Re: [PATCH v19 1/7] x86/cet/ibt: Update Kconfig for user-mode Indirect Branch Tracking

From: Kees Cook
Date: Thu Feb 04 2021 - 14:51:45 EST

Next message: Kees Cook: "Re: [PATCH v19 2/7] x86/cet/ibt: User-mode Indirect Branch Tracking support"
Previous message: Wei Liu: "Re: [PATCH v6 00/16] Introducing Linux root partition support for Microsoft Hypervisor"
In reply to: Yu-cheng Yu: "[PATCH v19 1/7] x86/cet/ibt: Update Kconfig for user-mode Indirect Branch Tracking"
Next in thread: Yu-cheng Yu: "[PATCH v19 5/7] x86/cet/ibt: Update arch_prctl functions for Indirect Branch Tracking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 03, 2021 at 02:58:56PM -0800, Yu-cheng Yu wrote:
> Indirect branch tracking is a hardware security feature that verifies near
> indirect call/jump instructions arrive at intended targets, which are
> labeled by the compiler with ENDBR opcodes. If such instructions reach
> unlabeled locations, the processor raises control-protection faults.
>
> Check the compiler is up-to-date at config time.
>
> Signed-off-by: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx>

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

--
Kees Cook

Next message: Kees Cook: "Re: [PATCH v19 2/7] x86/cet/ibt: User-mode Indirect Branch Tracking support"
Previous message: Wei Liu: "Re: [PATCH v6 00/16] Introducing Linux root partition support for Microsoft Hypervisor"
In reply to: Yu-cheng Yu: "[PATCH v19 1/7] x86/cet/ibt: Update Kconfig for user-mode Indirect Branch Tracking"
Next in thread: Yu-cheng Yu: "[PATCH v19 5/7] x86/cet/ibt: Update arch_prctl functions for Indirect Branch Tracking"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]