Re: [PATCH v18 02/25] x86/cet/shstk: Add Kconfig option for user-mode control-flow protection

[Andy Lutomirski]

> On Jan 29, 2021, at 11:42 AM, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
> 
> On 1/27/21 1:25 PM, Yu-cheng Yu wrote:
>> +    help
>> +      Control-flow protection is a hardware security hardening feature
>> +      that detects function-return address or jump target changes by
>> +      malicious code.
> 
> It's not really one feature.  I also think it's not worth talking about
> shadow stacks or indirect branch tracking in *here*.  Leave that for
> Documentation/.
> 
> Just say:
> 
>    Control-flow protection is a set of hardware features which
>    place additional restrictions on indirect branches.  These help
>    mitigate ROP attacks.
> 
> ... and add more in the IBT patches.
> 
>> Applications must be enabled to use it, and old
>> +      userspace does not get protection "for free".
>> +      Support for this feature is present on processors released in
>> +      2020 or later.  Enabling this feature increases kernel text size
>> +      by 3.7 KB.
> 
> Did any CPUs ever get released that have this?  If so, name them.  If
> not, time to change this to 2021, I think.

Zen 3 :)