On 15.12.2023 12:18, Roger Pau Monne wrote: > Introduce a helper to perform checks related to self modifying code, and start > by creating a simple test to check that alternatives have been applied. > > Such test is hooked into the boot process and called just after alternatives > have been applied. In case of failure a message is printed, and the > hypervisor > is tainted as not having passed the tests, this does require introducing a new > taint bit (printed as 'T'). > > A new sysctl is also introduced to run the tests on demand. While there are > no > current users introduced here, further changes will introduce those, and it's > helpful to have the interface defined in the sysctl header from the start. > > Note the sysctl visibility is not limited to x86, albeit the only > implementation is for x86. It's expected that other architectures can reuse > the same sysctl and structure, with possibly different tests. Leave adjusting > those to when support for a different architecture is introduced, as the > sysctl interface is not stable anyway. > > Signed-off-by: Roger Pau Monné <[email protected]>
Acked-by: Jan Beulich <[email protected]>
