diff options
| author | Ard Biesheuvel <ardb@kernel.org> | 2025-08-28 12:22:22 +0200 | 
|---|---|---|
| committer | Borislav Petkov (AMD) <bp@alien8.de> | 2025-09-03 18:00:01 +0200 | 
| commit | 7b38dec3c5af54665a4b29483aa02bd1c1e71cf1 (patch) | |
| tree | a20980b779d5b840910a0baeeed65601acf2c334 /rust/helpers/refcount.c | |
| parent | 749627c3980e4421b709857e979e8aa16a4c7147 (diff) | |
x86/boot: Create a confined code area for startup code
In order to be able to have tight control over which code may execute
from the early 1:1 mapping of memory, but still link vmlinux as a single
executable, prefix all symbol references in startup code with __pi_, and
invoke it from outside using the __pi_ prefix.
Use objtool to check that no absolute symbol references are present in
the startup code, as these cannot be used from code running from the 1:1
mapping.
Note that this also requires disabling the latent-entropy GCC plugin, as
the global symbol references that it injects would require explicit
exports, and given that the startup code rarely executes more than once,
it is not a useful source of entropy anyway.
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/20250828102202.1849035-43-ardb+git@google.com
Diffstat (limited to 'rust/helpers/refcount.c')
0 files changed, 0 insertions, 0 deletions
