From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 References: <20190131192533.34130-1-thgarnie@chromium.org> <20190131192533.34130-21-thgarnie@chromium.org> In-Reply-To: From: Thomas Garnier Date: Fri, 1 Feb 2019 12:21:44 -0800 Message-ID: Subject: Re: [PATCH v6 20/27] x86: Support global stack cookie Content-Type: text/plain; charset="UTF-8" To: Andy Lutomirski Cc: Kernel Hardening , Kristen Carlson Accardi , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , X86 ML , Masahiro Yamada , Juergen Gross , Joerg Roedel , Jia Zhang , Konrad Rzeszutek Wilk , Tim Chen , LKML List-ID: On Fri, Feb 1, 2019 at 11:27 AM Andy Lutomirski wrote: > > On Thu, Jan 31, 2019 at 11:29 AM Thomas Garnier wrote: > > > > Add an off-by-default configuration option to use a global stack cookie > > instead of the default TLS. This configuration option will only be used > > with PIE binaries. > > > > For kernel stack cookie, the compiler uses the mcmodel=kernel to switch > > between the fs segment to gs segment. A PIE binary does not use > > mcmodel=kernel because it can be relocated anywhere, therefore the > > compiler will default to the fs segment register. This is fixed on the > > latest version of gcc. > > I hate all these gcc-sucks-so-we-hack-it-and-change-nasty-semantics > options. How about just preventing use of both stack protector and > PIE unless the version of gcc in use is new enough. So fail the build in this scenario? > > Also, does -mstack-protector-guard-reg not solve this? See > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81708. Or is there > another bug? Or are you worried about gcc versions that don't have > that feature yet? I am worried about gcc versions that don't have this feature, yes.