On Wed, Feb 26, 2020 at 5:16 PM Dave Hansen <dave.hansen@xxxxxxxxx> wrote: > > On 2/26/20 5:02 PM, H.J. Lu wrote: > >> That way everybody with old toolchains can still build the kernel (and > >> run/test code with your config option on, btw...). > > CET requires a complete new OS image from kernel, toolchain, run-time. > > CET enabled kernel without the rest of updated OS won't give you CET > > at all. > > If you require a new toolchain, nobody even builds your fancy feature. > Probably including 0day and all of the lazy maintainers with crufty old > distros. GCC 8 or above is needed since vDSO must be compiled with --fcf-protection=branch. > The point isn't to actually run CET at all. The point is to get as many > people as possible testing as much of it as possible. Testing includes > compile testing, static analysis and bloat watching. It also includes > functional and performance testing when you've got the feature compiled > in but unavailable at runtime. Did this hurt anything even when I'm not > using it? > I will leave the CET toolchain issue to Yu-cheng. -- H.J.
