subject:"\[PATCH v14 1\/7\] x86\/cet\/ibt\: Add Kconfig option for user\-mode Indirect Branch Tracking"

Re: [PATCH v14 1/7] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking

2020-10-12 Thread Yu, Yu-cheng

On 10/12/2020 12:15 PM, Cyrill Gorcunov wrote: On Mon, Oct 12, 2020 at 08:45:24AM -0700, Yu-cheng Yu wrote: ... + the application support it. When this feature is enabled, + legacy non-IBT applications continue to work, but without + IBT protection. + Support for

Re: [PATCH v14 1/7] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking

2020-10-12 Thread Cyrill Gorcunov

On Mon, Oct 12, 2020 at 08:45:24AM -0700, Yu-cheng Yu wrote: ... > + the application support it. When this feature is enabled, > + legacy non-IBT applications continue to work, but without > + IBT protection. > + Support for this feature is only known to be present on > +

[PATCH v14 1/7] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking

2020-10-12 Thread Yu-cheng Yu

Introduce Kconfig option X86_BRANCH_TRACKING_USER. Indirect Branch Tracking (IBT) provides protection against CALL-/JMP- oriented programming attacks. It is active when the kernel has this feature enabled, and the processor and the application support it. When this feature is enabled, legacy non-