* Rick Edgecombe: > +To build a CET-enabled kernel, Binutils v2.31 and GCC v8.1 or LLVM v10.0.1 > +or later are required. To build a CET-enabled application, GLIBC v2.28 or > +later is also required. Uhm, I think we are using binutils 2.30 with extra fixes. I hope that these binaries are still valid. More importantly, glibc needs to be configured with --enable-cet explicitly (unless the compiler defaults to CET). The default glibc build with a default GCC will produce dynamically-linked executables that disable CET (when running on later/differently configured glibc builds). The statically linked object files are not marked up for CET in that case. I think the goal is to support the new kernel interface for actually switching on SHSTK in glibc 2.37. But at that point, hopefully all those existing binaries can start enjoying the STSTK benefits. Thanks, Florian
