> On Feb 26, 2020, at 6:11 PM, H.J. Lu <hjl.tools@xxxxxxxxx> wrote: > > On Wed, Feb 26, 2020 at 5:16 PM Dave Hansen <dave.hansen@xxxxxxxxx> wrote: >> >> On 2/26/20 5:02 PM, H.J. Lu wrote: >>>> That way everybody with old toolchains can still build the kernel (and >>>> run/test code with your config option on, btw...). >>> CET requires a complete new OS image from kernel, toolchain, run-time. >>> CET enabled kernel without the rest of updated OS won't give you CET >>> at all. >> >> If you require a new toolchain, nobody even builds your fancy feature. >> Probably including 0day and all of the lazy maintainers with crufty old >> distros. > > GCC 8 or above is needed since vDSO must be compiled with > --fcf-protection=branch. Fair enough. I don’t particularly want to carry a gross hack to add the ENDBRANCHes without compiler support.
