@chaoqin In https://bugs.launchpad.net/intel/+bug/1842239, the glibc patches point at https://gitlab.com/x86-glibc/glibc/-/commits/users/hjl/cet/2.31 which we have been applying. Currently we ship them as a backported patch see https://git.launchpad.net/ubuntu/+source/glibc/tree/debian/patches/ubuntu/cet- backport.diff in various branches.
However I am noticing discrepancies. For example, it seems we don't apply patches from https://gitlab.com/x86-glibc/glibc/-/commits/users/hjl/cet/PROT_SHSTK specifically https://gitlab.com/x86-glibc/glibc/-/commit/d6848e331f1bc46824de38b520348fae8b0c4f99 But also I'm not sure if we need it. I see that in the CET enabled kernel we did use ARCH_X86_CET_STATUS but our glibc is still using ARCH_CET_STATUS. Also the patch that switches to using ARCH_X86_CET_STATUS starts to use PROT_SHSTK which I cannot find in the kernel patches. Are ubuntu glibc cet patches out of date w.r.t. kernel CET patches we have tried to enable? Do you have CET patches for glibc 2.34 and for 2.31 that match the latest revisions of the kernel patches? Hoping to see something that is compatible between the two, because at the moment it looks like our glibc does not match the proposed kernel patches. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929889 Title: [TGL][ADL] Enable CET(Control-flow Enforcement Technology) To manage notifications about this bug go to: https://bugs.launchpad.net/intel/+bug/1929889/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
