08.04.2021 19:39:16 Andrew Fish <af...@apple.com>:
> > >> On Apr 8, 2021, at 10:02 AM, Marvin Häuser <mhaeu...@posteo.de> wrote: >> >> On 08.04.21 18:44, Andrew Fish via groups.io wrote: >>> >>> >>>> On Apr 8, 2021, at 9:06 AM, Marvin Häuser <mhaeu...@posteo.de >>>> <mailto:mhaeu...@posteo.de>> wrote: >>>> >>>> We use the loader code in userspace anyway for fuzzing and such. I also >>>> want to build a database of all sorts of UEFI binaries some time before >>>> the merge to confirm they are all accepted (Windows / macOS / Linux >>>> bootloaders, tools like memtest, drivers like iPXE). As part of that, I'm >>>> sure we can have a userspace tool that uses the code to emit parsing >>>> information. >>>> >>>> But as the EDK II build system is very... not so userspace friendly, I >>>> will not promise it will be very nice. :) >>>> >>> >>> Marvin, >>> >>> The BaseTools can easily build C command line tools that are cross platform? >>> >>> Actually GenFw [1] already does a lot of PE/COFF magic, so it should be >>> relatively easy to add a -I, —info, and dump out an overview of a PE/COFF >>> image, and make comments on things that are not secure. It would also >>> probably be useful to dump out information about the Debug Directory >>> entries, His sections, etc. for general debug. >> >> I did not look at the code much, but I do know that BaseTools duplicates the >> PE/COFF code from MdePkg. Whether it was changed or not I cannot tell. >> > > GenFw does the ELF to PE/COFF conversion, zeroing out Debug Directory Entries > etc. so it should be correct. It is not like the PE/COFF spec is a moving > target. PE is not a moving target, but EDK II is. The fact that even old and proven code sometimes needs maintanance is evidental from the proposal and its so far positive feedback. I'm not ready to duplicate code, I'd rather take the utilities out of the current scope and discuss ways to consume MdePkg libraries later. In fact, I want to reduce code duplication as a "free benefit" from the changes, especially image hashing. I know it takes time, but I think it will be worth it. We have been debugging and fuzztesting our EDK II packages in userland for a while, and found it to be a great help. I hope you will agree. :) Best regards, Marvin > > Thanks, > > Andrew Fish > >> Best regards, >> Marvin >> >>> >>> [1] https://github.com/tianocore/edk2/tree/master/BaseTools/Source/C/GenFw >>> <https://github.com/tianocore/edk2/tree/master/BaseTools/Source/C/GenFw> >>> /Volumes/Case/edk2-github(eng/PR-557-XcodeResourceSections)>. edksetup.sh >>> Loading previous configuration from >>> /Volumes/Case/edk2-github/Conf/BuildEnv.sh >>> WORKSPACE: /Volumes/Case/edk2-github >>> EDK_TOOLS_PATH: /Volumes/Case/edk2-github/BaseTools >>> CONF_PATH: /Volumes/Case/edk2-github/Conf >>> /Volumes/Case/edk2-github(eng/PR-557-XcodeResourceSections)>GenFw -h >>> GenFw Version 0.2 Developer Build based on Revision: Unknown >>> >>> Usage: GenFw [options] <input_file> >>> >>> Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved. >>> >>> Options: >>> -o FileName, --outputfile FileName >>> File will be created to store the output content. >>> -e EFI_FILETYPE, --efiImage EFI_FILETYPE >>> Create Efi Image. EFI_FILETYPE is one of >>> BASE,SMM_CORE, >>> PEI_CORE, PEIM, DXE_CORE, DXE_DRIVER, >>> UEFI_APPLICATION, >>> SEC, DXE_SAL_DRIVER, UEFI_DRIVER, >>> DXE_RUNTIME_DRIVER, >>> DXE_SMM_DRIVER, SECURITY_CORE, COMBINED_PEIM_DRIVER, >>> MM_STANDALONE, MM_CORE_STANDALONE, >>> PIC_PEIM, RELOCATABLE_PEIM, BS_DRIVER, RT_DRIVER, >>> APPLICATION, SAL_RT_DRIVER to support all module >>> types >>> It can only be used together with >>> --keepexceptiontable, >>> --keepzeropending, --keepoptionalheader, -r, -o >>> option. >>> It is a action option. If it is combined with other >>> action options, >>> the later input action option will override the >>> previous one. >>> -c, --acpi Create Acpi table. >>> It can't be combined with other action options >>> except for -o, -r option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -t, --terse Create Te Image. >>> It can only be used together with >>> --keepexceptiontable, >>> --keepzeropending, --keepoptionalheader, -r, -o >>> option. >>> It is a action option. If it is combined with other >>> action options, >>> the later input action option will override the >>> previous one. >>> -u, --dump Dump TeImage Header. >>> It can't be combined with other action options >>> except for -o, -r option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -z, --zero Zero the Debug Data Fields in the PE input image >>> file. >>> It also zeros the time stamp fields. >>> This option can be used to compare the binary efi >>> image. >>> It can't be combined with other action options >>> except for -o, -r option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -b, --exe2bin Convert the input EXE to the output BIN file. >>> It can't be combined with other action options >>> except for -o, -r option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -l, --stripped Strip off the relocation info from PE or TE image. >>> It can't be combined with other action options >>> except for -o, -r option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -s timedate, --stamp timedate >>> timedate format is "yyyy-mm-dd 00:00:00". if >>> timedata >>> is set to NOW, current system time is used. The >>> support >>> date scope is 1970-01-01 00+timezone:00:00 >>> ~ 2038-01-19 03+timezone:14:07 >>> The scope is adjusted according to the different >>> zones. >>> It can't be combined with other action options >>> except for -o, -r option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -m, --mcifile Convert input microcode txt file to microcode bin >>> file. >>> It can't be combined with other action options >>> except for -o option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -j, --join Combine multi microcode bin files to one file. >>> It can be specified with -a, -p, -o option. >>> No other options can be combined with it. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -a NUM, --align NUM NUM is one HEX or DEC format alignment value. >>> This option is only used together with -j option. >>> -p NUM, --pad NUM NUM is one HEX or DEC format padding value. >>> This option is only used together with -j option. >>> --keepexceptiontable Don't clear exception table. >>> This option can be used together with -e or -t. >>> It doesn't work for other options. >>> --keepoptionalheader Don't zero PE/COFF optional header fields. >>> This option can be used together with -e or -t. >>> It doesn't work for other options. >>> --keepzeropending Don't strip zero pending of .reloc. >>> This option can be used together with -e or -t. >>> It doesn't work for other options. >>> -r, --replace Overwrite the input file with the output content. >>> If more input files are specified, >>> the last input file will be as the output file. >>> -g HiiPackageListGuid, --hiiguid HiiPackageListGuid >>> Guid is used to specify hii package list guid. >>> Its format is xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx >>> If not specified, the first Form FormSet guid is >>> used. >>> --hiipackage Combine all input binary hii packages into >>> a single package list as the text resource data(RC). >>> It can't be combined with other action options >>> except for -o option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> --hiibinpackage Combine all input binary hii packages into >>> a single package list as the binary resource >>> section. >>> It can't be combined with other action options >>> except for -o option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> --rc FlieName Append a Hii resource section to the >>> last PE/COFF section. The FileName is the resource >>> section to append >>> If FileName does not exist this operation is >>> skipped. This feature is >>> only intended for toolchains, like XCODE, that >>> don't suport $(RC). >>> This option can only be combined with -e >>> --rebase NewAddress Rebase image to new base address. New address >>> is also set to the first none code section header. >>> It can't be combined with other action options >>> except for -o or -r option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> --address NewAddress Set new address into the first none code >>> section header of the input image. >>> It can't be combined with other action options >>> except for -o or -r option. It is a action option. >>> If it is combined with other action options, the >>> later >>> input action option will override the previous one. >>> -v, --verbose Turn on verbose output with informational messages. >>> -q, --quiet Disable all messages except key message and fatal >>> error >>> -d, --debug level Enable debug messages, at input debug level. >>> --version Show program's version number and exit >>> -h, --help Show this help message and exit >>> >>> Thanks, >>> >>> Andrew Fish >>> >>>> Best regards, >>>> Marvin >>>> >>>> On 08.04.21 16:13, Andrew (EFI) Fish wrote: >>>>> At a minimum it would be nice if we had a tool that would point out the >>>>> security faults with a given PE/COFF file layout. >>>>> >>>>> >>>>> >>>>>> … >>>> >>>> >>>> >>> >>> >> -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#73879): https://edk2.groups.io/g/devel/message/73879 Mute This Topic: https://groups.io/mt/81853302/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
