On Thu, Jul 4, 2024 at 10:17 AM Conor Dooley <conor@xxxxxxxxxx> wrote: > > For these security related options, like CFI_CLANG or RANDSTRUCT, I'm > inclined to say that RUST is actually what should grow the depends on. > That way it'll be RUST that gets silently disabled in configs when patch > 1 gets backported (where it is mostly useless anyway) rather than SCS > nor will it disable SCS when someone enables RUST in their config, > instead it'd be a conscious choice. I agree, we shouldn't silently disable hardening features when Rust is enabled. Sami
