On Wed, 2019-08-14 at 10:07 +0200, Florian Weimer wrote: > * Yu-cheng Yu: > > > +ENDBR > > + The compiler inserts an ENDBR at all valid branch targets. Any > > + CALL/JMP to a target without an ENDBR triggers a control > > + protection fault. > > Is this really correct? I think ENDBR is needed only for indirect > branch targets where the jump/call does not have a NOTRACK prefix. You are right. I will fix the wording. Yu-cheng