This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [RFC][AArch64] Add support for system register based stack protector canary access

On Tue, Dec 4, 2018 at 12:58 PM Florian Weimer <fweimer@redhat.com> wrote:
>
> * Wilco Dijkstra:
>
> >> For userland, I would like to eventually copy the OpenBSD approach for
> >> architectures which have some form of PC-relative addressing: we can
> >> have multiple random canaries in (RELRO) .rodata in sufficiently close
> >> to the code that needs them (assuming that we have split .rodata).

On AArch64 as well we've split .rodata. I think I did this with GCC 5.

All the addressing of global data is through PC relative access and in
the small model which is the default in Linux userland, I think we'll
just be fine.

>  At
> >> least for x86-64, I expect this to be a small win.  It's also a slight
> >> hardening improvement if the reference canary is not stored in writable
> >> memory.
> >
> > On AArch64 hardware pointer signing already provides a free and more robust
> > implementation of stack canaries, so we could change -fstack-protector to
> > use that when pointer signing is enabled.
>
> I expected to use both because not all AArch64 implementations support
> pointer signing, and we'd use the stack protector to get some coverage
> for the legacy implementations.

Indeed. until the default goes up to Armv8.3-A it's going to be default to this.


regards
Ramana

>
> Thanks,
> Florian
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]