linux.git - Linux kernel source tree

diff options

author	Peter Zijlstra <peterz@infradead.org>	2023-06-21 22:17:12 +0200
committer	Peter Zijlstra <peterz@infradead.org>	2023-07-10 09:52:24 +0200
commit	9831c6253ace48051189f6d18a15f658f94babc2 (patch)
tree	2c2d1e8e79478c161c37c8d55620ec5758065eb7 /arch/x86/entry
parent	x86/alternative: Rename apply_ibt_endbr() (diff)
download	linux-9831c6253ace48051189f6d18a15f658f94babc2.tar.gz linux-9831c6253ace48051189f6d18a15f658f94babc2.tar.bz2 linux-9831c6253ace48051189f6d18a15f658f94babc2.zip

x86/cfi: Extend ENDBR sealing to kCFI

Kees noted that IBT sealing could be extended to kCFI. Fundamentally it is the list of functions that do not have their address taken and are thus never called indirectly. It doesn't matter that objtool uses IBT infrastructure to determine this list, once we have it it can also be used to clobber kCFI hashes and avoid kCFI indirect calls. Suggested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Sami Tolvanen <samitolvanen@google.com> Link: https://lkml.kernel.org/r/20230622144321.494426891%40infradead.org

Diffstat (limited to 'arch/x86/entry')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: