This is the mail archive of the
mailing list for the GCC project.
Re: [RFC][AArch64] Add support for system register based stack protector canary access
On Tue, Dec 4, 2018 at 12:58 PM Florian Weimer <firstname.lastname@example.org> wrote:
> * Wilco Dijkstra:
> >> For userland, I would like to eventually copy the OpenBSD approach for
> >> architectures which have some form of PC-relative addressing: we can
> >> have multiple random canaries in (RELRO) .rodata in sufficiently close
> >> to the code that needs them (assuming that we have split .rodata).
On AArch64 as well we've split .rodata. I think I did this with GCC 5.
All the addressing of global data is through PC relative access and in
the small model which is the default in Linux userland, I think we'll
just be fine.
> >> least for x86-64, I expect this to be a small win. It's also a slight
> >> hardening improvement if the reference canary is not stored in writable
> >> memory.
> > On AArch64 hardware pointer signing already provides a free and more robust
> > implementation of stack canaries, so we could change -fstack-protector to
> > use that when pointer signing is enabled.
> I expected to use both because not all AArch64 implementations support
> pointer signing, and we'd use the stack protector to get some coverage
> for the legacy implementations.
Indeed. until the default goes up to Armv8.3-A it's going to be default to this.