Intel Confirms CET Security Support For Tiger Lake

Written by Michael Larabel in Intel on 15 June 2020 at 09:00 AM EDT. 14 Comments
Intel is confirming today that Control-Flow Enforcement Technology (Intel CET) will premiere with upcoming mobile Tiger Lake processors.

CET works by preventing ROP and COP/JOP style attacks through indirect branch tracking and a shadow stack. For nearly three years we have been talking about Control-Flow Enforcement Technology with the open-source Intel developers doing a fairly punctual job plumbing it into the open-source compilers, the necessary Linux kernel changes, etc. Just last month I provided the current state of Intel CET on Linux with most patches under review or landed but due to the GCC 11 requirement will not be all stabilized until early next year.

Intel's announcement today is that CET is seeing initial support with Tiger Lake CPUs due out soon for helping fight off control-flow hijacking malware attempts.

While the Linux patches are still landing, Microsoft Windows 10 users will see hardware-enforced stack protection beginning today with Windows 10 Insider Preview builds. It's too bad not all of the Intel CET support is mainlined for Linux users today (especially for how long they have been preparing these patches going back to June 2017), but at least it's available in patch form for interested parties ahead of Tiger Lake's debut and nice to see this technology now becoming available within the newest Intel CPUs.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week