Re: Switch on compiler hardening defaults

[Christoph Anton Mitterer <calestyo@scientia.net>]

On Tue, 2009-10-27 at 22:19 -0200, Henrique de Moraes Holschuh wrote:
> Well, the issue raised in LKML is that you absolutely should *not* enable
> -fstack-protector-all unless you _really_ know what you're doing, and most
> certainly not by default.  It has nothing to do with -fstack-protector, just
> with -fstack-protector-all.  But it does show that extra stack usage CAN
> have bad effects on performance in pathological cases (which -all seems
> to cause more readly :-p ).
Isn't this what they've done starting with the 2.6.31 debian packages?
CONFIG_CC_STACKPROTECTOR_ALL=y
CONFIG_CC_STACKPROTECTOR=y

Should we bugreport this agains src:linux2.6 ?

Cheers,
Chris.