On Thursday 20 October 2011 23:20:35 Duncan wrote:
> Magnus G suggests possibly adding PIE to amd64, which is already PIC,
this isn't quite right. amd64 shared objects (i.e. libraries) are PIC. the
applications are not.
> Still, speaking as an ~amd64 user myself, that's certainly an acceptable
> tradeoff from the user-side, particularly as most users will only have
> perhaps a handful of those 30 packages installed. If the gentoo/amd64
> folks and the maintainers of those 30 packages don't mind too much, I
> believe it does make sense.
usually these packages are multimedia related. like ffmpeg iirc. so i think
the impact is much greater than your estimate here.
> Then, as legacy x86 gradually dies off and those who haven't already done
> so gradually switch to amd64 (or possibly arm, but I don't know enough
> about that to comment in this context), they'd get the security upgrade
> as a part of the package. =:^)
poor PIC performance isn't specific to x86. it's just the largest affected user
base. i'd have to dig into the ABI's to say which others have issues.
> What about x32, tho? Does it get PIC by default too, or not, and if not,
x32 is same as x86_64 wrt PIC
> And for bindnow, do you mean the "-Wl,-z,now" that's part of my LDFLAGS?
> there's some initial-load-time and arguably some memory cost, but less
> post-load run-time latency and issues when those libs would be otherwise
> be lazy-loaded, and I decided that tradeoff was one I could live with!
i don't think there's a memory cost. the initial load time is waste and is
noticeable on much larger packages like OOo.