| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
 Re: [PATCH 1/2] tools/firmware: fix setting of fcf-protection=none
 
To: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>From: Jan Beulich <jbeulich@xxxxxxxx>Date: Tue, 5 Apr 2022 13:04:08 +0200Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=noneArc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iJvghX+akbrjmhlUKpqO8xXlIRC1cc3Qbff6qaDoSYg=; b=L0rhGGOs/IaOQT2H4or5wKMLXBbu0QHrfhJLQmm2CMOllAE9cbg8HCnd13yt9+1o024bbmAZVMiZShEH8R+uWfP9A1xPt6V3U+v4DOFXcum7XJXTB78P4bxSZqIxuozde/d4uOGITwv2iXFy+gSgwgeE6/+wT88tnTOm39DZnsAF34yvtiJ1fOjTPfiR6w/c1dwBgVQfVoYeChodp6plrhp9qOnoWyDF7Mr87Y6Fm85rh78vw3TwE7cGR2OWxzNToY6K0L2GyqBc7UfOE1292zV0vMgYOBFvZ5ZM92DP4KhAX2MTLYviswXyumNlDDajcjcviJdVGpzEw8xkn131Og==Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Y97SfqWICasbae7XruQzC5aizdoMtrWhI9EHGpunVmSO88fm+UvhJgFjdnSvhyn9tBTtxGooicx/4//8hOBUQ0VkT0wZDVVxbmor+ZJx1AVORSdDlG6P5PdNN5s0jRwgrQXfg0wT6w2jVxNnmz0yI2WBfTd1b5/lOBVvmrzXmhGJBmgXoPo52LMgUH2f68RTomd++0yvkU4ybUvbbjuwL6woNuKGVFQ14eVqMGtSV/FlVsJ/4YwTYyZG/JgLfYZhWv6Aa6p05YYReI7fb698x9LaT5ZdfQVQPH7DPr8AgVBoPozQpdMOavxITwlZ4o9muTOditrOoaDtAMaKTwtMLA==Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;Cc: Wei Liu <wl@xxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>Delivery-date: Tue, 05 Apr 2022 11:04:16 +0000List-id: Xen developer discussion <xen-devel.lists.xenproject.org> 
 On 05.04.2022 12:58, Andrew Cooper wrote:
> On 05/04/2022 11:18, Jan Beulich wrote:
>> On 01.04.2022 17:05, Andrew Cooper wrote:
>>> On 01/04/2022 15:48, Andrew Cooper wrote:
>>>> On 01/04/2022 15:37, Roger Pau Monne wrote:
>>>>> Setting the fcf-protection=none option in EMBEDDED_EXTRA_CFLAGS in the
>>>>> Makefile doesn't get it propagated to the subdirectories, so instead
>>>>> set the flag in firmware/Rules.mk, like it's done for other compiler
>>>>> flags.
>>>>>
>>>>> Fixes: 3667f7f8f7 ('x86: Introduce support for CET-IBT')
>>>>> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>>>> Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>>> This also needs backporting with the XSA-398 CET-IBT fixes.
>> I don't think so - the backports of the original commit didn't include
>> what this patch fixes. I have queued patch 2 of this series though.
> 
> In which case I screwed up the backport.  (I remember spotting this bug
> and thought I'd corrected it, but clearly not.)  tools/firmware really
> does need to be -fcf-protection=none to counteract the defaults in
> Ubuntu/etc.
Okay, I'll adjust title and description some then while doing the backport.
Jan
 |