* Harlan Lieberman-Berg: > Hello GCC Maintainers! > > It would be Really Awesome (TM) if we could add the > -fstack-clash-protection flag to our default hardening posture. This > would have provided protection against the recent System Down > vulnerability (CVE-2018-16864, CVE-2018-16865, CVE-2018-16866, aka > #918841 and #918848).
Note that -fstack-clash-protection is only fully functional on some architectures. I know that the following GCC architectures work with GCC 8: i386 powerpc64 (big endian and little endian) s390x x86-64 There is a patch to fix it for aarch64 as well, but I think it requires 64K page sizes. I think the powerpc64 probing uses 4K offsets, but someone should verify that (the GCC builds I have readily access to are only expected to be used with 64K pages on POWER). The challenge here is that the generic version of -fstack-clash-protection has bugs that are similar to of -fstack-check. But with proper architecture support, the probes will never hit memory outside the required stack space (which is a frequent problem with -fstack-check). Some care is also necessary to generate correct asynchronous unwinding information for the probes, and valgrind may need some adjustment as well.
