Developer Guide and Reference

Contents

qcf-protection, Qcf-protection

Enables Control-flow Enforcement Technology (CET) protection, which defends your program from certain attacks that exploit vulnerabilities. This option offers preliminary support for CET.

Syntax

Linux:
-qcf-protection
[
=
keyword
]
macOS:
None
Windows:
/Qcf-protection
[
:
keyword
]
Arguments
keyword
Specifies the level of protection the compiler should perform. Possible values are:
shadow_stack
Enables shadow stack protection.
branch_tracking
Enables endbranch (EB) generation.
full
Enables both shadow stack protection and endbranch (EB) generation.
This is the same as specifying the
[q or Q]cf-protection
option with no
keyword
.
none
Disables Control-flow Enforcement Technology (CET) protection.
Default
-qcf-protection=none
or
/Qcf-protection:none
No Control-flow Enforcement protection is performed.
Desc