webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

make.sh: x86_64: Enable CET full

Browse Source 
-fcf-protection enables Indirect Branch Tracking, which we have recently
enabled in the kernel. We should enable this in userspace, too.

I could not find out what GCC defaults to without any value, so this
patch is explicitely enabling IBT for function returns, indirect
function calls and indirect jumps.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2023-07-11 13:27:18 +00:00
parent 46e91ccc33
commit 9ea072e627
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
make.sh
View File

@@ -145,7 +145,7 @@ configure_build() {
BUILDTARGET="${build_arch}-pc-linux-gnu"
CROSSTARGET="${build_arch}-cross-linux-gnu"
BUILD_PLATFORM="x86"
CFLAGS_ARCH="-m64 -mtune=generic -fcf-protection"
CFLAGS_ARCH="-m64 -mtune=generic -fcf-protection=full"
;;
aarch64)