Suitable compiler options are passed only when the actual feature
(XEN_IBT) is enabled, not when merely the compiler capability was found
to be available.
Fixes: 12e3410e071e ("x86/altcall: Check and optimise altcall targets")
Signed-off-by: Jan Beulich <[email protected]>
---
Furthermore, is "Optimised away ..." really appropriate in what
37ed5da851b8 ("x86/altcall: Optimise away endbr64 instruction where
possible") added? If this really was an optimization (rather than
hardening), shouldn't we purge ENDBR also when !cpu_has_xen_ibt, and
then ideally all of them? Whereas if this is mainly about hardening,
wouldn't the message better say "Purged" or "Clobbered"?
--- a/xen/arch/x86/alternative.c
+++ b/xen/arch/x86/alternative.c
@@ -295,7 +295,7 @@ static void init_or_livepatch _apply_alt
* marginal perf improvement which saves on instruction
* decode bandwidth.
*/
- if ( IS_ENABLED(CONFIG_HAS_CC_CET_IBT) )
+ if ( IS_ENABLED(CONFIG_XEN_IBT) )
{
if ( is_endbr64(dest) )
dest += ENDBR64_LEN;
