proxmox-mirrors/efi-boot-shim
1
0
Fork 0
mirror of https://git.proxmox.com/git/efi-boot-shim synced 2025-08-03 17:27:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
16f4f47f5c
efi-boot-shim/elf_ia32_efi.lds
Peter Jones dd70785953 efi bins: add an easy way for vendors to add .sbat data 
In cases where we accept vendor shim binaries with additional patches,
it may become necessary to identify those builds with additional SBAT
data.  When we consider such patches, we should be proactive in asking
vendors to include that data in the .sbat sections of their trusted EFI
binaries.

This patch adds any data in data/sbat.*.csv (after a quick sanitizing
pass) after data/sbat.csv in the .sbat section, so that no changes to
the upstream data/sbat.csv are ever required.

Signed-off-by: Peter Jones <pjones@redhat.com>
2021-02-12 19:27:21 +01:00

93 lines
1.4 KiB
Plaintext
Raw Blame History

OUTPUT_FORMAT("elf32-i386", "elf32-i386", "elf32-i386")
OUTPUT_ARCH(i386)
ENTRY(_start)
SECTIONS
{
. = 0;
ImageBase = .;
.hash : { *(.hash) } /* this MUST come first! */
. = ALIGN(4096);
.text :
{
_text = .;
*(.text)
*(.text.*)
*(.gnu.linkonce.t.*)
_etext = .;
}
.reloc :
{
*(.reloc)
}
. = ALIGN(4096);
.note.gnu.build-id : {
*(.note.gnu.build-id)
}
. = ALIGN(4096);
.data.ident : {
*(.data.ident)
}
. = ALIGN(4096);
.data :
{
_data = .;
*(.rodata*)
*(.data)
*(.data1)
*(.data.*)
*(.sdata)
*(.got.plt)
*(.got)
/* the EFI loader doesn't seem to like a .bss section, so we stick
it all into .data: */
*(.sbss)
*(.scommon)
*(.dynbss)
*(.bss)
*(COMMON)
}
. = ALIGN(4096);
.vendor_cert :
{
*(.vendor_cert)
}
. = ALIGN(4096);
.sbat :
{
_sbat = .;
*(.sbat)
*(.sbat.*)
_esbat = .;
}
. = ALIGN(4096);
.dynamic : { *(.dynamic) }
. = ALIGN(4096);
.rel :
{
*(.rel.data)
*(.rel.data.*)
*(.rel.got)
*(.rel.stab)
*(.data.rel.ro.local)
*(.data.rel.local)
*(.data.rel.ro)
*(.data.rel*)
}
_edata = .;
_data_size = . - _data;
. = ALIGN(4096);
.dynsym : { *(.dynsym) }
. = ALIGN(4096);
.dynstr : { *(.dynstr) }
. = ALIGN(4096);
/DISCARD/ :
{
*(.rel.reloc)
*(.eh_frame)
*(.note.GNU-stack)
}
.comment 0 : { *(.comment) }
}
Reference in New Issue View Git Blame Copy Permalink