This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [RFC][AArch64] Add support for system register based stack protector canary access
- From: Florian Weimer <fweimer at redhat dot com>
- To: Ramana Radhakrishnan <Ramana dot Radhakrishnan at arm dot com>
- Cc: James Greenhalgh <James dot Greenhalgh at arm dot com>, Richard Earnshaw <Richard dot Earnshaw at arm dot com>, Marcus Shawcroft <Marcus dot Shawcroft at arm dot com>, "gcc-patches\@gcc.gnu.org" <gcc-patches at gcc dot gnu dot org>, Ard Biesheuvel <ard dot biesheuvel at linaro dot org>, Will Deacon <Will dot Deacon at arm dot com>, Mark Rutland <Mark dot Rutland at arm dot com>, nd <nd at arm dot com>
- Date: Mon, 03 Dec 2018 16:30:53 +0100
- Subject: Re: [RFC][AArch64] Add support for system register based stack protector canary access
- References: <7a5a57fa-629d-d2ff-6292-e0893647ec8a@arm.com>
* Ramana Radhakrishnan:
> I don't intend to change the defaults in userland, we've discussed this
> for user-land in the past and as far as glibc and userland is concerned
> we stick to the options as currently existing. The system register
> option is really for the kernel to use along with an offset as they
> control their ABI and this is a decision for them to make.
For userland, I would like to eventually copy the OpenBSD approach for
architectures which have some form of PC-relative addressing: we can
have multiple random canaries in (RELRO) .rodata in sufficiently close
to the code that needs them (assuming that we have split .rodata). At
least for x86-64, I expect this to be a small win. It's also a slight
hardening improvement if the reference canary is not stored in writable
memory.
Thanks,
Florian