Re: Switch on compiler hardening defaults

[Henrique de Moraes Holschuh <hmh@debian.org>]

On Mon, 26 Oct 2009, Gabor Gombas wrote:
> On Mon, Oct 26, 2009 at 11:14:25AM +0100, Bastian Blank wrote:
> > On Sun, Oct 25, 2009 at 11:55:25AM -0700, Kees Cook wrote:
> > > I would like to propose enabling[1] the GCC hardening patches that Ubuntu
> > > uses[2].
> > 
> > How do they work? Do they also change the free-standing compiler or only
> > the hosted one? There is a lot of software, which (I would say) missuse
> > the hosted compiler to build non-userspace-code, including the Linux
> > kernel.
> 
> It seems the kernel will not be happy if the stack protector is switched
> on unconditionally:
> 
> http://osdir.com/ml/linux-kernel/2009-10/msg07064.html

Indeed.  The kernel build system needs to be able to command whether
stackprotect is enabled or not without surprises...

I assume very performance-critical applications will also need it disabled,
if they have hot paths where dcache footprint matters.  But I think we can
safely assume these will be quite rare, so as long as one can disable the
stackprotector easily enough through CFLAGS, we could just do it in a
case-by-case basis on debian/rules.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh