Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Roger Pau Monné <roger.pau@citrix.com>
CC: Wei Liu <wl@xen.org>
---
xen/tools/check-endbr.sh | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/xen/tools/check-endbr.sh b/xen/tools/check-endbr.sh
index b97684ac25e9..bf153a570db4 100755
--- a/xen/tools/check-endbr.sh
+++ b/xen/tools/check-endbr.sh
@@ -2,6 +2,15 @@
#
# Usage ./$0 xen-syms
#
+# When CET-IBT (Control-flow Enforcement Technology, Indirect Branch Tracking)
+# is active, ENDBR instructions mark legal indirect branch targets in the
+# .text section.
+#
+# However x86 is a variable length instruction set so the same byte pattern
+# can exist embedded in other instructions, or crossing multiple instructions.
+# This script searches .text for any problematic byte patterns which aren't
+# legitimate ENDBR instructions.
+#
set -e
# Pretty-print parameters a little for message
--
2.11.0