This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [RFC][AArch64] Add support for system register based stack protector canary access

From: Wilco Dijkstra <Wilco dot Dijkstra at arm dot com>
To: Florian Weimer <fweimer at redhat dot com>, GCC Patches <gcc-patches at gcc dot gnu dot org>
Cc: nd <nd at arm dot com>
Date: Tue, 4 Dec 2018 03:51:02 +0000
Subject: Re: [RFC][AArch64] Add support for system register based stack protector canary access

Hi,

Florian wrote:
> For userland, I would like to eventually copy the OpenBSD approach for
> architectures which have some form of PC-relative addressing: we can
> have multiple random canaries in (RELRO) .rodata in sufficiently close
> to the code that needs them (assuming that we have split .rodata).  At
> least for x86-64, I expect this to be a small win.  It's also a slight
> hardening improvement if the reference canary is not stored in writable
> memory.

On AArch64 hardware pointer signing already provides a free and more robust
implementation of stack canaries, so we could change -fstack-protector to
use that when pointer signing is enabled.

Wilco

Follow-Ups:
- Re: [RFC][AArch64] Add support for system register based stack protector canary access
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]