Commit 500a41ac authored by Peter Zijlstra's avatar Peter Zijlstra Committed by Ingo Molnar
Browse files

x86/ibt: Add exact_endbr() helper 



For when we want to exactly match ENDBR, and not everything that we
can scribble it with.

Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
Reviewed-by: default avatarKees Cook <kees@kernel.org>
Link: https://lore.kernel.org/r/20250224124200.059556588@infradead.org
parent 9a54fb31

arch/x86/kernel/alternative.c

+17 −3
Original line number Diff line number Diff line
@@ -863,6 +863,21 @@ __noendbr bool is_endbr(u32 *val) 
	return false;

}



#ifdef CONFIG_FINEIBT



static __noendbr bool exact_endbr(u32 *val)

{

	u32 endbr;



	__get_kernel_nofault(&endbr, val, u32, Efault);

	return endbr == gen_endbr();



Efault:

	return false;

}



#endif



static void poison_cfi(void *addr);



static void __init_or_module poison_endbr(void *addr)
@@ -1426,10 +1441,9 @@ static void poison_cfi(void *addr) 
bool decode_fineibt_insn(struct pt_regs *regs, unsigned long *target, u32 *type)

{

	unsigned long addr = regs->ip - fineibt_preamble_ud2;

	u32 endbr, hash;

	u32 hash;



	__get_kernel_nofault(&endbr, addr, u32, Efault);

	if (endbr != gen_endbr())

	if (!exact_endbr((void *)addr))

		return false;



	*target = addr + fineibt_preamble_size;