From mboxrd@z Thu Jan 1 00:00:00 1970 From: Kees Cook Subject: Re: [RFC PATCH v9 00/27] Control-flow Enforcement: Shadow Stack Date: Tue, 25 Feb 2020 13:31:27 -0800 Message-ID: <202002251330.7CD5EEFA2@keescook> References: <20200205181935.3712-1-yu-cheng.yu@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Return-path: Content-Disposition: inline In-Reply-To: <20200205181935.3712-1-yu-cheng.yu@intel.com> Sender: linux-kernel-owner@vger.kernel.org To: Yu-cheng Yu Cc: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel List-Id: linux-arch.vger.kernel.org On Wed, Feb 05, 2020 at 10:19:08AM -0800, Yu-cheng Yu wrote: > Control-flow Enforcement (CET) is a new Intel processor feature that blocks > return/jump-oriented programming attacks. Details can be found in "Intel > 64 and IA-32 Architectures Software Developer's Manual" [1]. At v9, this probably isn't RFC any more. :) As mentioned in another patch, I'd really like to see some self tests for this feature. It's relatively complex... -- Kees Cook From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg1-f196.google.com ([209.85.215.196]:33849 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726421AbgBYVba (ORCPT ); Tue, 25 Feb 2020 16:31:30 -0500 Received: by mail-pg1-f196.google.com with SMTP id j4so196944pgi.1 for ; Tue, 25 Feb 2020 13:31:29 -0800 (PST) Date: Tue, 25 Feb 2020 13:31:27 -0800 From: Kees Cook Subject: Re: [RFC PATCH v9 00/27] Control-flow Enforcement: Shadow Stack Message-ID: <202002251330.7CD5EEFA2@keescook> References: <20200205181935.3712-1-yu-cheng.yu@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200205181935.3712-1-yu-cheng.yu@intel.com> Sender: linux-arch-owner@vger.kernel.org List-ID: To: Yu-cheng Yu Cc: x86@kernel.org, "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org, linux-mm@kvack.org, linux-arch@vger.kernel.org, linux-api@vger.kernel.org, Arnd Bergmann , Andy Lutomirski , Balbir Singh , Borislav Petkov , Cyrill Gorcunov , Dave Hansen , Eugene Syromiatnikov , Florian Weimer , "H.J. Lu" , Jann Horn , Jonathan Corbet , Mike Kravetz , Nadav Amit , Oleg Nesterov , Pavel Machek , Peter Zijlstra , Randy Dunlap , "Ravi V. Shankar" , Vedvyas Shanbhogue , Dave Martin , x86-patch-review@intel.com Message-ID: <20200225213127.Ajr2tZ1iSRWrVrA2LNnF6k3yF-8mabRKxLb5QZG2RoI@z> On Wed, Feb 05, 2020 at 10:19:08AM -0800, Yu-cheng Yu wrote: > Control-flow Enforcement (CET) is a new Intel processor feature that blocks > return/jump-oriented programming attacks. Details can be found in "Intel > 64 and IA-32 Architectures Software Developer's Manual" [1]. At v9, this probably isn't RFC any more. :) As mentioned in another patch, I'd really like to see some self tests for this feature. It's relatively complex... -- Kees Cook