xen/check-endbr.sh: Explain the purpose of the script

[PATCH] xen/check-endbr.sh: Explain the purpose of the script

Andrew Cooper posted 1 patch 1 year, 9 months ago

Download mbox

Test gitlab-ci failed

Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20220726142328.12246-1-andrew.cooper3@citrix.com

xen/tools/check-endbr.sh | 9 +++++++++
1 file changed, 9 insertions(+)

Expand all Fold all

[PATCH] xen/check-endbr.sh: Explain the purpose of the script

Posted by Andrew Cooper 1 year, 9 months ago

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Wei Liu <wl@xen.org>
---
 xen/tools/check-endbr.sh | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/xen/tools/check-endbr.sh b/xen/tools/check-endbr.sh
index b97684ac25e9..bf153a570db4 100755
--- a/xen/tools/check-endbr.sh
+++ b/xen/tools/check-endbr.sh
@@ -2,6 +2,15 @@
 #
 # Usage ./$0 xen-syms
 #
+# When CET-IBT (Control-flow Enforcement Technology, Indirect Branch Tracking)
+# is active, ENDBR instructions mark legal indirect branch targets in the
+# .text section.
+#
+# However x86 is a variable length instruction set so the same byte pattern
+# can exist embedded in other instructions, or crossing multiple instructions.
+# This script searches .text for any problematic byte patterns which aren't
+# legitimate ENDBR instructions.
+#
 set -e
 
 # Pretty-print parameters a little for message
-- 
2.11.0

Re: [PATCH] xen/check-endbr.sh: Explain the purpose of the script

Posted by Jan Beulich 1 year, 9 months ago

On 26.07.2022 16:23, Andrew Cooper wrote:
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

Acked-by: Jan Beulich <jbeulich@suse.com>