From: Yu-cheng Yu <yu-cheng.yu@intel.com>
To: x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
Thomas Gleixner <tglx@linutronix.de>,
Ingo Molnar <mingo@redhat.com>,
linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
linux-mm@kvack.org, linux-arch@vger.kernel.org,
linux-api@vger.kernel.org, Arnd Bergmann <arnd@arndb.de>,
Andy Lutomirski <luto@kernel.org>,
Balbir Singh <bsingharora@gmail.com>,
Borislav Petkov <bp@alien8.de>,
Cyrill Gorcunov <gorcunov@gmail.com>,
Dave Hansen <dave.hansen@linux.intel.com>,
Eugene Syromiatnikov <esyr@redhat.com>,
Florian Weimer <fweimer@redhat.com>,
"H.J. Lu" <hjl.tools@gmail.com>, Jann Horn <jannh@google.com>,
Jonathan Corbet <corbet@lwn.net>,
Kees Cook <keescook@chromium.org>,
Mike Kravetz <mike.kravetz@oracle.com>,
Nadav Amit <nadav.amit@gmail.com>,
Oleg Nesterov <oleg@redhat.com>, Pavel Machek <pavel@ucw.cz>,
Peter Zijlstra <peterz@infradead.org>,
Randy Dunlap <rdunlap@infradead.org>,
"Ravi V. Shankar" <ravi.v.shankar@intel.com>,
Vedvyas Shanbhogue <vedvyas.shanbhogue@intel.com>,
Dave Martin <Dave.Martin@arm.com>,
Weijiang Yang <weijiang.yang@intel.com>,
Pengfei Xu <pengfei.xu@intel.com>
Cc: Yu-cheng Yu <yu-cheng.yu@intel.com>
Subject: [PATCH v19 0/7] Control-flow Enforcement: Indirect Branch Tracking
Date: Wed, 3 Feb 2021 14:58:55 -0800 [thread overview]
Message-ID: <20210203225902.479-1-yu-cheng.yu@intel.com> (raw)
Control-flow Enforcement (CET) is a new Intel processor feature that blocks
return/jump-oriented programming attacks. Details are in "Intel 64 and
IA-32 Architectures Software Developer's Manual" [1].
This is the second part of CET and enables Indirect Branch Tracking (IBT).
It is built on top of the shadow stack series.
This version has no changes from v18. It is being re-sent as v19 to
synchronize with the shadow stack series v19.
[1] Intel 64 and IA-32 Architectures Software Developer's Manual:
https://software.intel.com/en-us/download/intel-64-and-ia-32-
architectures-sdm-combined-volumes-1-2a-2b-2c-2d-3a-3b-3c-3d-and-4
[2] Indirect Branch Tracking patches v18:
https://lkml.kernel.org/r/20210127213028.11362-1-yu-cheng.yu@intel.com/
H.J. Lu (3):
x86/cet/ibt: Update arch_prctl functions for Indirect Branch Tracking
x86/vdso/32: Add ENDBR32 to __kernel_vsyscall entry point
x86/vdso: Insert endbr32/endbr64 to vDSO
Yu-cheng Yu (4):
x86/cet/ibt: Update Kconfig for user-mode Indirect Branch Tracking
x86/cet/ibt: User-mode Indirect Branch Tracking support
x86/cet/ibt: Handle signals for Indirect Branch Tracking
x86/cet/ibt: Update ELF header parsing for Indirect Branch Tracking
arch/x86/Kconfig | 1 +
arch/x86/entry/vdso/Makefile | 4 ++
arch/x86/entry/vdso/vdso32/system_call.S | 3 ++
arch/x86/include/asm/cet.h | 3 ++
arch/x86/kernel/cet.c | 60 +++++++++++++++++++++++-
arch/x86/kernel/cet_prctl.c | 5 ++
arch/x86/kernel/fpu/signal.c | 8 ++--
arch/x86/kernel/process_64.c | 8 ++++
8 files changed, 87 insertions(+), 5 deletions(-)
--
2.21.0
next reply other threads:[~2021-02-03 23:13 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-03 22:58 Yu-cheng Yu [this message]
2021-02-03 22:58 ` [PATCH v19 1/7] x86/cet/ibt: Update Kconfig for user-mode Indirect Branch Tracking Yu-cheng Yu
2021-02-04 19:49 ` Kees Cook
2021-02-03 22:58 ` [PATCH v19 2/7] x86/cet/ibt: User-mode Indirect Branch Tracking support Yu-cheng Yu
2021-02-04 19:50 ` Kees Cook
2021-02-03 22:58 ` [PATCH v19 3/7] x86/cet/ibt: Handle signals for Indirect Branch Tracking Yu-cheng Yu
2021-02-04 19:50 ` Kees Cook
2021-02-03 22:58 ` [PATCH v19 4/7] x86/cet/ibt: Update ELF header parsing " Yu-cheng Yu
2021-02-04 19:50 ` Kees Cook
2021-02-03 22:59 ` [PATCH v19 5/7] x86/cet/ibt: Update arch_prctl functions " Yu-cheng Yu
2021-02-04 19:50 ` Kees Cook
2021-02-03 22:59 ` [PATCH v19 6/7] x86/vdso/32: Add ENDBR32 to __kernel_vsyscall entry point Yu-cheng Yu
2021-02-04 19:50 ` Kees Cook
2021-02-03 22:59 ` [PATCH v19 7/7] x86/vdso: Insert endbr32/endbr64 to vDSO Yu-cheng Yu
2021-02-04 19:50 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210203225902.479-1-yu-cheng.yu@intel.com \
--to=yu-cheng.yu@intel.com \
--cc=Dave.Martin@arm.com \
--cc=arnd@arndb.de \
--cc=bp@alien8.de \
--cc=bsingharora@gmail.com \
--cc=corbet@lwn.net \
--cc=dave.hansen@linux.intel.com \
--cc=esyr@redhat.com \
--cc=fweimer@redhat.com \
--cc=gorcunov@gmail.com \
--cc=hjl.tools@gmail.com \
--cc=hpa@zytor.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-arch@vger.kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=mike.kravetz@oracle.com \
--cc=mingo@redhat.com \
--cc=nadav.amit@gmail.com \
--cc=oleg@redhat.com \
--cc=pavel@ucw.cz \
--cc=pengfei.xu@intel.com \
--cc=peterz@infradead.org \
--cc=ravi.v.shankar@intel.com \
--cc=rdunlap@infradead.org \
--cc=tglx@linutronix.de \
--cc=vedvyas.shanbhogue@intel.com \
--cc=weijiang.yang@intel.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).