Re: Switch on compiler hardening defaults
On Thu, 29 Oct 2009, Kees Cook wrote:
> On Thu, Oct 29, 2009 at 10:01:08PM -0200, Henrique de Moraes Holschuh wrote:
> > On Tue, 27 Oct 2009, Kees Cook wrote:
> > > On Mon, Oct 26, 2009 at 11:14:25AM +0100, Bastian Blank wrote:
> > > > On Sun, Oct 25, 2009 at 11:55:25AM -0700, Kees Cook wrote:
> > > > > I would like to propose enabling[1] the GCC hardening patches that Ubuntu
> > > > > uses[2].
> > > >
> > > > How do they work? Do they also change the free-standing compiler or only
> > > > the hosted one? There is a lot of software, which (I would say) missuse
> > > > the hosted compiler to build non-userspace-code, including the Linux
> > > > kernel.
> > >
> > > The stack protector is conditional on being linked with libc, so, if you
> > > build with -nostdlib (as the kernel does), it is implicitly disabled.
> >
> > This doesn't make sense. The kernel can, and does use stack protector
> > functionality for its built if you ask it to. Do you mean the defaults are
> > changed only when -nostdlib is NOT given?
>
> Yes, I was a bit unclear, sorry. The -fstack-protector option is not
> added to the option list when either -fno-stack-protector or -nostdlib
> are already in the option list. The GCC spec[1] for this is:
That, and the fact that -fstack-protector-all is NOT used, removes all
objections I might have: it means the kernel build won't be affected, and it
preserves the decisions made by the kernel upstream about which files should
get -fstack-protector and which files shouldn't.
Thanks!
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
Reply to: