Re: [PATCH v8 01/27] Documentation/x86: Add CET description
From: Florian Weimer
Date: Wed Aug 14 2019 - 04:08:00 EST
* Yu-cheng Yu:
> +ENDBR
> + The compiler inserts an ENDBR at all valid branch targets. Any
> + CALL/JMP to a target without an ENDBR triggers a control
> + protection fault.
Is this really correct? I think ENDBR is needed only for indirect
branch targets where the jump/call does not have a NOTRACK prefix. In
general, for security hardening, it seems best to minimize the number of
ENDBR instructions, and use NOTRACK for indirect jumps which derive the
branch target address from information that cannot be modified.
Thanks,
Florian