From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 References: <20190131192533.34130-1-thgarnie@chromium.org> <20190131192533.34130-21-thgarnie@chromium.org> In-Reply-To: <20190131192533.34130-21-thgarnie@chromium.org> From: Andy Lutomirski Date: Fri, 1 Feb 2019 11:27:22 -0800 Message-ID: Subject: Re: [PATCH v6 20/27] x86: Support global stack cookie Content-Type: text/plain; charset="UTF-8" To: Thomas Garnier Cc: Kernel Hardening , Kristen Carlson Accardi , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , X86 ML , Andy Lutomirski , Thomas Garnier , Masahiro Yamada , Juergen Gross , Joerg Roedel , Jia Zhang , Konrad Rzeszutek Wilk , Tim Chen , LKML List-ID: On Thu, Jan 31, 2019 at 11:29 AM Thomas Garnier wrote: > > Add an off-by-default configuration option to use a global stack cookie > instead of the default TLS. This configuration option will only be used > with PIE binaries. > > For kernel stack cookie, the compiler uses the mcmodel=kernel to switch > between the fs segment to gs segment. A PIE binary does not use > mcmodel=kernel because it can be relocated anywhere, therefore the > compiler will default to the fs segment register. This is fixed on the > latest version of gcc. I hate all these gcc-sucks-so-we-hack-it-and-change-nasty-semantics options. How about just preventing use of both stack protector and PIE unless the version of gcc in use is new enough. Also, does -mstack-protector-guard-reg not solve this? See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81708. Or is there another bug? Or are you worried about gcc versions that don't have that feature yet?