On 2022-09-05 22:44:52 +0200 (+0200), Felix Potthast wrote:
> i just stumbled upon the fact that debian doesn't yet make use of
> the Intel CET security feature, while many other distributions
> (Ubuntu, Fedora, Suse, Arch Linux) do.
[...]
Forgive me if this is a dumb question, but were you running on a
Linux 5.18 kernel when you tested this? The default kernel on the
current Debian release is too old to support it, but there is a 5.18
kernel in the bullseye-backports suite. This is from my workstation
running a relatively up to date Debian unstable booted on a 5.18.x
kernel, as you can see:
fungi@dhole:~$ uname -v
#1 SMP PREEMPT_DYNAMIC Debian 5.18.14-1 (2022-07-23)
fungi@dhole:~$ objdump -d /bin/mv | grep endbr | wc -l
2
fungi@dhole:~$ objdump -d /bin/mv | grep endbr
4230: f3 0f 1e fa endbr64
4270: f3 0f 1e fa endbr64
--
Jeremy Stanley
Attachment:
signature.asc
Description: PGP signature