On Nov 13, 2009, at 11:36 AM, Thor Lancelot Simon wrote:
On Fri, Nov 13, 2009 at 05:01:34AM +0000, David Holland wrote:It's been noted elsewhere that theoretically the overhead of SSP is not supposed to be 5%; it's supposed to be negligible. Where is this 5% overhead coming from?One possibility is our non-default settings for the stack protector. We tell GCC to protect access to all objects -- not just objects large enoughto contain an address, which is the default.
So, perhaps we can enable full-on protection for some things, as before, but use default settings for everything else and get most of the benefit with a smaller overhead? Or maybe we should use default settings everywhere?
This seems insufficiently researched to me. I think we ought to understand what's going on better before accepting a 5% penalty that we may not need to, or conversely accepting the risk of doing without SSP when the cost might be easily reduced. Not to mention having a flamewar either way...