[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK7LNAS8OCO8roYjS8w0_yoUmyUrEZBtnLe_D9y7qNwtGGbNUg@mail.gmail.com>
Date: Mon, 12 Nov 2018 22:54:41 +0900
From: Masahiro Yamada <yamada.masahiro@...ionext.com>
To: Kees Cook <keescook@...omium.org>
Cc: Ingo Molnar <mingo@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>, X86 ML <x86@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
"H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Sven Joachim <svenjoac@....de>
Subject: Re: [PATCH] x86: remove gcc-x86_*-has-stack-protector.sh checks
On Mon, Nov 12, 2018 at 5:29 PM Kees Cook <keescook@...omium.org> wrote:
>
> On Sun, Nov 11, 2018 at 9:06 PM, Masahiro Yamada
> <yamada.masahiro@...ionext.com> wrote:
> > gcc-x86_64-has-stack-protector.sh was introduced by commit 4f7fd4d7a791
> > ("[PATCH] Add the -fstack-protector option to the CFLAGS") in 2006
> > to work around buggy compilers.
> >
> > gcc-x86_32-has-stack-protector.sh was introduced by commit 60a5317ff0f4
> > ("x86: implement x86_32 stack protector"), which did not clearly state
> > whether compilers were still producing broken code at that time.
> >
> > Now, the minimum reuquired GCC version is 4.6, which was released in
> > 2011. Probably, we can dump these old compiler checks.
>
> NAK. We need to keep this because we've seen recent regressions with
> stack protection (e.g. gcc briefly used global instead of tls for the
> canary, which silently broke the use of stack protectors). Since the
> gcc/kernel "API" for the canary is so fragile we need to keep these
> tests to make sure things end up where they're expected.
Thanks for your feedback.
I did not know this is still fragile even after ten years time.
One more curious thing is, x86 is the only arch ever
that has had this kind of script check.
--
Best Regards
Masahiro Yamada
Powered by blists - more mailing lists