Message ID | 20201229213053.16395-1-yu-cheng.yu@intel.com (mailing list archive) |
---|---|
Headers | show |
Series | Control-flow Enforcement: Shadow Stack | expand |
On 12/29/2020 1:30 PM, Yu-cheng Yu wrote: > Control-flow Enforcement (CET) is a new Intel processor feature that blocks > return/jump-oriented programming attacks. Details are in "Intel 64 and > IA-32 Architectures Software Developer's Manual" [1]. > > CET can protect applications and the kernel. This series enables only > application-level protection, and has three parts: > > - Shadow stack [2], > - Indirect branch tracking [3], and > - Selftests [4]. > > I have run tests on these patches for quite some time, and they have been > very stable. Linux distributions with CET are available now, and Intel > processors with CET are already on the market. It would be nice if CET > support can be accepted into the kernel. I will be working to address any > issues should they come up. > > Changes in v17: > - Rebase to v5.11-rc1. Hi Reviewers, After a few revisions/re-bases, I have dropped some Reviewed-by tags. This revision is only a re-base to the latest Linus tree. Please kindly comment if there are anything still not resolved, and I appreciate very much Reviewed-by/Acked-by tags to satisfactory patches. -- Thanks, Yu-cheng