Post Syndicated from original https://lwn.net/Articles/890261/

Kees Cook catches
up with the security-related changes in the 5.10 kernel, released at
the end of 2020.

With static branches, an if/else choice can be hard-coded, instead
of being run-time evaluated every time. Such branches can be
updated too (the kernel just rewrites the code to switch around the
“branch”). All these principles apply to static calls as well, but
they’re for replacing indirect function calls (i.e. a call through
a function pointer) with a direct call (i.e. a hard-coded call
address). This eliminates the need for Spectre mitigations
(e.g. RETPOLINE) for these indirect calls, and avoids a memory
lookup for the pointer. For hot-path code (like the scheduler),
this has a measurable performance impact. It also serves as a kind
of Control Flow Integrity implementation: an indirect call got
removed, and the potential destinations have been explicitly
identified at compile-time.