The following commit has been merged into the x86/core branch of tip: Commit-ID: 500a41acb05a973cb6826ee56df082a97e210a95 Gitweb: https://git.kernel.org/tip/500a41acb05a973cb6826ee56df082a97e210a95 Author: Peter Zijlstra <peterz@xxxxxxxxxxxxx> AuthorDate: Mon, 24 Feb 2025 13:37:05 +01:00 Committer: Ingo Molnar <mingo@xxxxxxxxxx> CommitterDate: Wed, 26 Feb 2025 12:11:18 +01:00 x86/ibt: Add exact_endbr() helper For when we want to exactly match ENDBR, and not everything that we can scribble it with. Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx> Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx> Reviewed-by: Kees Cook <kees@xxxxxxxxxx> Link: https://lore.kernel.org/r/20250224124200.059556588@xxxxxxxxxxxxx --- arch/x86/kernel/alternative.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/arch/x86/kernel/alternative.c b/arch/x86/kernel/alternative.c index 1142ebd..83316ea 100644 --- a/arch/x86/kernel/alternative.c +++ b/arch/x86/kernel/alternative.c @@ -863,6 +863,21 @@ Efault: return false; } +#ifdef CONFIG_FINEIBT + +static __noendbr bool exact_endbr(u32 *val) +{ + u32 endbr; + + __get_kernel_nofault(&endbr, val, u32, Efault); + return endbr == gen_endbr(); + +Efault: + return false; +} + +#endif + static void poison_cfi(void *addr); static void __init_or_module poison_endbr(void *addr) @@ -1426,10 +1441,9 @@ static void poison_cfi(void *addr) bool decode_fineibt_insn(struct pt_regs *regs, unsigned long *target, u32 *type) { unsigned long addr = regs->ip - fineibt_preamble_ud2; - u32 endbr, hash; + u32 hash; - __get_kernel_nofault(&endbr, addr, u32, Efault); - if (endbr != gen_endbr()) + if (!exact_endbr((void *)addr)) return false; *target = addr + fineibt_preamble_size;
![]() |