Hi! > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index 9871e649ffef..b090787188b4 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -2764,6 +2764,12 @@ > noexec=on: enable non-executable mappings (default) > noexec=off: disable non-executable mappings > > + no_cet_ibt [X86-64] Disable indirect branch tracking for user-mode > + applications > + > + no_cet_shstk [X86-64] Disable shadow stack support for user-mode > + applications Hmm, not too consistent with "nosmap" below. Would it make sense to have cet=on/off/ibt/shstk instead? > +++ b/Documentation/x86/intel_cet.rst > @@ -0,0 +1,252 @@ > +========================================= > +Control Flow Enforcement Technology (CET) > +========================================= > + > +[1] Overview > +============ > + > +Control Flow Enforcement Technology (CET) provides protection against > +return/jump-oriented programing (ROP) attacks. Can you add something like "It attempts to protect process from running arbitrary code even after attacker has control of its stack" -- for people that don't know what ROP is, and perhaps link to wikipedia explaining ROP or something... > It can be implemented > +to protect both the kernel and applications. In the first phase, > +only the user-mode protection is implemented for the 64-bit kernel. > +Thirty-two bit applications are supported under the compatibility 32-bit (for consistency). Ok, so CET stops execution of malicious code before architectural effects are visible, correct? Does it prevent micro-architectural effects of the malicious code? (cache content would be one example; see Spectre). > +[3] Application Enabling > +======================== "Enabling CET in applications" ? > +Signal > +------ > + > +The main program and its signal handlers use the same SHSTK. Because > +the SHSTK stores only return addresses, we can estimate a large > +enough SHSTK to cover the condition that both the program stack and > +the sigaltstack run out. English? Is it estimate or is it large enough? "a large" -- "a" should be deleted AFAICT. -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Attachment:
signature.asc
Description: Digital signature