On Tue, Apr 27, 2021 at 01:47:18PM -0700, Yu-cheng Yu wrote: > ENDBR is a special new instruction for the Indirect Branch Tracking (IBT) > component of CET. IBT prevents attacks by ensuring that (most) indirect > branches and function calls may only land at ENDBR instructions. Branches > that don't follow the rules will result in control flow (#CF) exceptions. > > ENDBR is a noop when IBT is unsupported or disabled. Most ENDBR > instructions are inserted automatically by the compiler, but branch > targets written in assembly must have ENDBR added manually. > > Introduce ENDBR64/ENDBR32 macros. > > Signed-off-by: Yu-cheng Yu <yu-cheng.yu@xxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
