[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 2/2] x86/boot: Drop .note.gnu.properties in build32.lds

On 12.05.2020 17:58, Andrew Cooper wrote:
> On 12/05/2020 16:32, Jan Beulich wrote:
>> On 12.05.2020 05:39, Jason Andryuk wrote:
>>> Discard the .note.gnu.property section when linking to avoid the extra
>>> bytes.
>> If we go this route (and if, as per above, I'm misremembering,
>> meaning we didn't reject such a change earlier on), why would we
>> not strip .note and .note.* in one go?
>>
>>> Stefan Bader also noticed that build32.mk requires -fcf-protection=none
>>> or else the hypervisor will not boot.
>>> https://bugs.launchpad.net/ubuntu/+source/gcc-9/+bug/1863260
>> How's this related to the change here?
> 
> I think there is a bit of confusion as to exactly what is going on.
> 
> Ubuntu defaults -fcf-protection to enabled, which has a side effect of
> turning on CET, which inserts ENDBR{32,64} instructions and generates
> .note.gnu.properties indicating that the binary is CET-IBT compatible.

I.e. in principle this 2nd patch wouldn't be necessary at all if
we forced -fcf-protection=none unilaterally, and provided build32.mk
properly inherits CFLAGS. Discarding note sections may still be
a desirable thing to do though ...

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.