On 05.04.2022 12:58, Andrew Cooper wrote:
> On 05/04/2022 11:18, Jan Beulich wrote:
>> On 01.04.2022 17:05, Andrew Cooper wrote:
>>> On 01/04/2022 15:48, Andrew Cooper wrote:
>>>> On 01/04/2022 15:37, Roger Pau Monne wrote:
>>>>> Setting the fcf-protection=none option in EMBEDDED_EXTRA_CFLAGS in the
>>>>> Makefile doesn't get it propagated to the subdirectories, so instead
>>>>> set the flag in firmware/Rules.mk, like it's done for other compiler
>>>>> flags.
>>>>>
>>>>> Fixes: 3667f7f8f7 ('x86: Introduce support for CET-IBT')
>>>>> Signed-off-by: Roger Pau Monné <roger....@citrix.com>
>>>> Acked-by: Andrew Cooper <andrew.coop...@citrix.com>
>>> This also needs backporting with the XSA-398 CET-IBT fixes.
>> I don't think so - the backports of the original commit didn't include
>> what this patch fixes. I have queued patch 2 of this series though.
>
> In which case I screwed up the backport. (I remember spotting this bug
> and thought I'd corrected it, but clearly not.) tools/firmware really
> does need to be -fcf-protection=none to counteract the defaults in
> Ubuntu/etc.
Okay, I'll adjust title and description some then while doing the backport.
Jan
