Re: [RFC PATCH v9 05/27] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack protection

From: Dave Hansen
Date: Wed Feb 26 2020 - 20:16:30 EST

Next message: Matthew Wilcox: "Re: [v2 PATCH] mm: shmem: allow split THP when truncating THP partially"
Previous message: Yang Shi: "Re: [v2 PATCH] mm: shmem: allow split THP when truncating THP partially"
In reply to: H.J. Lu: "Re: [RFC PATCH v9 05/27] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack protection"
Next in thread: H.J. Lu: "Re: [RFC PATCH v9 05/27] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/26/20 5:02 PM, H.J. Lu wrote:
>> That way everybody with old toolchains can still build the kernel (and
>> run/test code with your config option on, btw...).
> CET requires a complete new OS image from kernel, toolchain, run-time.
> CET enabled kernel without the rest of updated OS won't give you CET
> at all.

If you require a new toolchain, nobody even builds your fancy feature.
Probably including 0day and all of the lazy maintainers with crufty old
distros.

The point isn't to actually run CET at all. The point is to get as many
people as possible testing as much of it as possible. Testing includes
compile testing, static analysis and bloat watching. It also includes
functional and performance testing when you've got the feature compiled
in but unavailable at runtime. Did this hurt anything even when I'm not
using it?

Next message: Matthew Wilcox: "Re: [v2 PATCH] mm: shmem: allow split THP when truncating THP partially"
Previous message: Yang Shi: "Re: [v2 PATCH] mm: shmem: allow split THP when truncating THP partially"
In reply to: H.J. Lu: "Re: [RFC PATCH v9 05/27] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack protection"
Next in thread: H.J. Lu: "Re: [RFC PATCH v9 05/27] x86/cet/shstk: Add Kconfig option for user-mode Shadow Stack protection"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]