[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/2] tools/firmware: fix setting of fcf-protection=none
- To: Jan Beulich <jbeulich@xxxxxxxx>
- From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
- Date: Tue, 5 Apr 2022 11:09:55 +0000
- Accept-language: en-GB, en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Ei8yoeKvYI0m9hANnQYNtTOzSR3ITuGRE/zEji92RoU=; b=N2EvSqXAASNaGTd373cmBhYa5PMp6M4jCe+h2yApEAoXcuhmBH9Bn+KdlL1XyL6eMLKErUsSGp2AzhTiZf6t/s1+a5FZYNk9ffDqVHu32Up7OYdlxz3UVGcFAy/Fobxsebgha6m9kuIbADqKH+n0E8ldzwuqT1RRlHWGaER5l57f4UYiX/BQOGyj7ivc2VMbYtvITx5QRFTNk1X0xzPI2EiAssqH4EK+MfxF634EnzQCQ90cGKdIyl2CUZT5ElP1vEyDEgD++yPSwBmJjJEW4+95Va4LZbZKAow2iEd5xA0OMWUXGURkxQ1mxcKVrBA6r5PBKIwi601miEbolzNLtg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W2I+W7m3FXK7o6eGHMPPuE5oHVPcdECw3mUBmf4e8535CS+TiofFqOtdh2PufE+hTWquDvUbiEQkjGcKOyahdSUY4YMZlYPhyM2WuoIpCFAH40n20lRyRqFoAppm5de7Wk1NiZRjsz1YXSF6YHGu2oLlcS3MJZYMMZRX7eVZOqizNKWDmRb/IKZIcr6G88qJUQbk+x5wMmta3Ic30ByvdmYkRFYN5lcGZmJE5vgsJsLIN4A/y4xKPOEamfRrZ2lqAi69VxCD/1stGbA6vv9F2m5QCCyGott8O5lOeaB5NU1DQ/y/pFy2K3IK7bPG/IAPT7qWTguWwz7UhXKidC7Xcg==
- Authentication-results: esa3.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
- Cc: Wei Liu <wl@xxxxxxx>, Anthony Perard <anthony.perard@xxxxxxxxxx>, "Roger Pau Monne" <roger.pau@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- Delivery-date: Tue, 05 Apr 2022 11:10:12 +0000
- Ironport-data: A9a23:OVDVUqPLIMsFwu7vrR23l8FynXyQoLVcMsEvi/4bfWQNrUpwgTEDz 2EeD2vUO63eazb1Ktlxboiw8R5X6pPXndZnQQto+SlhQUwRpJueD7x1DKtR0wB+jCHnZBg6h ynLQoCYdKjYdleF+lH1dOKJQUBUjclkfJKlYAL/En03FFcMpBsJ00o5wbZl2tMw2LBVPivW0 T/Mi5yHULOa82Yc3lI8s8pvfzs24ZweEBtB1rAPTagjUG32zhH5P7pGTU2FFFPqQ5E8IwKPb 72rIIdVXI/u10xF5tuNyt4Xe6CRK1LYFVDmZnF+A8BOjvXez8CbP2lS2Pc0MC9qZzu1c99Zw ZZElMKyQxkTPPOQt+I0WSFKLxBCIvgTkFPHCSDXXc27ykTHdz3nwul0DVFwNoodkgp1KTgQr 7pCcmlLN03dwbLtqF64YrAEasALBc/nJo4A/FpnyinUF60OSpHfWaTao9Rf2V/cg+gQTa6FP ppIOVKDajzDUhl0ZAwuL6s4xuGLn3y4dz0flmqK8P9fD2/7k1UqjemF3MDuUsyHQ4BZk1iVo krC/n/lGVcKOdqH0z2H/3mwwOjVkkvTR4Y6BLC+sPlwjzW7xGYeFRkXXluTuuSihwi1XNc3F qAP0nNw9+5orhXtF4SjGU3jyJKZgvICc9MTGsxk6guT8KiKvymfL2I8XAJwVMNz4afaWgcW/ lOOmtroAxlmv7uUVW+R+9+okN+iBcQGBTRcPHFZFGPp9/Gm+dhu1UyXEr6PBYbv1rXI9SfML ydmRcTUr5EaloY12qqy5jgraBr898GSHmbZCug6N19JDz+Vhqb4PORECnCBtJ6sybp1qHHb4 RDofODEsYgz4WmlznDlfQn0NOjBCwy5GDPdm0VzOJIq6i6g/XWuFagJvm0vfB0xbptYImO1C KM2he+3zMUOVJdNRfUpC79d9uxwlfSwfTgbfq68giVyjmhZK1bcoXAGib+41GHxikk8+ZzTy r/AGftA+U0yUPw9pBLvHr91+eZymkgWmDOCLbimnk/P+efPOxaopUItbQLmghYRt/jf/m04M r93aqO39vmoeLanOHOKrtdPcwtiwLpSLcmelvG7v9Wre2JOMGogF+XQ0fUmfYlklL5SjeDG4 je2XUow9bY1rSevxdmiApy7VI7SYA==
- Ironport-hdrordr: A9a23:NRgmeqENDFM52XcIpLqFSJHXdLJyesId70hD6qkvc3Jom52j+P xGws526fatskdsZJkh8erwXJVp2RvnhNBICPoqTMiftW7dySqVxeBZnMTfKljbehEWmdQtrZ uIH5IOauEYSGIK8PoSgzPIU+rIouP3i5xA7N22pxwGIGEaCJ2IrT0JcDpzencGHjWubqBJc6 Z0k/A33gZIDk5nCPhTaEN1OtTrlpnurtbLcBQGDxko5E2lljWz8oP3FBCew1M3Ty5P6a1Kyx mHryXJooGY992rwB7V0GHeq75MnsH699dFDMuQzuAINzTXjBqybogJYczBgNl1mpDr1L8Zqq iKn/4SBbU015oXRBDtnfLZ4Xil7N/p0Q679bbXuwq5nSWzfkNFNyMIv/MpTvKe0Tt8gDg06t M544rS3aAnfS/ojWDz4cPFWAptkVfxqX0+kfQLh3gaSocGbqRNxLZvtn+9Pa1wVB4S0rpXW9 WGzfusk8p+YBefdTTUr2NvyNujUjA6GQqHWFELvoiQ3yJNlH50wkMEzIhH901wuK4VWt1B/a DJI65onLZBQosfar98Hv4IRY+yBnbWSRzBPWqOKRDsFb0BOXjKt5nriY9Fqd2CadgN1t8/iZ 7BWFRXuSo7fF/vE9SH2NlR/hXEUAyGLH3QIwFllu5EU5HHNc/W2He4OSITeuOb0oEiPvE=
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
- Thread-index: AQHYRdaC1Ty1lDbR3E6vxjqdlx39GKzbI4SAgAAExYCABfjsgIAAC0sAgAABkQCAAAGdgA==
- Thread-topic: [PATCH 1/2] tools/firmware: fix setting of fcf-protection=none
On 05/04/2022 12:04, Jan Beulich wrote:
> On 05.04.2022 12:58, Andrew Cooper wrote:
>> On 05/04/2022 11:18, Jan Beulich wrote:
>>> On 01.04.2022 17:05, Andrew Cooper wrote:
>>>> On 01/04/2022 15:48, Andrew Cooper wrote:
>>>>> On 01/04/2022 15:37, Roger Pau Monne wrote:
>>>>>> Setting the fcf-protection=none option in EMBEDDED_EXTRA_CFLAGS in the
>>>>>> Makefile doesn't get it propagated to the subdirectories, so instead
>>>>>> set the flag in firmware/Rules.mk, like it's done for other compiler
>>>>>> flags.
>>>>>>
>>>>>> Fixes: 3667f7f8f7 ('x86: Introduce support for CET-IBT')
>>>>>> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>>>>> Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>>>> This also needs backporting with the XSA-398 CET-IBT fixes.
>>> I don't think so - the backports of the original commit didn't include
>>> what this patch fixes. I have queued patch 2 of this series though.
>> In which case I screwed up the backport. (I remember spotting this bug
>> and thought I'd corrected it, but clearly not.) tools/firmware really
>> does need to be -fcf-protection=none to counteract the defaults in
>> Ubuntu/etc.
> Okay, I'll adjust title and description some then while doing the backport.
Thanks, and sorry for this mess.
~Andrew
|