Re: [PATCH v17 00/26] Control-flow Enforcement: Shadow Stack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/29/2020 1:30 PM, Yu-cheng Yu wrote:
Control-flow Enforcement (CET) is a new Intel processor feature that blocks
return/jump-oriented programming attacks.  Details are in "Intel 64 and
IA-32 Architectures Software Developer's Manual" [1].

CET can protect applications and the kernel.  This series enables only
application-level protection, and has three parts:

   - Shadow stack [2],
   - Indirect branch tracking [3], and
   - Selftests [4].

I have run tests on these patches for quite some time, and they have been
very stable.  Linux distributions with CET are available now, and Intel
processors with CET are already on the market.  It would be nice if CET
support can be accepted into the kernel.  I will be working to address any
issues should they come up.

Changes in v17:
- Rebase to v5.11-rc1.

Hi Reviewers,

After a few revisions/re-bases, I have dropped some Reviewed-by tags. This revision is only a re-base to the latest Linus tree. Please kindly comment if there are anything still not resolved, and I appreciate very much Reviewed-by/Acked-by tags to satisfactory patches.

--
Thanks,
Yu-cheng




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux