[PATCH 0/4] x86: Enable Intel Control-flow Enforcement Technology (CET)

H.J. Lu hjl.tools at gmail.com
Sun Jan 19 15:42:21 CET 2020


On Sun, Jan 19, 2020 at 1:20 AM Jussi Kivilinna <jussi.kivilinna at iki.fi> wrote:
>
> Hello,
>
> On 17.1.2020 19.29, H.J. Lu via Gcrypt-devel wrote:
> > Intel Control-flow Enforcement Technology (CET):
> >
> > https://software.intel.com/en-us/articles/intel-sdm
> >
> > contains shadow stack (SHSTK) and indirect branch tracking (IBT).  When
> > CET is enabled, ELF object files must be marked with .note.gnu.property
> > section.  CET enabled compiler provides <cet.h> which can be included
> > in assembly sources to automatically generate .note.gnu.property section.
> > Also when IBT is enabled, all indirect branch targets must start with
> > ENDBR instruction.  <cet.h> defines _CET_ENDBR to generate proper ENDBR
> > instruction.
>
> Thanks for your contribution. I've few generic comments.
>
> First, we need your signed DCO, please check 'License policy' in docs/HACKING.

Done:

https://lists.gnupg.org/pipermail/gcrypt-devel/2020-January/004889.html

> In each patch, commit log should start with ChangeLog entries without leading
> TABs followed by separator line with -- and then commit message. Check git
> history for examples.
>

Done:

https://lists.gnupg.org/pipermail/gcrypt-devel/2020-January/004891.html

Thanks.

-- 
H.J.



More information about the Gcrypt-devel mailing list