| Message ID | 20210203225902.479-5-yu-cheng.yu@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Control-flow Enforcement: Indirect Branch Tracking | expand |
On Wed, Feb 03, 2021 at 02:58:59PM -0800, Yu-cheng Yu wrote: > An ELF file's .note.gnu.property indicates features the file supports. > The property is parsed at loading time and passed to arch_setup_elf_ > property(). Update it for Indirect Branch Tracking. > > Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com> Reviewed-by: Kees Cook <keescook@chromium.org>
diff --git a/arch/x86/kernel/process_64.c b/arch/x86/kernel/process_64.c index 19f138f7a209..ccf3f66f4d2c 100644 --- a/arch/x86/kernel/process_64.c +++ b/arch/x86/kernel/process_64.c @@ -864,6 +864,14 @@ int arch_setup_elf_property(struct arch_elf_state *state) r = cet_setup_shstk(); } + if (r < 0) + return r; + + if (static_cpu_has(X86_FEATURE_IBT)) { + if (state->gnu_property & GNU_PROPERTY_X86_FEATURE_1_IBT) + r = cet_setup_ibt(); + } + return r; } #endif
An ELF file's .note.gnu.property indicates features the file supports. The property is parsed at loading time and passed to arch_setup_elf_ property(). Update it for Indirect Branch Tracking. Signed-off-by: Yu-cheng Yu <yu-cheng.yu@intel.com> --- arch/x86/kernel/process_64.c | 8 ++++++++ 1 file changed, 8 insertions(+)