Re: Switch on compiler hardening defaults
On Tue, 2009-10-27 at 22:19 -0200, Henrique de Moraes Holschuh wrote:
> Well, the issue raised in LKML is that you absolutely should *not* enable
> -fstack-protector-all unless you _really_ know what you're doing, and most
> certainly not by default. It has nothing to do with -fstack-protector, just
> with -fstack-protector-all. But it does show that extra stack usage CAN
> have bad effects on performance in pathological cases (which -all seems
> to cause more readly :-p ).
Isn't this what they've done starting with the 2.6.31 debian packages?
CONFIG_CC_STACKPROTECTOR_ALL=y
CONFIG_CC_STACKPROTECTOR=y
Should we bugreport this agains src:linux2.6 ?
Cheers,
Chris.
Reply to: