Re: [PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-23 Thread Yu, Yu-cheng
On 3/23/2021 1:49 PM, Peter Zijlstra wrote: On Fri, Mar 19, 2021 at 02:43:04PM -0700, Yu, Yu-cheng wrote: On 3/16/2021 2:15 PM, Peter Zijlstra wrote: On Tue, Mar 16, 2021 at 08:10:26AM -0700, Yu-cheng Yu wrote: Control-flow Enforcement (CET) is a new Intel processor feature that blocks

Re: [PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-23 Thread Peter Zijlstra
On Fri, Mar 19, 2021 at 02:43:04PM -0700, Yu, Yu-cheng wrote: > On 3/16/2021 2:15 PM, Peter Zijlstra wrote: > > On Tue, Mar 16, 2021 at 08:10:26AM -0700, Yu-cheng Yu wrote: > > > Control-flow Enforcement (CET) is a new Intel processor feature that > > > blocks > > > return/jump-oriented

Re: [PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-19 Thread Yu, Yu-cheng
On 3/16/2021 2:15 PM, Peter Zijlstra wrote: On Tue, Mar 16, 2021 at 08:10:26AM -0700, Yu-cheng Yu wrote: Control-flow Enforcement (CET) is a new Intel processor feature that blocks return/jump-oriented programming attacks. Details are in "Intel 64 and IA-32 Architectures Software Developer's

Re: [PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-19 Thread Yu, Yu-cheng
On 3/17/2021 2:18 AM, Ingo Molnar wrote: * Yu, Yu-cheng wrote: On 3/16/2021 2:15 PM, Peter Zijlstra wrote: On Tue, Mar 16, 2021 at 08:10:26AM -0700, Yu-cheng Yu wrote: Control-flow Enforcement (CET) is a new Intel processor feature that blocks return/jump-oriented programming attacks.

Re: [PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-17 Thread Peter Zijlstra
On Wed, Mar 17, 2021 at 10:18:00AM +0100, Ingo Molnar wrote: > > * Yu, Yu-cheng wrote: > > > On 3/16/2021 2:15 PM, Peter Zijlstra wrote: > > > On Tue, Mar 16, 2021 at 08:10:26AM -0700, Yu-cheng Yu wrote: > > > > Control-flow Enforcement (CET) is a new Intel processor feature that > > > >

Re: [PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-17 Thread Ingo Molnar
* Yu, Yu-cheng wrote: > On 3/16/2021 2:15 PM, Peter Zijlstra wrote: > > On Tue, Mar 16, 2021 at 08:10:26AM -0700, Yu-cheng Yu wrote: > > > Control-flow Enforcement (CET) is a new Intel processor feature that > > > blocks > > > return/jump-oriented programming attacks. Details are in "Intel

Re: [PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-16 Thread Peter Zijlstra
On Tue, Mar 16, 2021 at 08:10:26AM -0700, Yu-cheng Yu wrote: > Control-flow Enforcement (CET) is a new Intel processor feature that blocks > return/jump-oriented programming attacks. Details are in "Intel 64 and > IA-32 Architectures Software Developer's Manual" [1]. > > CET can protect

Re: [PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-16 Thread Yu, Yu-cheng
On 3/16/2021 2:15 PM, Peter Zijlstra wrote: On Tue, Mar 16, 2021 at 08:10:26AM -0700, Yu-cheng Yu wrote: Control-flow Enforcement (CET) is a new Intel processor feature that blocks return/jump-oriented programming attacks. Details are in "Intel 64 and IA-32 Architectures Software Developer's

[PATCH v23 00/28] Control-flow Enforcement: Shadow Stack

2021-03-16 Thread Yu-cheng Yu
Control-flow Enforcement (CET) is a new Intel processor feature that blocks return/jump-oriented programming attacks. Details are in "Intel 64 and IA-32 Architectures Software Developer's Manual" [1]. CET can protect applications and the kernel. This series enables only application-level