[$] Enhancing FineIBT

At the LinuxSecurity Summit Europe (LSS EU), Scott Constable and SebastianOsterlund gave a talk on an enhancement to a control-flowintegrity (CFI)protection that was added to the kernel several years ago. The "FineIBT: Fine-grain Control-flowEnforcement with Indirect Branch Tracking" mechanism was merged forLinux 6.2 in early 2023 to harden the kernel against CFI attacks of varioussorts, but needed some fixes andenhancements more recently. The talk looked at the CFI vulnerabilityproblem, FineIBT, and an enhanced version that is hoped to be able to unifyall of the disparate hardware and software mitigations to address bothregular and speculative CFI vulnerabilities.