On Wed, Feb 14, 2024 at 07:59:26PM +0000, Iain Sandoe wrote:
> I have just one question;
>
> from your patch the use of endbr* seems to be unconditionally based on the
> flags used to build libgcc.
>
> However, I was expecting that the use of extended trampolines like this would
> depend on command line flags used to compile the end-user’s code.
I think for CET the rule is you need everything to be compiled with the CET
options, including libgcc, trying to mix and match objects built one and
another way unless one is lucky and there are no indirect calls to something
that isn't marked is not going to work when enforcing it.
And, the endbr* insn acts as a nop on older CPUs (ok, except for VIA or
something similar or pre-i686?) or when not enforcing.
So, if CET is enabled while building libgcc, the insns in there don't hurt,
and if the gcc libraries aren't build with CET, one really can't use it.
Jakub
