Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)

On Nov 13, 2009, at 11:36 AM, Thor Lancelot Simon wrote:

On Fri, Nov 13, 2009 at 05:01:34AM +0000, David Holland wrote:

It's been noted elsewhere that theoretically the overhead of SSP is
not supposed to be 5%; it's supposed to be negligible. Where is this
5% overhead coming from?

One possibility is our non-default settings for the stack protector. We tell GCC to protect access to all objects -- not just objects large enough
to contain an address, which is the default.

So, perhaps we can enable full-on protection for some things, as before, but use default settings for everything else and get most of the benefit with a smaller overhead? Or maybe we should use default settings everywhere?

This seems insufficiently researched to me. I think we ought to understand what's going on better before accepting a 5% penalty that we may not need to, or conversely accepting the risk of doing without SSP when the cost might be easily reduced. Not to mention having a flamewar either way...

Home | Main Index | Thread Index | Old Index