Re: [PATCH v12 1/8] x86/cet/ibt: Add Kconfig option for user-mode Indirect Branch Tracking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi!

> > > > +   help
> > > > +     Indirect Branch Tracking (IBT) provides protection against
> > > > +     CALL-/JMP-oriented programming attacks.  It is active when
> > > > +     the kernel has this feature enabled, and the processor and
> > > > +     the application support it.  When this feature is enabled,
> > > > +     legacy non-IBT applications continue to work, but without
> > > > +     IBT protection.
> > > > +
> > > > +     If unsure, say y
> > >
> > >         If unsure, say y.
> >
> > Actually, it would be "If unsure, say Y.", to be consistent with the
> > rest of the Kconfig.
> >
> > But I wonder if Yes by default is good idea. Only very new CPUs will
> > support this, right? Are they even available at the market? Should the
> > help text say "if your CPU is Whatever Lake or newer, ...." :-) ?
> >
> 
> CET enabled kernel runs on all x86-64 processors.  All my machines
> are running the same CET enabled kernel binary.

I believe that.

But enabling CET in kernel is useless on Core 2 Duo machine, right?

									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux