From: Daniele Buono <dbuono@linux.vnet.ibm.com>
To: Stefan Hajnoczi <stefanha@gmail.com>
Cc: Kevin Wolf <kwolf@redhat.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
qemu-devel@nongnu.org, Stefan Hajnoczi <stefanha@redhat.com>
Subject: Re: [PATCH 3/4] configure: add flag to enable SafeStack
Date: Wed, 27 May 2020 09:48:56 -0400 [thread overview]
Message-ID: <428c9546-ce0c-1213-63d3-d53d9ac9dddc@linux.vnet.ibm.com> (raw)
In-Reply-To: <20200527111212.GC29137@stefanha-x1.localdomain>
Hi Stefan, a quick clarification on configure:
right now, in configure, there's
* "Advanced Options (experts only)"
which usually don't have both enable and disable for each option, and
* "Optional features, enabled with --enable-FEATURE and
disabled with --disable-FEATURE, default is enabled if available:"
How do you think SafeStack should be classified?
* If we do it as Advanced option, we should probably force it disabled
unless --enable-safe-stack is provided. In this case
--disable-safe-stack is not really necessary.
* If we do it as optional feature, I have two ways to handle the default:
1. enable/disable based on the compilation flags given to configure
2. enable every time the provided compiler supports it
On 5/27/2020 7:12 AM, Stefan Hajnoczi wrote:
> On Fri, May 22, 2020 at 11:24:46AM -0400, Daniele Buono wrote:
>> I would feel more confident by adding another check in configure to make
>> sure that the user didn't enable SafeStack manually through other means,
>> like manually setting the option through extra_cflags.
>> What do you think?
>
> Sure, a compile_prog call could check if SafeStack is enable when it
> shouldn't be.
>
> This can be done together with a --disable option.
>
> Stefan
>
next prev parent reply other threads:[~2020-05-27 13:49 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-29 19:44 [PATCH 0/4] Add support for SafeStack Daniele Buono
2020-04-29 19:44 ` [PATCH 1/4] coroutine: support SafeStack in ucontext backend Daniele Buono
2020-05-21 9:44 ` Stefan Hajnoczi
2020-05-22 15:18 ` Daniele Buono
2020-05-27 10:34 ` Stefan Hajnoczi
2020-04-29 19:44 ` [PATCH 2/4] coroutine: Add check for SafeStack in sigalstack Daniele Buono
2020-05-04 14:56 ` Philippe Mathieu-Daudé
2020-05-21 9:49 ` Stefan Hajnoczi
2020-05-27 17:56 ` Daniele Buono
2020-04-29 19:44 ` [PATCH 3/4] configure: add flag to enable SafeStack Daniele Buono
2020-05-21 9:52 ` Stefan Hajnoczi
2020-05-22 15:24 ` Daniele Buono
2020-05-27 11:12 ` Stefan Hajnoczi
2020-05-27 13:48 ` Daniele Buono [this message]
2020-04-29 19:44 ` [PATCH 4/4] check-block: Enable iotests with SafeStack Daniele Buono
2020-05-21 9:59 ` Stefan Hajnoczi
2020-05-22 15:35 ` Daniele Buono
2020-05-27 11:13 ` Stefan Hajnoczi
2020-05-04 14:55 ` [PATCH 0/4] Add support for SafeStack Philippe Mathieu-Daudé
2020-05-05 13:15 ` Philippe Mathieu-Daudé
2020-05-05 13:31 ` Daniel P. Berrangé
2020-05-05 13:56 ` Philippe Mathieu-Daudé
2020-05-13 14:48 ` Daniele Buono
2020-05-21 10:00 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=428c9546-ce0c-1213-63d3-d53d9ac9dddc@linux.vnet.ibm.com \
--to=dbuono@linux.vnet.ibm.com \
--cc=kwolf@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@gmail.com \
--cc=stefanha@redhat.com \
--cc=tobin@ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).