Re: [PATCH v20 06/25] x86/cet: Add control-protection fault handler
From: Kees Cook <hidden>
Date: 2021-02-10 19:38:12
Also in:
linux-arch, linux-doc, linux-mm, lkml
From: Kees Cook <hidden>
Date: 2021-02-10 19:38:12
Also in:
linux-arch, linux-doc, linux-mm, lkml
On Wed, Feb 10, 2021 at 09:56:44AM -0800, Yu-cheng Yu wrote:
A control-protection fault is triggered when a control-flow transfer attempt violates Shadow Stack or Indirect Branch Tracking constraints. For example, the return address for a RET instruction differs from the copy on the shadow stack; or an indirect JMP instruction, without the NOTRACK prefix, arrives at a non-ENDBR opcode. The control-protection fault handler works in a similar way as the general protection fault handler. It provides the si_code SEGV_CPERR to the signal handler. Signed-off-by: Yu-cheng Yu <redacted>
Reviewed-by: Kees Cook <redacted> -- Kees Cook