Shuo A Liu ac598b0856 hv: Hide CET feature from guest VM ... Return-oriented programming (ROP), and similarly CALL/JMP-oriented programming (COP/JOP), have been the prevalent attack methodologies for stealth exploit writers targeting vulnerabilities in programs. CET (Control-flow Enforcement Technology) provides the following capabilities to defend against ROP/COP/JOP style control-flow subversion attacks: * Shadow stack: Return address protection to defend against ROP. * Indirect branch tracking: Free branch protection to defend against COP/JOP The full support of CET for Linux kernel has not been merged yet. As the first stage, hide CET from guest VM. Tracked-On: #5074 Signed-off-by: Shuo A Liu <shuo.a.liu@intel.com> Reviewed-by: Jason Chen CJ <jason.cj.chen@intel.com>		2020-07-23 20:15:57 +08:00
..
arch/x86	hv: Hide CET feature from guest VM	2020-07-23 20:15:57 +08:00
common	hv: vmcall: check vm id in dispatch_sos_hypercall	2020-07-23 20:13:20 +08:00
debug
dm	hv: vapci: add tpm2 support for pre-launched vm	2020-07-23 20:13:20 +08:00
hw	HV: vdev passthough hidding SRIOV	2020-07-16 17:27:18 +08:00
lib	HV: enable multiboot module string as kernel bootargs	2020-06-08 13:30:04 +08:00
public	hv: mmio_dev: add hypercall to support mmio device pass through	2020-07-23 20:13:20 +08:00