On Wed, Feb 10, 2021 at 09:56:44AM -0800, Yu-cheng Yu wrote: > A control-protection fault is triggered when a control-flow transfer > attempt violates Shadow Stack or Indirect Branch Tracking constraints. > For example, the return address for a RET instruction differs from the copy > on the shadow stack; or an indirect JMP instruction, without the NOTRACK > prefix, arrives at a non-ENDBR opcode. > > The control-protection fault handler works in a similar way as the general > protection fault handler. It provides the si_code SEGV_CPERR to the signal > handler. > > Signed-off-by: Yu-cheng Yu <yu-cheng...@intel.com>
Reviewed-by: Kees Cook <keesc...@chromium.org> -- Kees Cook
