]> git.ipfire.org Git - ipfire-2.x.git/commit - make.sh
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 46e91cc) | patch
make.sh: x86_64: Enable CET full
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 11 Jul 2023 13:27:18 +0000 (13:27 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 26 Jul 2023 16:08:59 +0000 (16:08 +0000)
commit9ea072e6272b7df7ec604a6799d27ed316e7d740
treee35e5ed6d3440a0948de922f1ef2d5040bf180b1tree | snapshot
parent46e91ccc3339443b57edaa6daa55308eee8f9afecommit | diff
make.sh: x86_64: Enable CET full

-fcf-protection enables Indirect Branch Tracking, which we have recently
enabled in the kernel. We should enable this in userspace, too.

I could not find out what GCC defaults to without any value, so this
patch is explicitely enabling IBT for function returns, indirect
function calls and indirect jumps.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
make.sh diff | blob | blame | history
IPFire 2.x development tree