Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1847148
Summary: | Aarch64 Pointer Authentication & Branch Target Enablement | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Ben Cotton <bcotton> |
Component: | Changes Tracking | Assignee: | Jeremy Linton <jeremy.linton> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 33 | CC: | bcotton, fweimer, jlinton, pbrobinson |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-10-27 14:47:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1861423, 1862110 | ||
Bug Blocks: | 245418, 1860404 |
Description
Ben Cotton
2020-06-15 19:03:43 UTC
We should hold off on getting the flag in until gcc 10.2 lands as there are a couple PAC fixes in 10.2 we will want. I went with the KISS method, and just added it to the optflags. The pull request is here: https://src.fedoraproject.org/rpms/redhat-rpm-config/pull-request/97 There is a build here: https://koji.fedoraproject.org/koji/taskinfo?taskID=47357962 The gcc bug that should be integrated before the mass rebuild is: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94891 The fix has been backported to gcc 9/10.1 and is in the 10.2 branch as well. Its not clear to me if fedora is planning on moving to 10.2 before the rebuild, otherwise I can create a PR for the 10.1 backport. As far as I can tell, this change requires special builds of gcc and glibc: https://sourceware.org/pipermail/libc-alpha/2020-July/116611.html As a result, the mass rebuild will NOT complete this change. I've checked with Szabolcs, and its his understanding too that simply building gcc with mbranch-protection=standard will do what we want. Branching F33 Change Tracker bugs. Today is the code complete (testable) deadline. All bugs should be at least in MODIFIED state by now to indicate they are testable. Large parts of this are in place, I need to test/validate functionality, but I think the distro has definitely been "modified" so that is my error for not setting the bz state. Yesterday we reached the Code complete (100% code complete) deadline for Fedora 33 Changes. If your Change is complete, please set this tracking bug to ON_QA. If you need to defer this Change to Fedora 34, please let NEEDINFO me. As a reminder, we are now in the Beta Freeze. If you need to land package updates, please propose it as a Freeze Exception at https://qa.fedoraproject.org/blockerbugs/propose_bug I've been testing this on a v8.0 machine (honeycomb, rpi4) as well as a v8.5 model, and everything looks reasonable at the moment. Closing tracking bugs for F33. If your change didn't make it into F33 for some reason, please reopen this and NEEDINFO me. |