On May 17, 2026 11:30:21 AM PDT, Richard Patel <[email protected]> wrote: >IBT enforces that indirect branch targets land on an endbr >instruction. The CPU enforces this by setting the 'WAIT_FOR_ENDBR' >bit after executing an indirect branch/jump. > >The only relevant edge case with user IBT is signal handling: >When entering/leaving a signal handler, the WAIT_FOR_ENDBR bit must >be backed up/restored. > >IBT is not implemented for 32-bit and cannot be enabled using a >32-bit syscall. However, a 64-bit thread could far jump into 32-bit. >Therefore, 32-bit sigreturn must be banned until IBT supports that >environment. > >Signed-off-by: Richard Patel <[email protected]> >Based-on-patch-by: Yu-cheng Yu <[email protected]> >Link: >https://lwn.net/ml/linux-kernel/[email protected]/ >--- > arch/x86/kernel/signal_32.c | 5 +++++ > 1 file changed, 5 insertions(+) > >diff --git a/arch/x86/kernel/signal_32.c b/arch/x86/kernel/signal_32.c >index e55cf19e68fe..7cb76d794366 100644 >--- a/arch/x86/kernel/signal_32.c >+++ b/arch/x86/kernel/signal_32.c >@@ -143,6 +143,11 @@ static bool ia32_restore_sigcontext(struct pt_regs *regs, > regs->ds = fixup_rpl(sc.ds); > #endif > >+#ifdef CONFIG_X86_USER_IBT >+ if (current->thread.ibt) >+ return false; >+#endif >+ > return fpu__restore_sig(compat_ptr(sc.fpstate), 1); > } >
Dumb question: is there any reason not to just enable it for 32 bits? It doesn't seem that it would be that big of a delta to Just Do It.™ That being said, I suspect the number of users will be very small if any.
