Re: [PATCH v8 01/27] Documentation/x86: Add CET description

From: Florian Weimer
Date: Wed Aug 14 2019 - 04:08:00 EST

Next message: Sylvester Fred: "Dear,"
Previous message: Dave Chinner: "Re: [RFC PATCH v2 01/19] fs/locks: Export F_LAYOUT lease to user space"
In reply to: Yu-cheng Yu: "[PATCH v8 01/27] Documentation/x86: Add CET description"
Next in thread: Yu-cheng Yu: "Re: [PATCH v8 01/27] Documentation/x86: Add CET description"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Yu-cheng Yu:

> +ENDBR
> + The compiler inserts an ENDBR at all valid branch targets. Any
> + CALL/JMP to a target without an ENDBR triggers a control
> + protection fault.

Is this really correct? I think ENDBR is needed only for indirect
branch targets where the jump/call does not have a NOTRACK prefix. In
general, for security hardening, it seems best to minimize the number of
ENDBR instructions, and use NOTRACK for indirect jumps which derive the
branch target address from information that cannot be modified.

Thanks,
Florian

Next message: Sylvester Fred: "Dear,"
Previous message: Dave Chinner: "Re: [RFC PATCH v2 01/19] fs/locks: Export F_LAYOUT lease to user space"
In reply to: Yu-cheng Yu: "[PATCH v8 01/27] Documentation/x86: Add CET description"
Next in thread: Yu-cheng Yu: "Re: [PATCH v8 01/27] Documentation/x86: Add CET description"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]