This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH] x86/CET: Document glibc.tune.x86_ibt and glibc.tune.x86_shstk
- From: "H.J. Lu" <hongjiu dot lu at intel dot com>
- To: GNU C Library <libc-alpha at sourceware dot org>
- Date: Tue, 17 Jul 2018 20:04:49 -0700
- Subject: [PATCH] x86/CET: Document glibc.tune.x86_ibt and glibc.tune.x86_shstk
- Reply-to: "H.J. Lu" <hjl dot tools at gmail dot com>
OK for master?
H.J.
---
* manual/tunables.texi: Document glibc.tune.x86_ibt and
glibc.tune.x86_shstk.
---
manual/tunables.texi | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/manual/tunables.texi b/manual/tunables.texi
index be33c9fc79..7998b3b7e6 100644
--- a/manual/tunables.texi
+++ b/manual/tunables.texi
@@ -356,3 +356,26 @@ to set threshold in bytes for non temporal store.
This tunable is specific to i386 and x86-64.
@end deftp
+
+@deftp Tunable glibc.tune.x86_ibt
+The @code{glibc.tune.x86_ibt=[on|off|permissive]} tunable allows the user
+to control how indirect branch tracking (IBT) should be enabled.
+@code{on} always turns on IBT regardless of whether IBT is enabled in the
+executable and its dependent shared libraries. @code{off} always turns
+off IBT regardless of whether IBT is enabled in the executable and its
+dependent shared libraries. @code{permissive} is the same as the default.
+
+This tunable is specific to i386 and x86-64.
+@end deftp
+
+@deftp Tunable glibc.tune.x86_shstk
+The @code{glibc.tune.x86_shstk=[on|off|permissive]} tunable allows the
+user to control how shadow stack (SHSTK) should be enabled. @code{on}
+always turns on SHSTK regardless of whether SHSTK is enabled in the
+executable and its dependent shared libraries. @code{off} always turns
+off SHSTK regardless of whether SHSTK is enabled in the executable and
+its dependent shared libraries. @code{permissive} turns off SHSTK when
+dlopening a legacy shared library, instead of returns an error.
+
+This tunable is specific to i386 and x86-64.
+@end deftp
--
2.17.1