On 5/5/2023 10:22 AM, Binbin Wu wrote:
On 4/21/2023 9:46 PM, Yang Weijiang wrote:
CET (Control-flow Enforcement Technology) is a CPU feature used to
prevent
Return/Jump-Oriented Programming (ROP/JOP) attacks. CET introduces a new
exception type, Control Protection (#CP), and two
sub-features(SHSTK,IBT)
to defend against ROP/JOP style control-flow subversion attacks.
[...]
MSR_IA32_INT_SSP_TAB: Stores base address of shadow stack pointer
table.
According to the name of the MSR, it is interrupt related, right?
It's better to describe the MSR more precisely.
OK, will change the description, thanks!
Two XSAVES state bits are introduced for CET:
IA32_XSS:[bit 11]: Control saving/restoring user mode CET states
IA32_XSS:[bit 12]: Control saving/restoring kernel mode CET states.
Six VMCS fields are introduced for CET:
{HOST,GUEST}_S_CET: Stores CET settings for kernel mode.
{HOST,GUEST}_SSP: Stores shadow stack pointer of current active
task/thread.
{HOST,GUEST}_INTR_SSP_TABLE: Stores base address of shadow stack
pointer table.
ditto
[...]
