rpms / fwupd

Clone
Source Code
GIT

Blame SOURCES/0001-generate_binary-Add-NX-COMPAT-flag-manually-when-gen.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c9-beta
  2.   SOURCES
  3.   0001-generate_binary-Add-NX-COMPAT-flag-manually-when-gen.patch
Blob History Raw
df6117 
From cfd61f6958a46d5e9687f87caf04c94680382a9f Mon Sep 17 00:00:00 2001
df6117 
From: Nicolas Frayer <nfrayer@redhat.com>
df6117 
Date: Wed, 1 Feb 2023 12:13:45 +0100
df6117 
Subject: [PATCH] generate_binary: Add NX COMPAT flag manually when genpeimg
df6117 
 missing
df6117
df6117 
When genpeimg or python3-pefile is missing, add the NX COMPAT flag
df6117 
manually by setting bit8 of the DllCharacteristics in the optional
df6117 
header, clear the TimeDateStamp and update the checksum.
df6117 
---
df6117 
 efi/generate_binary.py | 50 ++++++++++++++++++++++++++++++++++++++++--
df6117 
 1 file changed, 48 insertions(+), 2 deletions(-)
df6117
df6117 
diff --git a/efi/generate_binary.py b/efi/generate_binary.py
df6117 
index 7b802e7..10ab0b3 100755
df6117 
--- a/efi/generate_binary.py
df6117 
+++ b/efi/generate_binary.py
df6117 
@@ -10,6 +10,13 @@
df6117 
 import subprocess
df6117 
 import sys
df6117 
 import argparse
df6117 
+import os
df6117 
+import struct
df6117 
+
df6117 
+COFF_HDR_OFFSET = 0x80
df6117 
+OPTIONALHDR_CHECKSUM = COFF_HDR_OFFSET + 0x58
df6117 
+OPTIONALHDR_DLLCHARACTERISTICS = COFF_HDR_OFFSET + 0x5E
df6117 
+PEHEADER_TIMEDATASTAMP = COFF_HDR_OFFSET + 0x8
df6117
df6117
df6117 
 def _run_objcopy(args):
df6117 
@@ -66,6 +73,27 @@ def _run_genpeimg(args):
df6117 
         sys.exit(1)
df6117
df6117
df6117 
+def generate_checksum(data):
df6117 
+    checksum_offset: int = OPTIONALHDR_CHECKSUM
df6117 
+    checksum: int = 0
df6117 
+    remainder: int = len(data) % 4
df6117 
+    data_len: int = len(data) + ((4 - remainder) * (remainder != 0))
df6117 
+    for i in range(int(data_len / 4)):
df6117 
+        if i == int(checksum_offset / 4):
df6117 
+            continue
df6117 
+        if i + 1 == (int(data_len / 4)) and remainder:
df6117 
+            dword = struct.unpack("I", data[i * 4 :] + (b"\0" * (4 - remainder)))[0]
df6117 
+        else:
df6117 
+            dword = struct.unpack("I", data[i * 4 : i * 4 + 4])[0]
df6117 
+        checksum += dword
df6117 
+        if checksum >= 2**32:
df6117 
+            checksum = (checksum & 0xFFFFFFFF) + (checksum >> 32)
df6117 
+    checksum = (checksum & 0xFFFF) + (checksum >> 16)
df6117 
+    checksum = checksum + (checksum >> 16)
df6117 
+    checksum = checksum & 0xFFFF
df6117 
+    return checksum + len(data)
df6117 
+
df6117 
+
df6117 
 def _add_nx_pefile(args):
df6117 
     # unnecessary if we have genpeimg
df6117 
     if args.genpeimg:
df6117 
@@ -73,8 +101,26 @@ def _add_nx_pefile(args):
df6117 
     try:
df6117 
         import pefile
df6117 
     except ImportError:
df6117 
-        print("Unable to add NX support to binaries without genpeimg or python3-pefile")
df6117 
-        sys.exit(1)
df6117 
+        print("Adding NX support manually to the binary")
df6117 
+        with open(args.outfile, "r+b") as fh:
df6117 
+            buf = bytearray(fh.read(os.path.getsize(args.outfile)))
df6117 
+            fh.seek(0)
df6117 
+            DllCharacteristics = struct.unpack_from(
df6117 
+                "
df6117 
+            )[0]
df6117 
+            DllCharacteristics |= 0x100
df6117 
+            struct.pack_into(
df6117 
+                "
df6117 
+            )
df6117 
+
df6117 
+            # set the timestamp to 0
df6117 
+            struct.pack_into("
df6117 
+
df6117 
+            # as we have set the NX COMPAT bit, regenerate the checksum
df6117 
+            struct.pack_into("
df6117 
+            fh.write(buf)
df6117 
+
df6117 
+        return
df6117
df6117 
     pe = pefile.PE(args.outfile)
df6117 
     pe.OPTIONAL_HEADER.DllCharacteristics |= pefile.DLL_CHARACTERISTICS[
df6117 
--
df6117 
2.39.1
df6117

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation