On Mon, 5 Feb 2024 at 15:13, Evgeniy Baskov <baskov@xxxxxxxxx> wrote: > > On 2024-02-05 17:49, Ard Biesheuvel wrote: > > On Mon, 5 Feb 2024 at 14:44, Evgeniy Baskov <baskov@xxxxxxxxx> wrote: > >> > >> Image loaders which check the contiguity of executable images consider > >> sections adjacent in the section table to be adjacent in virtual > >> memory. > >> > >> Sort sections by their RVAs in PE section table. > >> > >> Signed-off-by: Evgeniy Baskov <baskov@xxxxxxxxx> > >> --- > >> arch/x86/boot/header.S | 56 > >> +++++++++++++++++++++--------------------- > >> 1 file changed, 28 insertions(+), 28 deletions(-) > >> > > > > Hi, > > > > I just sent a fix for this issue: > > > > https://lore.kernel.org/linux-efi/20240205081106.2415414-2-ardb+git@xxxxxxxxxx/T/#u > > > > Could you please check whether it works for you as well? > > > > Yes, your patch works fine as well. Thanks! > Thanks for confirming! I tried your patch too, and it makes the signing tools unhappy (see below), so I am going to stick with my version. But thanks for sending a fix in any case. $ sbsign --key ~/sb/PK.key --cert ~/sb/PK.crt arch/x86/boot/bzImage warning: gap in section table: .setup : 0x00001000 - 0x00003a00, .text : 0x00004000 - 0x00d0b000, warning: gap in section table: .data : 0x00d0b000 - 0x00d0c200, .compat : 0x00003a00 - 0x00004000, gaps in the section table may result in different checksums Signing Unsigned original image
