Re: Proposing amd64-hardened architecture for Debian
2014-04-15 14:23 GMT+02:00 Paul Wise <pabs@debian.org>:
> On Tue, Apr 15, 2014 at 8:15 PM, Christian Hofstaedtler wrote:
>
>> I think that as of today it would help more to fix various upstream
>> build tools to actually honor the build flags we (using
>> dpkg-buildflags) set. This would benefit both the regular
>> architectures and any hypothetical hardened archs.
>
> Also necessary is for them to support being built with other compilers.
As a package maintainer I make sure that an other compiler and
additional flags are honored whenever it is possible/reasonable by
either patching the build system or upstreaming the patches.
It is worth the effort and is definitely needed, but changing GCC
defaults would speed up making the binaries protected.
>
>> Regarding a special hardened arch, I think on amd64 there's almost
>> no benefit of making a seperate arch: just turn on all the hardening
>> stuff in amd64, the hardware is fast enough to tolerate some
>> slowdown as a tradeoff for better security.
>> No ideas for/about the other archs.
>
> You need a separate architecture if your security enhancements are
> going to give a 50% speed hit.
>
> https://events.ccc.de/congress/2013/Fahrplan/events/5412.html
> https://media.ccc.de/browse/congress/2013/30C3_-_5412_-_en_-_saal_1_-_201312271830_-_bug_class_genocide_-_andreas_bogk.html
Yes, I fully agree with Paul on this. I was thinking of enabling
address sanitizer in Wireshark (wearing my upstream hat), but the
performance impact (2x slowdown) would be too much for some heavy
users.
http://clang.llvm.org/docs/AddressSanitizer.html
I think it could be enabled in a separate arch.
Cheers,
Balint
>
> --
> bye,
> pabs
>
> http://wiki.debian.org/PaulWise
Reply to: