Re: [Qemu-devel] [PATCH 3/7] configure: add CET support

[Paolo Bonzini]

On 13/03/19 13:59, Eric Blake wrote:
> On 3/13/19 7:40 AM, Paolo Bonzini wrote:
>> CET requires object files to note which features are supported.  The linker
> 
> CET = ?
> 
>> will merge them to the set of features that are supported by all object
>> files.  The compiler creates these notes when the -fcf-protection option
>> is passed, but we have to blacklist some object files that only support
>> a subset of the full CET feature set.  The next patches will improve the
>> situation so that QEMU can be built with full protection.
>>
>> Signed-off-by: Paolo Bonzini <address@hidden>
>> ---
>>  configure          | 27 +++++++++++++++++++++++++++
>>  Makefile.target    |  3 +++
>>  util/Makefile.objs |  5 +++++
>>  3 files changed, 35 insertions(+)
>>
> 
>> @@ -1757,6 +1762,7 @@ disabled with --disable-FEATURE, default is enabled if 
>> available:
>>    lzfse           support of lzfse compression library
>>                    (for reading lzfse-compressed dmg images)
>>    seccomp         seccomp support
>> +  cet             Control-flow Enforcement Technology
> 
> Ah. Still, might be worth mentioning in the commit body as well.

Actually I might change it to cf-protection, since that's what the GCC
flag is named.

Paolo

signature.asc
Description: OpenPGP digital signature