Copy:
1i5t5.duncan@cox.net (Duncan)
Am Samstag, 16. März 2024, 13:12:04 CET schrieb Duncan:
Andreas K. Huettel posted on Fri, 15 Mar 2024 19:12:54 +0100 as excerpted:
Note 3: amd64 now has CET turned on by default. https://docs.kernel.org/next/x86/shstk.html If you have already used the unannounced 23.0 profiles, you should wipe your package cache and emerge -ev world now.
There's not much about CET in any of the links. While the kernel.org link describes what it does (in a line, "yese": yet another security
enhancement) a bit, it doesn't say how to actually find whether your hardware supports it, and the gentoo wiki and bug links say even less --
in particular, unless I missed it, the changes and update instructions
links don't appear to mention CET or shadow-stacks AT ALL.
That's because it was a last-minute addition, and not particularly well
thought through. :|
Ignore Note 3. The part about emerge -ev world is just plain wrong for now.
--
Andreas K. Hüttel
dilfridge@gentoo.org
Gentoo Linux developer
(council, comrel, toolchain, base-system, perl, libreoffice)
https://wiki.gentoo.org/wiki/User:Dilfridge
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE/Rnm0xsZLuTcY+rT3CsWIV7VQSoFAmX1xe8ACgkQ3CsWIV7V QSqUdA//ZFfgsviuUEr8Lrej8coy6kI2o+B/6BConEClVmrUfvYIyIBrtXoWB6AY 1uiYZM0yeTGCVphn18VRcFmyxPXnNwc+Hn0SJ6Q4qBV/WVCrUj0o1KqJrG73VGnt Vu7MpSABGWK4lDrc4u6Jml7Jeb/S7YHbCnmfDBqhxZ8CPRwgFQoV7n+FnCDg1iY2 Hx+YP1GmUrhYVLj6TFtVRHiSWfvC4Wicsa2fC6uEDsijdv1Dg3adZ6Fpi9IlYR98 6yQlbWEs5UZzuYSr9aFmHV6ZiwrzS9ZRQjkk/K/UVpRT/92XPbZLoKTRbd9pivrR 9+eGucBWIpNnfjL09xj39S3zs5wAPj83lHoqBDImS+WQArllp2ludu5EIe+AgC3B CJNdtswflg9Cdzp4vnd1FHc2ya7dn0DJ3296t6YhbcgAKukA+4qMeIGB1e3BFX/N 9pT0p7K3Nh8JFG5rr6YL5WJuaTluTtraYxHNLsBFpP0pH+ph22rL65wOgg6ghKXU 4FwEWzXqgZ94u9rfPrJerR5Rwodqi31R8gDBnfyWkkF6m+4aFmL3STfkusCKN1yw DgtExQbibM0iXwD5NBxOvEBi5kGtPmU/MxfTWnCmjcqyPBcDT5A5YhoVRphyvdCW nbUk23BpvrwRddceuj9gUqyAQXzt3Ao9QH1H/Qa/SnwbaRXzfZ8=
=o2o9
-----END PGP SIGNATURE----