[$] A hole in FineIBT protection

Intel's indirectbranch tracking (IBT) is a hardware-implemented control-flow-integritymechanism that makes it harder for an attacker to gain control of thesystem by way of a corrupted indirect branch. FineIBT is a softwareextension to IBT that is meant to improve its protection. Recently,though, Jennifer Miller reported a novel way to bypassFineIBT by taking advantage of how the kernel's system-call entry point isconstructed. In response, Peter Zijlstra is working on some FineIBTenhancements to close that hole and make IBT more secure in general.