On 07/11/2013 11:49 AM, Jakub Jelinek wrote:
Stack guards are present, but using libssp, which is the fallback way, second class citizen and most likely slower than the standard way. E.g. the libssp stack guard setup always uses /dev/urandom, while I guess even on ARM kernel provides AT_RANDOM that can be just used. And I'd bet that even on ARM reading the stack guard via TLS (well, static only always, i.e. hardcoded offset from TLS register), especially for PIC, is faster than doing GOT read and two memory references.
Thanks. Security-wise, is the implementation roughly equivalent in what is protected against, albeit less efficient?
-- Brendan Conoboy / Red Hat, Inc. / blc@xxxxxxxxxx -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
