Branch Target Identification
   HOME

TheInfoList



Click Here for Items Related To - Branch Target Identification
OR:
Branch Target Identification on:   [Wikipedia]   [Google]   [Amazon]

Indirect branch tracking (IBT), also known as branch target identification (BTI), is a control flow integrity mechanism implemented on some Intel
x86-64 x86-64 (also known as x64, x86_64, AMD64, and Intel 64) is a 64-bit extension of the x86 instruction set architecture, instruction set. It was announced in 1999 and first available in the AMD Opteron family in 2003. It introduces two new ope ...
and
ARM-64 ARM (stylised in lowercase as arm, formerly an acronym for Advanced RISC Machines and originally Acorn RISC Machine) is a family of RISC instruction set architectures (ISAs) for computer processors. Arm Holdings develops the ISAs and licen ...
processors. IBT is designed to protect against
computer security exploits A computer is a machine that can be programmed to automatically carry out sequences of arithmetic or logical operations (''computation''). Modern digital electronic computers can perform generic sets of operations known as ''programs'', wh ...
that use indirect branch instructions to jump into code in unintended ways, such as
return-oriented programming Return-oriented programming (ROP) is a computer security exploit technique that allows an attacker to execute code in the presence of security defenses such as executable-space protection and code signing. In this technique, an attacker gains con ...
. It creates a special "branch target" instructions that have no function other than to mark a location as a valid
indirect branch An indirect branch (also known as a computed jump, indirect jump and register-indirect jump) is a type of program control instruction present in some machine language instruction sets. Rather than specifying the address of the next instruct ...
target, with the processor capable of being put into a mode where it will raise an exception if an indirect branch is made to a location without a branch target instruction.


Implementations

On Intel processors, the technique is known as Indirect Branch Tracking (IBT), with the "end branch" instructions and acting as the branch target instructions for 32- and 64-bit mode respectively. IBT is part of the Intel Control-Flow Enforcement Technology first released in the
Tiger Lake Tiger Lake is Intel's codename for the 11th generation Intel Core mobile processors based on the Willow Cove Core microarchitecture, manufactured using Intel's third-generation 10 nm process node known as 10SF ("10 nm SuperFin"). Tiger L ...
generation of processors. The similar technology on ARM-64 processors is called Branch Target Identification (BTI), with the instruction, also called , having three variants that make it check only for jumps, or function calls, or for both.


References

Computer security Control flow integrity {{computer-security-stub