Skip to content

Commit

Permalink
cpu-features: Ignore CET SS unless actively used
Browse files Browse the repository at this point in the history
  • Loading branch information
yjugl committed Jun 9, 2024
1 parent dc11cd1 commit c0ffb99
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions gum/gum.c
Original file line number Diff line number Diff line change
Expand Up @@ -732,6 +732,9 @@ gum_do_query_cpu_features (void)
gboolean cpu_supports_cet_ss = FALSE;
gboolean os_enabled_xsave = FALSE;
guint a, b, c, d;
#ifdef HAVE_WINDOWS
PROCESS_MITIGATION_USER_SHADOW_STACK_POLICY pol;
#endif

if (gum_get_cpuid (7, &a, &b, &c, &d))
{
Expand All @@ -745,6 +748,20 @@ gum_do_query_cpu_features (void)
if (cpu_supports_avx2 && os_enabled_xsave)
features |= GUM_CPU_AVX2;

#ifdef HAVE_WINDOWS
if (cpu_supports_cet_ss &&
GetProcessMitigationPolicy (
GetCurrentProcess (),
ProcessUserShadowStackPolicy,
&pol,
sizeof pol
) &&
!pol.EnableUserShadowStack)
{
cpu_supports_cet_ss = FALSE;
}
#endif

if (cpu_supports_cet_ss)
features |= GUM_CPU_CET_SS;

Expand Down

0 comments on commit c0ffb99

Please sign in to comment.