Patch ping - Add a new option "-fstack-protector-strong"
Han Shen(沈涵)
shenhan@google.com
Tue May 7 17:20:00 GMT 2013
On Wed, May 1, 2013 at 2:00 PM, Jeff Law <law@redhat.com> wrote:
> On 04/26/2013 10:45 AM, Han Shen(沈涵) wrote:
>>
>> Hi, I'd like to ping the patch '-fstack-protector-strong':
>>
>> - http://gcc.gnu.org/ml/gcc-patches/2013-04/msg00945.html
>> Add a new option '-fstack-protector-strong' to protect only
>> stack-smashing-vulnerable functions.
>>
>> Thanks,
>> H.
>>
>
> In cfgexpand.c, please make the constants an enum rather than #define. The
> former is visible in a debugger, the latter generally isn't. If you could
> order them numerically, it'd be helpful as well.
Done.
>
>
> - if (flag_stack_protect == 2)
> + if (flag_stack_protect == SPCT_FLAG_ALL ||
> + flag_stack_protect == SPCT_FLAG_STRONG)
>
> GNU coding standards mandate the operator go on the next line when splitting
> lines. So something like
>
> if (flag_stack_protect == SPCT_FLAG_ALL
> || flag_stack_protect == SPCT_FLAG_STRONG)
>
>
> Similarly in expand_used_vars.
Thanks, done. (New patched replied in the original thread.)
>
> How do you plan on handling Florian's retslot issue? Are you going to scan
> the gimple looking for suitable calls? How do you avoid instrumentation in
> the callee for that case?
>
> I find myself wondering if you'd be better off scanning the gimple
> representation looking for ADDR_EXPR operations, then peeking at the
> argument to see if it's part of the local frame or something higher up.
>
> Prsumably you catch cases where the ABI mandates that certain arguments be
> copied by the caller and the address passed to the callee? What about the
> opposite (and yes, both exist). See TARGET_PASS_BY_REFERENCE,
> TARGET_CALLEE_COPIES. I suspect scanning the gimple code is much more
> likely to pick up this stuff.
Yeah, I see. That's are good suggestions. I'll amend these (probably
minor) cases in another patch - if no objection to that -
which needs a good testing/performance/security measurement.
>
> Generally I like the idea of getting better stack smashing coverage without
> the penalty of stack-protector-all.
>
>
> Jeff
Han
More information about the Gcc-patches
mailing list