Message ID | 20201110162211.9207-1-yu-cheng.yu@intel.com (mailing list archive) |
---|---|
Headers | show |
Series | Control-flow Enforcement: Shadow Stack | expand |
On Tue, Nov 10, 2020 at 08:21:45AM -0800, Yu-cheng Yu wrote: > Control-flow Enforcement (CET) is a new Intel processor feature that blocks > return/jump-oriented programming attacks. Details are in "Intel 64 and > IA-32 Architectures Software Developer's Manual" [1]. > > CET can protect applications and the kernel. This series enables only > application-level protection, and has three parts: > > - Shadow stack [2], > - Indirect branch tracking [3], and > - Selftests [4]. > > I have run tests on these patches for quite some time, and they have been > very stable. Linux distributions with CET are available now, and Intel > processors with CET are becoming available. It would be nice if CET > support can be accepted into the kernel. I will be working to address any > issues should they come up. > Is there a way to run these patches for testing? Bochs emulation or anything else? I presume you've been testing against violations of CET in user space? Can you share your testing? Balbir Singh.
On 11/27/2020 1:29 AM, Balbir Singh wrote: > On Tue, Nov 10, 2020 at 08:21:45AM -0800, Yu-cheng Yu wrote: >> Control-flow Enforcement (CET) is a new Intel processor feature that blocks >> return/jump-oriented programming attacks. Details are in "Intel 64 and >> IA-32 Architectures Software Developer's Manual" [1]. >> >> CET can protect applications and the kernel. This series enables only >> application-level protection, and has three parts: >> >> - Shadow stack [2], >> - Indirect branch tracking [3], and >> - Selftests [4]. >> >> I have run tests on these patches for quite some time, and they have been >> very stable. Linux distributions with CET are available now, and Intel >> processors with CET are becoming available. It would be nice if CET >> support can be accepted into the kernel. I will be working to address any >> issues should they come up. >> > > Is there a way to run these patches for testing? Bochs emulation or anything > else? I presume you've been testing against violations of CET in user space? > Can you share your testing? > > Balbir Singh. > Machines with CET are already available on the market. I tested these on real machines with Fedora. There is a quick test in my earlier selftest patches: https://lore.kernel.org/linux-api/20200521211720.20236-6-yu-cheng.yu@intel.com/ Thanks, Yu-cheng