| 1 |
El sáb, 07-09-2013 a las 14:37 -0400, Rich Freeman escribió: |
| 2 |
> On Sat, Sep 7, 2013 at 2:10 PM, Martin Vaeth |
| 3 |
> <vaeth@××××××××××××××××××××××××.de> wrote: |
| 4 |
> > Ryan Hill <dirtyepic@g.o> wrote: |
| 5 |
> >> |
| 6 |
> >> * -fstack-protector{-all} |
| 7 |
> >> No thank you. -fstack-protector has very limited coverage |
| 8 |
> > |
| 9 |
> > I'd say it covers most cases where bugs can be made, |
| 10 |
> > practically without a severe impact on execution time or code size. |
| 11 |
> > In contrast, -fstack-protector-all should be left to hardened, since |
| 12 |
> > its impact is unacceptable to e.g. multimedia systems - the |
| 13 |
> > protection is probably over-the-top for normal users. |
| 14 |
> > I'd vote for enabling -fstack-protector by default: |
| 15 |
> > I am using it since many years (though I do not use hardened profile, |
| 16 |
> > since -fstack-protector-all had too much a performance impact for me). |
| 17 |
> > |
| 18 |
> >> -fstack-protector-strong |
| 19 |
> > |
| 20 |
> > One can later still change to this when >=gcc-4.9 is available in stable. |
| 21 |
> |
| 22 |
> ++, ++ |
| 23 |
> |
| 24 |
> No doubt stack-protector-strong is better than stack-protector, but |
| 25 |
> stack-protector is still better than nothing, and nothing is the |
| 26 |
> current default. |
| 27 |
> |
| 28 |
> Improvements don't need to be perfect - they just need to be improvements. |
| 29 |
> |
| 30 |
> Rich |
| 31 |
> |
| 32 |
|
| 33 |
Is there any kind of information about performance penalty of |
| 34 |
-fstack-protector? I have googled some time and there are various |
| 35 |
estimations (from ~2 to ~8%), but I have no idea what have they checked |
| 36 |
exactly. Also, multiple comments here refer to "not severe impact" that |
| 37 |
looks to me like it will have impact but "not too much" :/. For some |
| 38 |
recent computers I would probably use it, but for older ones, I am not |
| 39 |
sure if will be happy with that additional impact :| |
| 40 |
|
| 41 |
Thanks for the info |
Archives