On 05/04/2022 12:04, Jan Beulich wrote:
> On 05.04.2022 12:58, Andrew Cooper wrote:
>> On 05/04/2022 11:18, Jan Beulich wrote:
>>> On 01.04.2022 17:05, Andrew Cooper wrote:
>>>> On 01/04/2022 15:48, Andrew Cooper wrote:
>>>>> On 01/04/2022 15:37, Roger Pau Monne wrote:
>>>>>> Setting the fcf-protection=none option in EMBEDDED_EXTRA_CFLAGS in the
>>>>>> Makefile doesn't get it propagated to the subdirectories, so instead
>>>>>> set the flag in firmware/Rules.mk, like it's done for other compiler
>>>>>> flags.
>>>>>>
>>>>>> Fixes: 3667f7f8f7 ('x86: Introduce support for CET-IBT')
>>>>>> Signed-off-by: Roger Pau Monné <roger....@citrix.com>
>>>>> Acked-by: Andrew Cooper <andrew.coop...@citrix.com>
>>>> This also needs backporting with the XSA-398 CET-IBT fixes.
>>> I don't think so - the backports of the original commit didn't include
>>> what this patch fixes. I have queued patch 2 of this series though.
>> In which case I screwed up the backport. (I remember spotting this bug
>> and thought I'd corrected it, but clearly not.) tools/firmware really
>> does need to be -fcf-protection=none to counteract the defaults in
>> Ubuntu/etc.
> Okay, I'll adjust title and description some then while doing the backport.
Thanks, and sorry for this mess.
~Andrew
