On Wed, 18 Apr 2018, Uros Bizjak wrote: > Hello! > > Currently, CET is enabled by default for linux if target supports > multi-byte NOPs and if assembler supports CET insn. Effectively, with > newer binutils, CET support is an opt-out feature. > > I don't think this should be the case, and I propose to consider CET > as an opt-in feature. Multi-byte NOPs have non-zero cost (at least > they increase the binary). If someone wants to enable the feature, it > can be done in less surprising way to --enable-cet during configure > time. > > I'd like to hear the opinion of RMs, if CET should remain to be an > opt-out feature by default?
My personal opinion is that CET should be opt-in (I explicitely disable it for SUSE). I'm not sure if it doesn't go the way MPX did and given there's not even rumors when silicon will have an actual implementation nor whether the competition will (be allowed to) implement it it's too early to force it on everybody. Just my 2 cents - I can live with providing --disable-cet manually as well. I note that changes.html doesn't say anything about this new default or the way to disable it which IMHO needs fixing (in either case). Richard.
