aboutsummaryrefslogtreecommitdiffstats
path: root/src/scripts
Commit message (Collapse)AuthorAgeFilesLines
* [arm] Inhibit linker warnings about an implied executable stackMichael Brown2023-01-231-4/+1
| | | | | | | | | | | Some versions of the 32-bit ARM linker seem to treat the absence of a .note.GNU-stack section as implying an executable stack, and will print a warning that this is deprecated behaviour. Silence the warning by adding a .note.GNU-stack section to each assembly file and retaining the sections in the Linux linker script. Signed-off-by: Michael Brown <mcb30@ipxe.org>
* [linux] Centralise the linker script for Linux binariesMichael Brown2023-01-221-0/+101
| | | | | | | Reduce duplication between i386 and x86_64 by providing a single shared linker script that both architectures can include. Signed-off-by: Michael Brown <mcb30@ipxe.org>
* [efi] Include Secure Boot Advanced Targeting (SBAT) metadatasbatMichael Brown2022-01-131-0/+13
| | | | | | | | | | | | | | | | | SBAT defines an encoding for security generation numbers stored as a CSV file within a special ".sbat" section in the signed binary. If a Secure Boot exploit is discovered then the generation number will be incremented alongside the corresponding fix. Platforms may then record the minimum generation number required for any given product. This allows for an efficient revocation mechanism that consumes minimal flash storage space (in contrast to the DBX mechanism, which allows for only a single-digit number of revocation events to ever take place across all possible signed binaries). Add SBAT metadata to iPXE EFI binaries to support this mechanism. Signed-off-by: Michael Brown <mcb30@ipxe.org>
* [efi] Align EFI image sections by page sizeMarvin Häuser2021-04-101-9/+9
| | | | | | | | | | For optimal memory permission management, PE sections need to be aligned by the platform's minimum page size. Currently, the PE section alignment is fixed to 32 bytes, which is below the typical 4kB page size. Align all sections to 4kB and adjust ELF to PE image conversion accordingly. Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
* [efi] Discard .pci_devlist.* sections for EFI imagesMarvin Häuser2021-04-101-0/+1
| | | | | | | | As per https://github.com/ipxe/ipxe/pull/313#issuecomment-816018398, these sections are not required for EFI execution. Discard them to avoid implementation-defined alignment malforming binaries. Signed-off-by: Marvin Häuser <mhaeuser@posteo.de>
* [efi] Centralise architecture-independent EFI Makefile and linker scriptMichael Brown2016-03-121-0/+110
Signed-off-by: Michael Brown <mcb30@ipxe.org>
generated by cgit (git 2.34.1) at 2025-02-23 18:27:04 +0000