On Fr, 2016-08-19 at 19:46 +0100, Joshua G Lock wrote: > On Fri, 2016-08-19 at 10:07 -0700, Khem Raj wrote: > > > > > > > > > > > On Aug 19, 2016, at 8:34 AM, Joshua Lock <[email protected]> > > > wrote: > > > > > > This tells the compiler to use a canary to protect any function > > > which > > > declares a character array of 4 or more bytes on its stack, rather > > > than the default of 8 or more bytes. > > > > Thats fine, however, it slows down the code, strong option was a > > compromise > > otherwise we could just use fstack-protector-all > > It's my understanding that the ssp-buffer-size parameter changes the > size of buffer the base, fstack-protector, protections affect and that > the performance impact is less significant than adding protections to > all functions via stack-protector-all?
I understand it as follows instead: --param=ssp-buffer-size=X only makes sense together with -fstack-protector, as -fstack-protector can to be configured for the minimum size of arrays to protect (8 by default, if --param=ssp-buffer-size= is not given). --param=ssp-buffer-size=X does not make sense with -fstack-protector-strong as this version protects arrays of *any* size anyway. https://gcc.gnu.org/ml/gcc-patches/2012-06/msg00974.html -> This also has the design doc towards the end. https://lwn.net/Articles/584225/ So I don't think this patch is needed at all... > FWIW, the related options in Fedora and Ubuntu: > > * Ubuntu: -fstack-protector --param=ssp-buffer-size=4 (default in > hardened builds) > * Fedora: -fstack-protector-strong --param=ssp-buffer-size=4 (default > in all builds) Debian (sid) uses -fstack-protector-strong (without ssp-buffer-size). Cheers, Andre' > > Regards, > > Joshua > > > > > > > > > > > > > > > Signed-off-by: Joshua Lock <[email protected]> > > > --- > > > meta/conf/distro/include/security_flags.inc | 4 ++-- > > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > > > diff --git a/meta/conf/distro/include/security_flags.inc > > > b/meta/conf/distro/include/security_flags.inc > > > index 77fade6..691cea1 100644 > > > --- a/meta/conf/distro/include/security_flags.inc > > > +++ b/meta/conf/distro/include/security_flags.inc > > > @@ -12,8 +12,8 @@ lcl_maybe_fortify = "${@base_conditional('DEBUG_B > > > UILD','1','','-D_FORTIFY_SOURCE > > > # Error on use of format strings that represent possible security > > > problems > > > SECURITY_STRINGFORMAT ?= "-Wformat -Wformat-security > > > -Werror=format-security" > > > > > > -SECURITY_CFLAGS ?= "-fstack-protector-strong -pie -fpie > > > ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}" > > > -SECURITY_NO_PIE_CFLAGS ?= "-fstack-protector-strong > > > ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}" > > > +SECURITY_CFLAGS ?= "-fstack-protector-strong --param ssp-buffer- > > > size=4 -pie -fpie ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}" > > > +SECURITY_NO_PIE_CFLAGS ?= "-fstack-protector-strong --param ssp- > > > buffer-size=4 ${lcl_maybe_fortify} ${SECURITY_STRINGFORMAT}" > > > > > > SECURITY_LDFLAGS ?= "-Wl,-z,relro,-z,now" > > > SECURITY_X_LDFLAGS ?= "-Wl,-z,relro" > > > -- > > > 2.7.4 > > > > > > -- > > > _______________________________________________ > > > Openembedded-core mailing list > > > [email protected] > > > http://lists.openembedded.org/mailman/listinfo/openembedded-core > > -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
