Re: [PATCH v26 6/9] x86/vdso: Insert endbr32/endbr64 to vDSO

From: Kees Cook
Date: Wed Apr 28 2021 - 16:39:05 EST

Next message: Kees Cook: "Re: [PATCH v26 8/9] x86/vdso/32: Add ENDBR to __kernel_vsyscall entry point"
Previous message: Russell King - ARM Linux admin: "Re: [PATCH 168/190] Revert "net: marvell: fix a missing check of acpi_match_device""
In reply to: Yu, Yu-cheng: "Re: [PATCH v26 6/9] x86/vdso: Insert endbr32/endbr64 to vDSO"
Next in thread: Yu-cheng Yu: "[PATCH v26 7/9] x86/vdso: Introduce ENDBR macro"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 27, 2021 at 01:47:17PM -0700, Yu-cheng Yu wrote:
> From: "H.J. Lu" <hjl.tools@xxxxxxxxx>
>
> When Indirect Branch Tracking (IBT) is enabled, vDSO functions may be
> called indirectly, and must have ENDBR32 or ENDBR64 as the first
> instruction. The compiler must support -fcf-protection=branch so that it
> can be used to compile vDSO.
>
> Signed-off-by: H.J. Lu <hjl.tools@xxxxxxxxx>

Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

--
Kees Cook

Next message: Kees Cook: "Re: [PATCH v26 8/9] x86/vdso/32: Add ENDBR to __kernel_vsyscall entry point"
Previous message: Russell King - ARM Linux admin: "Re: [PATCH 168/190] Revert "net: marvell: fix a missing check of acpi_match_device""
In reply to: Yu, Yu-cheng: "Re: [PATCH v26 6/9] x86/vdso: Insert endbr32/endbr64 to vDSO"
Next in thread: Yu-cheng Yu: "[PATCH v26 7/9] x86/vdso: Introduce ENDBR macro"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]