The reason why I believe that a test for the autoconf-generated "configure" script is not necessary is that the prctl() system call has been introduced as early as in Linux kernel 2.1.57: I suppose this is already checked pretty well by the #ifdef __linux__ statement.
As already stated, whether the prctl() system call is actually able to configure the CPU speculative-execution features is determined at compile-time by the remaining #ifdef statements of the proposed patch. On Mon, 26/05/2025 at 16.46 +0200, Werner Koch wrote: > Hi! > > On Mon, 26 May 2025 14:00, Guido Trentalancia said: > > Disable CPU speculation-related misfeatures which are in > > fact vulnerabilities causing data leaks: > > If that is a misfeature it needs to be fixed at the pläce where it > was > introduced and not just in a single binary. If this code is really > needed it would first of all be useful in Libgcrypt only then then > you > should put it into gnupg/common/init.c:early_system_init. > > Specific Linux code is in general not a good idea, if that is > required, > please write a proper configure test for this feature and use a > dedicated macro. A more detailed explanation of the pro and cons > would > also be appreciated. > > > > Shalom-Salam, > > Werner > _______________________________________________ Gnupg-devel mailing list Gnupg-devel@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-devel
