Re: [PATCH v2 33/39] objtool: Add IBT/ENDBR decoding

From: Andrew Cooper
Date: Thu Mar 03 2022 - 06:06:52 EST

Next message: Bharat Kumar Gogada: "ACPI flow for reserved memory"
Previous message: Muhammad Usama Anjum: "[PATCH] selftests/interpreter: fix separate directory build"
In reply to: Miroslav Benes: "Re: [PATCH v2 33/39] objtool: Add IBT/ENDBR decoding"
Next in thread: Miroslav Benes: "Re: [PATCH v2 33/39] objtool: Add IBT/ENDBR decoding"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/03/2022 10:53, Miroslav Benes wrote:
> Hi,
>
> On Thu, 24 Feb 2022, Peter Zijlstra wrote:
>
>> Decode ENDBR instructions and WARN about NOTRACK prefixes.
> I guess it has been already mentioned somewhere, but could you explain
> NOTRACK prefix here, please? If I understand it right, it disables IBT for
> the indirect branch instruction meaning that its target does not have to
> start with ENDBR?

CET-IBT has loads of get-out clauses. The NOTRACK prefix is one; the
legacy code bitmap (implicit NOTRACK for whole libraries) is another.

And yes - the purpose of NOTRACK is to exempt a specific indirect branch
from checks.

GCC can emit NOTRACK'd calls in some cases when e.g. the programmer
launders a function pointer through (void *), or when
__attribute__((no_cf_check)) is used explicitly.

Each of the get-out clauses has separate enable bits, as each of them
reduces security. In this series, Linux sets MSR_S_CET.ENDBR_EN but
specifically does not set NOTRACK_EN, so NOTRACK prefixes will be
ignored and suffer #CP if encountered.

~Andrew

Next message: Bharat Kumar Gogada: "ACPI flow for reserved memory"
Previous message: Muhammad Usama Anjum: "[PATCH] selftests/interpreter: fix separate directory build"
In reply to: Miroslav Benes: "Re: [PATCH v2 33/39] objtool: Add IBT/ENDBR decoding"
Next in thread: Miroslav Benes: "Re: [PATCH v2 33/39] objtool: Add IBT/ENDBR decoding"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]