[PATCH 0/4] x86: Enable Intel Control-flow Enforcement Technology (CET)
hjl.tools at gmail.com
Sun Jan 19 15:42:21 CET 2020
On Sun, Jan 19, 2020 at 1:20 AM Jussi Kivilinna <jussi.kivilinna at iki.fi> wrote:
> On 17.1.2020 19.29, H.J. Lu via Gcrypt-devel wrote:
> > Intel Control-flow Enforcement Technology (CET):
> > https://software.intel.com/en-us/articles/intel-sdm
> > contains shadow stack (SHSTK) and indirect branch tracking (IBT). When
> > CET is enabled, ELF object files must be marked with .note.gnu.property
> > section. CET enabled compiler provides <cet.h> which can be included
> > in assembly sources to automatically generate .note.gnu.property section.
> > Also when IBT is enabled, all indirect branch targets must start with
> > ENDBR instruction. <cet.h> defines _CET_ENDBR to generate proper ENDBR
> > instruction.
> Thanks for your contribution. I've few generic comments.
> First, we need your signed DCO, please check 'License policy' in docs/HACKING.
> In each patch, commit log should start with ChangeLog entries without leading
> TABs followed by separator line with -- and then commit message. Check git
> history for examples.
More information about the Gcrypt-devel