]> git.ipfire.org Git - people/ms/ipfire-2.x.git/commitdiff
projects / people / ms / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3e1de47)
glibc: Enable CET
authorMichael Tremer <michael.tremer@ipfire.org>
Thu, 5 Aug 2021 16:00:45 +0000 (16:00 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Fri, 4 Feb 2022 13:33:53 +0000 (13:33 +0000)
Enable Intel Control-flow Enforcement Technology (CET) support
to protect the library with indirect branch tracking (IBT) and
shadow stack (SHSTK).

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
lfs/glibc patch | blob | blame | history

diff --git a/lfs/glibc b/lfs/glibc
index e7f2a71c533e0aa11f3bf7bd64c14e4367581db7..9c631de4c11762aaacc04f34280eeafff470ca2f 100644 (file)
--- a/lfs/glibc
+++ b/lfs/glibc
@@ -65,6 +65,10 @@ EXTRA_CONFIG += \
        --enable-bind-now \
        --disable-crypt
 
+ifeq "$(BUILD_ARCH)" "x86_64"
+       EXTRA_CONFIG += --enable-cet
+endif
+
 ###############################################################################
 # Top-level Rules
 ###############################################################################
Michael's tree of IPFire 2.x.