This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [RFC][AArch64] Add support for system register based stack protector canary access
- From: Wilco Dijkstra <Wilco dot Dijkstra at arm dot com>
- To: Florian Weimer <fweimer at redhat dot com>, GCC Patches <gcc-patches at gcc dot gnu dot org>
- Cc: nd <nd at arm dot com>
- Date: Tue, 4 Dec 2018 03:51:02 +0000
- Subject: Re: [RFC][AArch64] Add support for system register based stack protector canary access
Hi,
Florian wrote:
> For userland, I would like to eventually copy the OpenBSD approach for
> architectures which have some form of PC-relative addressing: we can
> have multiple random canaries in (RELRO) .rodata in sufficiently close
> to the code that needs them (assuming that we have split .rodata). At
> least for x86-64, I expect this to be a small win. It's also a slight
> hardening improvement if the reference canary is not stored in writable
> memory.
On AArch64 hardware pointer signing already provides a free and more robust
implementation of stack canaries, so we could change -fstack-protector to
use that when pointer signing is enabled.
Wilco