dev-debug/gdb | Enable Intel Control-flow Enforcement Technology. |
---|
dev-lang/gnat-gpl | Enable support for Intel Control Flow Enforcement Technology (CET) |
---|
llvm-core/clang-common | Enable support for control flow hijacking protection. On amd64, this provides Intel Control Flow Enforcement Technology (CET). Only provides benefits on newer CPUs. For Intel, the CPU must be at least as new as Tiger Lake. For AMD, it must be at least as new as Zen 3. This is harmless on older CPUs, but provides no benefit either. |
---|
sys-devel/binutils | Enable Intel Control-flow Enforcement Technology. |
---|
sys-devel/binutils-hppa64 | Enable Intel Control-flow Enforcement Technology. |
---|
sys-devel/gcc | Enable support for control flow hijacking protection. On amd64, this provides Intel Control Flow Enforcement Technology (CET). On arm64, this provides Branch Target Identification (BTI) and Pointer Authentication Code (PAC) support. This is only effective on amd64 or arm64. Only provides benefits on newer CPUs. For Intel, the CPU must be at least as new as Tiger Lake. For AMD, it must be at least as new as Zen 3. This is harmless on older CPUs, but provides no benefit either. For ARM64, PAC was introduced in armv8.3-a, and BTI was introduced in armv8.5-a. When combined with USE=hardened on amd64, GCC will set -fcf-protection by default when building software. The effect is minimal on systems which do not support it, other than a possible small increase in codesize for the NOPs. The generated code is therefore compatible with i686 at the earliest. On arm64, GCC will set -mbranch-protection=standard by default when building software. |
---|
sys-libs/binutils-libs | Enable Intel Control-flow Enforcement Technology. |
---|
sys-libs/glibc | Enable Intel Control-flow Enforcement Technology (needs binutils 2.29 and gcc 8) |
---|