While the global config CONFIG_ZERO_CALL_USED_REGS can be used to enable wiping everywhere, we should explicitly add the call-used-regs wiping attribute, and add markings to various security boundary interfaces where we might expect potential side-channel leakage having an impact on potential speculation gadgets, etc.
[ ] add __zero_regs macro for __attribute__((zero-call-used-regs=used-gprs
[ ] identify explicit security boundary or large leaf functions to gain this attribute
While the global config
CONFIG_ZERO_CALL_USED_REGScan be used to enable wiping everywhere, we should explicitly add the call-used-regs wiping attribute, and add markings to various security boundary interfaces where we might expect potential side-channel leakage having an impact on potential speculation gadgets, etc.__zero_regsmacro for__attribute__((zero-call-used-regs=used-gprs