Cook: security things in Linux v5.8

Kees Cook catchesup with the security-related changes in the 5.8 kernel release."With this in place, Jump-Oriented Programming (JOP, where codegadgets are chained together with jumps and calls) is no longer availableto the attacker. An attacker's code must make direct function calls. Thisbasically reduces the 'usable' code available to an attacker from everyword in the kernel text to only function entries (or jump targets). This isa 'low granularity' forward-edge Control Flow Integrity (CFI) feature,which is important (since it greatly reduces the potential targets that canbe used in an attack) and cheap (implemented in hardware). It's a goodfirst step to strong CFI, but (as we've seen with things like CFG) it isn'tusually strong enough to stop a motivated attacker."