[kernel] Update kernel binary's header structure

The kernel's file header has not been verified for a long time. This change returns file verification to the bootloader to make sure the ELF loaded in position 0 is actually the kernel.
2021-05-28 14:44:13 -07:00
parent 910fde3b2c
commit 9fbbd8b954
6 changed files with 78 additions and 17 deletions
--- a/src/boot/loader.cpp
+++ b/src/boot/loader.cpp
@@ -113,5 +113,29 @@ load_program(
 	program.entrypoint = header->entrypoint;
 }

+void
+verify_kernel_header(
+	init::program &program,
+	uefi::boot_services *bs)
+{
+	status_line status(L"Verifying kernel header");
+
+    const init::header *header =
+        reinterpret_cast<const init::header *>(program.sections[0].phys_addr);
+
+    if (header->magic != init::header_magic)
+        error::raise(uefi::status::load_error, L"Bad kernel magic number");
+
+    if (header->length < sizeof(init::header))
+        error::raise(uefi::status::load_error, L"Bad kernel header length");
+
+    if (header->version < init::min_header_version)
+        error::raise(uefi::status::unsupported, L"Kernel header version not supported");
+
+	console::print(L"    Loaded kernel vserion: %d.%d.%d %lx\r\n",
+            header->version_major, header->version_minor, header->version_patch,
+            header->version_gitsha);
+}
+
 } // namespace loader
 } // namespace boot
--- a/src/boot/loader.h
+++ b/src/boot/loader.h
@@ -38,5 +38,13 @@ load_program(
 	buffer data,
 	uefi::boot_services *bs);

+/// Verify that a loaded ELF has the j6 kernel header
+/// \arg program  The program to check for a header
+/// \arg bs       Boot services
+void
+verify_kernel_header(
+	kernel::init::program &program,
+	uefi::boot_services *bs);
+
 } // namespace loader
 } // namespace boot
--- a/src/boot/main.cpp
+++ b/src/boot/main.cpp
@@ -134,8 +134,8 @@ uefi_preboot(uefi::handle image, uefi::system_table *st)
 	init::args *args =
 		allocate_args_structure(bs, max_modules, max_programs);

-	args->magic = init::magic;
-	args->version = init::version;
+	args->magic = init::args_magic;
+	args->version = init::args_version;
 	args->runtime_services = rs;
 	args->acpi_table = hw::find_acpi_table(st);
 	paging::allocate_tables(args, bs);
@@ -154,6 +154,9 @@ uefi_preboot(uefi::handle image, uefi::system_table *st)
 		loader::load_program(program, desc.name, buf, bs);
 	}

+    // First program *must* be the kernel
+    loader::verify_kernel_header(args->programs[0], bs);
+
 	return args;
 }

@@ -196,8 +199,8 @@ efi_main(uefi::handle image, uefi::system_table *st)

 	memory::fix_frame_blocks(args);

-	kernel::entrypoint kentry =
-		reinterpret_cast<kernel::entrypoint>(kernel.entrypoint);
+	init::entrypoint kentry =
+		reinterpret_cast<init::entrypoint>(kernel.entrypoint);
 	status.next();

 	hw::setup_control_regs();