https://gcc.gnu.org/bugzilla/show_bug.cgi?id=104816
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |WAITING
--- Comment #8 from H.J. Lu <hjl.tools at gmail dot com> ---
(In reply to Joao Moreira from comment #0)
> When -fcf-protection=branch is used, the compiler will generate jump tables
> where the indirect jump is prefixed with the NOTRACK prefix, so it can jump
> to non-ENDBR targets. Yet, for NOTRACK prefixes to work, the NOTRACK
> specific enable bit must be set, what renders the binary broken on any
> environment where this is not the case. In fact, having NOTRACK disabled was
> a design choice for the Linux kernel CET support
> [https://lkml.org/lkml/2022/3/7/1068].
>
> With the above, the compiler should generate jump tables with ENDBRs, for
> proper correctness. And, if security regarding the additional ENDBRs is a
> concern, the code can be explicitly compiled with -fno-jump-tables.
There is an undocumented option: -mcet-switch. It does exactly what you
are looking for. Currently it is off by default. We can document it
and turn it on by default.
