libmilter is not built with local CFLAGS and LDFLAGS (originally: not built with SHSTK and IBT support)

Description:

Update: I renamed this Issue to "libmilter is not built with local CLFLAGS and LDFLAGS". The remainder of this post is the original post, dealing with the lack of SHSTK and IBT support.

libmilter is not built with SHSTK and IBT support. It does not use the flags from /etc/makepkg.conf (in this case: -fcf-protection).

As a result, packages that use parts of libmilter can also not be built with SHSTK/IBT support (Cf. [imlib2!2 (comment 189307)] for an explanation by @loqs, and this post on the Arch Linux forums for the issue I was facing).

I believe that this is an Arch Linux bug, and not upstream, because Arch Linux has enabled CET-protection distribution-wide, but this is unset by upstream.

Additional info:

package version(s): libmilter 8.18.1-1

Steps to reproduce:

Manually build libmilter
Run $ readelf --notes /usr/lib/libmilter.a | grep -E 'SHSTK|IBT' to verify support for SHSTK and/or IBT.

Edited Nov 26, 2024 by Edmund Lodewijks

Admin message

libmilter is not built with local CFLAGS and LDFLAGS (originally: not built with SHSTK and IBT support)

Description:

Additional info:

Steps to reproduce: