Re: [PATCH 1/2] powerpc: initial stack protector (-fstack-protector) support

From: Segher Boessenkool
Date: Mon Sep 17 2018 - 13:13:28 EST

Next message: Sai Prakash Ranjan: "Re: [PATCH 2/6] pstore: Add event tracing support"
Previous message: Chris Brandt: "RE: [PATCH 2/2] Revert "serial: sh-sci: Allow for compressed SCIF address""
In reply to: kbuild test robot: "Re: [PATCH 1/2] powerpc: initial stack protector (-fstack-protector) support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

On Mon, Sep 17, 2018 at 12:15:05PM +0000, Christophe Leroy wrote:
> Now, GCC offers the possibility to manually set the
> stack-protector mode (global or tls) regardless of libc support.

Yup :-)

> This time, the patch selects HAVE_STACKPROTECTOR only if
> -mstack-protector-guard=global is supported by GCC.

"global" is weaker than "tls" (it is easier to read the cookie in an
exploit). It is better to use tls if you can.

Segher

Next message: Sai Prakash Ranjan: "Re: [PATCH 2/6] pstore: Add event tracing support"
Previous message: Chris Brandt: "RE: [PATCH 2/2] Revert "serial: sh-sci: Allow for compressed SCIF address""
In reply to: kbuild test robot: "Re: [PATCH 1/2] powerpc: initial stack protector (-fstack-protector) support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]