On Sun, Feb 07, 2021 at 10:15:49AM -0800, Linus Torvalds wrote: > On Sun, Feb 7, 2021 at 9:58 AM Borislav Petkov <b...@suse.de> wrote: > > > > It probably is an item on some Intel manager's to-enable list. So far, > > the CET enablement concentrates only on userspace but dhansen might know > > more about future plans. CCed. > > I think the new Ryzen 5000 series also supports CET, but I don't have > any machines to check. > > Hopefully somebody ends up with hardware that supports it and a urge > to try to make it work in kernel land too. > > I do suspect involved people should start thinking about how they want > to deal with functions starting with > > endbr64 > call __fentry__ > > instead of the call being at the very top of the function.
FWIW, objtool's already fine with it (otherwise we would have discovered the need to disable fcf-protection much sooner). -- Josh
