAddress == section2->VirtualAddress)
242 * efi_image_parse() - parse a PE image
243 * @efi: Pointer to image
245 * @regp: Pointer to a list of regions
246 * @auth: Pointer to a pointer to authentication data in PE
247 * @auth_len: Size of @auth
249 * Parse image binary in PE32(+) format, assuming that sanity of PE image
250 * has been checked by a caller.
251 * On success, an address of authentication data in @efi and its size will
252 * be returned in @auth and @auth_len, respectively.
254 * Return: true on success, false on error
256 bool efi_image_parse(void *efi, size_t len, struct efi_image_regions **regp,
257 WIN_CERTIFICATE **auth, size_t *auth_len)
259 struct efi_image_regions *regs;
260 IMAGE_DOS_HEADER *dos;
261 IMAGE_NT_HEADERS32 *nt;
262 IMAGE_SECTION_HEADER *sections, **sorted;
263 int num_regions, num_sections, i;
264 int ctidx = IMAGE_DIRECTORY_ENTRY_SECURITY;
265 u32 align, size, authsz, authoff;
269 nt = (void *)(efi + dos->e_lfanew);
272 * Count maximum number of regions to be digested.
273 * We don't have to have an exact number here.
274 * See efi_image_region_add()'s in parsing below.
276 num_regions = 3; /* for header */
277 num_regions += nt->FileHeader.NumberOfSections;
278 num_regions++; /* for extra */
280 regs = calloc(sizeof(*regs) + sizeof(struct image_region) * num_regions,
284 regs->max = num_regions;
287 * Collect data regions for hash calculation
290 if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
291 IMAGE_NT_HEADERS64 *nt64 = (void *)nt;
292 IMAGE_OPTIONAL_HEADER64 *opt = &nt64->OptionalHeader;
295 efi_image_region_add(regs, efi, &opt->CheckSum, 0);
296 if (nt64->OptionalHeader.NumberOfRvaAndSizes <= ctidx) {
297 efi_image_region_add(regs,
299 efi + opt->SizeOfHeaders, 0);
301 /* Skip Certificates Table */
302 efi_image_region_add(regs,
304 &opt->DataDirectory[ctidx], 0);
305 efi_image_region_add(regs,
306 &opt->DataDirectory[ctidx] + 1,
307 efi + opt->SizeOfHeaders, 0);
310 bytes_hashed = opt->SizeOfHeaders;
311 align = opt->FileAlignment;
312 authoff = opt->DataDirectory[ctidx].VirtualAddress;
313 authsz = opt->DataDirectory[ctidx].Size;
314 } else if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
315 IMAGE_OPTIONAL_HEADER32 *opt = &nt->OptionalHeader;
317 efi_image_region_add(regs, efi, &opt->CheckSum, 0);
318 efi_image_region_add(regs, &opt->Subsystem,
319 &opt->DataDirectory[ctidx], 0);
320 efi_image_region_add(regs, &opt->DataDirectory[ctidx] + 1,
321 efi + opt->SizeOfHeaders, 0);
323 bytes_hashed = opt->SizeOfHeaders;
324 align = opt->FileAlignment;
325 authoff = opt->DataDirectory[ctidx].VirtualAddress;
326 authsz = opt->DataDirectory[ctidx].Size;
328 EFI_PRINT("%s: Invalid optional header magic %x\n", __func__,
329 nt->OptionalHeader.Magic);
334 num_sections = nt->FileHeader.NumberOfSections;
335 sections = (void *)((uint8_t *)&nt->OptionalHeader +
336 nt->FileHeader.SizeOfOptionalHeader);
337 sorted = calloc(sizeof(IMAGE_SECTION_HEADER *), num_sections);
339 EFI_PRINT("%s: Out of memory\n", __func__);
344 * Make sure the section list is in ascending order.
346 for (i = 0; i < num_sections; i++)
347 sorted[i] = §ions[i];
348 qsort(sorted, num_sections, sizeof(sorted[0]), cmp_pe_section);
350 for (i = 0; i < num_sections; i++) {
351 if (!sorted[i]->SizeOfRawData)
354 size = (sorted[i]->SizeOfRawData + align - 1) & ~(align - 1);
355 efi_image_region_add(regs, efi + sorted[i]->PointerToRawData,
356 efi + sorted[i]->PointerToRawData + size,
358 EFI_PRINT("section[%d](%s): raw: 0x%x-0x%x, virt: %x-%x\n",
360 sorted[i]->PointerToRawData,
361 sorted[i]->PointerToRawData + size,
362 sorted[i]->VirtualAddress,
363 sorted[i]->VirtualAddress
364 + sorted[i]->Misc.VirtualSize);
366 bytes_hashed += size;
370 /* 3. Extra data excluding Certificates Table */
371 if (bytes_hashed + authsz < len) {
372 EFI_PRINT("extra data for hash: %lu\n",
373 len - (bytes_hashed + authsz));
374 efi_image_region_add(regs, efi + bytes_hashed,
375 efi + len - authsz, 0);
378 /* Return Certificates Table */
380 if (len < authoff + authsz) {
381 EFI_PRINT("%s: Size for auth too large: %u >= %zu\n",
382 __func__, authsz, len - authoff);
385 if (authsz < sizeof(*auth)) {
386 EFI_PRINT("%s: Size for auth too small: %u < %zu\n",
387 __func__, authsz, sizeof(*auth));
390 *auth = efi + authoff;
392 EFI_PRINT("WIN_CERTIFICATE: 0x%x, size: 0x%x\n", authoff,
410 * efi_image_unsigned_authenticate() - authenticate unsigned image with
412 * @regs: List of regions to be verified
414 * If an image is not signed, it doesn't have a signature. In this case,
415 * its message digest is calculated and it will be compared with one of
416 * hash values stored in signature databases.
418 * Return: true if authenticated, false if not
420 static bool efi_image_unsigned_authenticate(struct efi_image_regions *regs)
422 struct efi_signature_store *db = NULL, *dbx = NULL;
425 dbx = efi_sigstore_parse_sigdb(L"dbx");
427 EFI_PRINT("Getting signature database(dbx) failed\n");
431 db = efi_sigstore_parse_sigdb(L"db");
433 EFI_PRINT("Getting signature database(db) failed\n");
437 /* try black-list first */
438 if (efi_signature_verify_with_sigdb(regs, NULL, dbx, NULL)) {
439 EFI_PRINT("Image is not signed and rejected by \"dbx\"\n");
444 if (efi_signature_verify_with_sigdb(regs, NULL, db, NULL))
447 EFI_PRINT("Image is not signed and not found in \"db\" or \"dbx\"\n");
450 efi_sigstore_free(db);
451 efi_sigstore_free(dbx);
457 * efi_image_authenticate() - verify a signature of signed image
458 * @efi: Pointer to image
459 * @efi_size: Size of @efi
461 * A signed image should have its signature stored in a table of its PE header.
462 * So if an image is signed and only if if its signature is verified using
463 * signature databases, an image is authenticated.
464 * If an image is not signed, its validity is checked by using
465 * efi_image_unsigned_authenticated().
467 * When AuditMode==0, if the image's signature is not found in
468 * the authorized database, or is found in the forbidden database,
469 * the image will not be started and instead, information about it
470 * will be placed in this table.
471 * When AuditMode==1, an EFI_IMAGE_EXECUTION_INFO element is created
472 * in the EFI_IMAGE_EXECUTION_INFO_TABLE for every certificate found
473 * in the certificate table of every image that is validated.
475 * Return: true if authenticated, false if not
477 static bool efi_image_authenticate(void *efi, size_t efi_size)
479 struct efi_image_regions *regs = NULL;
480 WIN_CERTIFICATE *wincerts = NULL, *wincert;
482 struct pkcs7_message *msg = NULL;
483 struct efi_signature_store *db = NULL, *dbx = NULL;
484 struct x509_certificate *cert = NULL;
485 void *new_efi = NULL;
486 u8 *auth, *wincerts_end;
487 size_t new_efi_size, auth_size;
490 if (!efi_secure_boot_enabled())
494 * Size must be 8-byte aligned and the trailing bytes must be
495 * zero'ed. Otherwise hash value may be incorrect.
497 if (efi_size & 0x7) {
498 new_efi_size = (efi_size + 0x7) & ~0x7ULL;
499 new_efi = calloc(new_efi_size, 1);
502 memcpy(new_efi, efi, efi_size);
504 efi_size = new_efi_size;
507 if (!efi_image_parse(efi, efi_size, ®s, &wincerts,
509 EFI_PRINT("Parsing PE executable image failed\n");
514 /* The image is not signed */
515 ret = efi_image_unsigned_authenticate(regs);
521 * verify signature using db and dbx
523 db = efi_sigstore_parse_sigdb(L"db");
525 EFI_PRINT("Getting signature database(db) failed\n");
529 dbx = efi_sigstore_parse_sigdb(L"dbx");
531 EFI_PRINT("Getting signature database(dbx) failed\n");
535 /* go through WIN_CERTIFICATE list */
536 for (wincert = wincerts, wincerts_end = (u8 *)wincerts + wincerts_len;
537 (u8 *)wincert < wincerts_end;
538 wincert = (WIN_CERTIFICATE *)
539 ((u8 *)wincert + ALIGN(wincert->dwLength, 8))) {
540 if ((u8 *)wincert + sizeof(*wincert) >= wincerts_end)
543 if (wincert->dwLength <= sizeof(*wincert)) {
544 EFI_PRINT("dwLength too small: %u < %zu\n",
545 wincert->dwLength, sizeof(*wincert));
549 EFI_PRINT("WIN_CERTIFICATE_TYPE: 0x%x\n",
550 wincert->wCertificateType);
552 auth = (u8 *)wincert + sizeof(*wincert);
553 auth_size = wincert->dwLength - sizeof(*wincert);
554 if (wincert->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {
555 if (auth + sizeof(efi_guid_t) >= wincerts_end)
558 if (auth_size <= sizeof(efi_guid_t)) {
559 EFI_PRINT("dwLength too small: %u < %zu\n",
560 wincert->dwLength, sizeof(*wincert));
563 if (guidcmp(auth, &efi_guid_cert_type_pkcs7)) {
564 EFI_PRINT("Certificate type not supported: %pUl\n",
569 auth += sizeof(efi_guid_t);
570 auth_size -= sizeof(efi_guid_t);
571 } else if (wincert->wCertificateType
572 != WIN_CERT_TYPE_PKCS_SIGNED_DATA) {
573 EFI_PRINT("Certificate type not supported\n");
577 msg = pkcs7_parse_message(auth, auth_size);
579 EFI_PRINT("Parsing image's signature failed\n");
584 /* try black-list first */
585 if (efi_signature_verify_with_sigdb(regs, msg, dbx, NULL)) {
586 EFI_PRINT("Signature was rejected by \"dbx\"\n");
590 if (!efi_signature_verify_signers(msg, dbx)) {
591 EFI_PRINT("Signer was rejected by \"dbx\"\n");
598 if (!efi_signature_verify_with_sigdb(regs, msg, db, &cert)) {
599 EFI_PRINT("Verifying signature with \"db\" failed\n");
605 if (!efi_signature_verify_cert(cert, dbx)) {
606 EFI_PRINT("Certificate was rejected by \"dbx\"\n");
614 x509_free_certificate(cert);
615 efi_sigstore_free(db);
616 efi_sigstore_free(dbx);
617 pkcs7_free_message(msg);
624 static bool efi_image_authenticate(void *efi, size_t efi_size)
628 #endif /* CONFIG_EFI_SECURE_BOOT */
631 * efi_load_pe() - relocate EFI binary
633 * This function loads all sections from a PE binary into a newly reserved
634 * piece of memory. On success the entry point is returned as handle->entry.
636 * @handle: loaded image handle
637 * @efi: pointer to the EFI binary
638 * @efi_size: size of @efi binary
639 * @loaded_image_info: loaded image protocol
640 * Return: status code
642 efi_status_t efi_load_pe(struct efi_loaded_image_obj *handle,
643 void *efi, size_t efi_size,
644 struct efi_loaded_image *loaded_image_info)
646 IMAGE_NT_HEADERS32 *nt;
647 IMAGE_DOS_HEADER *dos;
648 IMAGE_SECTION_HEADER *sections;
652 const IMAGE_BASE_RELOCATION *rel;
653 unsigned long rel_size;
654 int rel_idx = IMAGE_DIRECTORY_ENTRY_BASERELOC;
656 unsigned long virt_size = 0;
660 /* Sanity check for a file header */
661 if (efi_size < sizeof(*dos)) {
662 printf("%s: Truncated DOS Header\n", __func__);
663 ret = EFI_LOAD_ERROR;
668 if (dos->e_magic != IMAGE_DOS_SIGNATURE) {
669 printf("%s: Invalid DOS Signature\n", __func__);
670 ret = EFI_LOAD_ERROR;
675 * Check if the image section header fits into the file. Knowing that at
676 * least one section header follows we only need to check for the length
677 * of the 64bit header which is longer than the 32bit header.
679 if (efi_size < dos->e_lfanew + sizeof(IMAGE_NT_HEADERS64)) {
680 printf("%s: Invalid offset for Extended Header\n", __func__);
681 ret = EFI_LOAD_ERROR;
685 nt = (void *) ((char *)efi + dos->e_lfanew);
686 if (nt->Signature != IMAGE_NT_SIGNATURE) {
687 printf("%s: Invalid NT Signature\n", __func__);
688 ret = EFI_LOAD_ERROR;
692 for (i = 0; machines[i]; i++)
693 if (machines[i] == nt->FileHeader.Machine) {
699 printf("%s: Machine type 0x%04x is not supported\n",
700 __func__, nt->FileHeader.Machine);
701 ret = EFI_LOAD_ERROR;
705 num_sections = nt->FileHeader.NumberOfSections;
706 sections = (void *)&nt->OptionalHeader +
707 nt->FileHeader.SizeOfOptionalHeader;
709 if (efi_size < ((void *)sections + sizeof(sections[0]) * num_sections
711 printf("%s: Invalid number of sections: %d\n",
712 __func__, num_sections);
713 ret = EFI_LOAD_ERROR;
717 /* Authenticate an image */
718 if (efi_image_authenticate(efi, efi_size))
719 handle->auth_status = EFI_IMAGE_AUTH_PASSED;
721 handle->auth_status = EFI_IMAGE_AUTH_FAILED;
723 /* Calculate upper virtual address boundary */
724 for (i = num_sections - 1; i >= 0; i--) {
725 IMAGE_SECTION_HEADER *sec = §ions[i];
726 virt_size = max_t(unsigned long, virt_size,
727 sec->VirtualAddress + sec->Misc.VirtualSize);
730 /* Read 32/64bit specific header bits */
731 if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
732 IMAGE_NT_HEADERS64 *nt64 = (void *)nt;
733 IMAGE_OPTIONAL_HEADER64 *opt = &nt64->OptionalHeader;
734 image_base = opt->ImageBase;
735 efi_set_code_and_data_type(loaded_image_info, opt->Subsystem);
736 handle->image_type = opt->Subsystem;
737 efi_reloc = efi_alloc(virt_size,
738 loaded_image_info->image_code_type);
740 printf("%s: Could not allocate %lu bytes\n",
741 __func__, virt_size);
742 ret = EFI_OUT_OF_RESOURCES;
745 handle->entry = efi_reloc + opt->AddressOfEntryPoint;
746 rel_size = opt->DataDirectory[rel_idx].Size;
747 rel = efi_reloc + opt->DataDirectory[rel_idx].VirtualAddress;
748 virt_size = ALIGN(virt_size, opt->SectionAlignment);
749 } else if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
750 IMAGE_OPTIONAL_HEADER32 *opt = &nt->OptionalHeader;
751 image_base = opt->ImageBase;
752 efi_set_code_and_data_type(loaded_image_info, opt->Subsystem);
753 handle->image_type = opt->Subsystem;
754 efi_reloc = efi_alloc(virt_size,
755 loaded_image_info->image_code_type);
757 printf("%s: Could not allocate %lu bytes\n",
758 __func__, virt_size);
759 ret = EFI_OUT_OF_RESOURCES;
762 handle->entry = efi_reloc + opt->AddressOfEntryPoint;
763 rel_size = opt->DataDirectory[rel_idx].Size;
764 rel = efi_reloc + opt->DataDirectory[rel_idx].VirtualAddress;
765 virt_size = ALIGN(virt_size, opt->SectionAlignment);
767 printf("%s: Invalid optional header magic %x\n", __func__,
768 nt->OptionalHeader.Magic);
769 ret = EFI_LOAD_ERROR;
773 /* Copy PE headers */
774 memcpy(efi_reloc, efi,
777 + nt->FileHeader.SizeOfOptionalHeader
778 + num_sections * sizeof(IMAGE_SECTION_HEADER));
780 /* Load sections into RAM */
781 for (i = num_sections - 1; i >= 0; i--) {
782 IMAGE_SECTION_HEADER *sec = §ions[i];
783 memset(efi_reloc + sec->VirtualAddress, 0,
784 sec->Misc.VirtualSize);
785 memcpy(efi_reloc + sec->VirtualAddress,
786 efi + sec->PointerToRawData,
790 /* Run through relocations */
791 if (efi_loader_relocate(rel, rel_size, efi_reloc,
792 (unsigned long)image_base) != EFI_SUCCESS) {
793 efi_free_pages((uintptr_t) efi_reloc,
794 (virt_size + EFI_PAGE_MASK) >> EFI_PAGE_SHIFT);
795 ret = EFI_LOAD_ERROR;
800 flush_cache((ulong)efi_reloc,
801 ALIGN(virt_size, EFI_CACHELINE_SIZE));
802 invalidate_icache_all();
804 /* Populate the loaded image interface bits */
805 loaded_image_info->image_base = efi_reloc;
806 loaded_image_info->image_size = virt_size;
808 if (handle->auth_status == EFI_IMAGE_AUTH_PASSED)
811 return EFI_SECURITY_VIOLATION;