Re: F22 System Wide Change: Harden all packages with position-independent code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Am 09.01.2015 um 00:16 schrieb Dennis Gilmore:

On Thu, 08 Jan 2015 20:25:36 +0100
Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote:


Am 08.01.2015 um 19:45 schrieb Miloslav Trmač:

= Proposed System Wide Change: Harden all packages with
position-independent code =

Harden all packages with position-independent code to limit the
damage from certain security vulnerabilities.


So this proposal is for _all_ architectures, including the
register-starved 32-bit i?86 where the overhead is, IIRC, around
10%.  I am by now quite convinced that x86_64 should be using PIE
by default.  As for 32-bit, I’m torn between “this is too much
overhead” and “32-bit isn’t worth the worry, let’s instead make the
defaults consistent.”


probably not worth the worry, new machines are x86_64 mostly, keep in
mind RHEL7 dropped i686 at all

even if they are still used - 10% sounds much *but* such old machines
mostly have a special task and are far away from noticeable load and
it really depends on the workload if you even notice 20% performance
drop

at least i doubt there is a noticeable userbase with i686 running
Fedora at all *and* would notice the drop noticeable


all of the OLPC XO 1.0 and 1.5 devices are running i686 fedora, that
userbase is in the millions, but would they notice  the performance
drop I do not know.
that would be the main question and how large is the real impact besides syntetic benchmarks - thats partly the same as for how fast your machine boots - how often does it boot a day and the same for starting applications when consider caching
a benchmark is nice to compare and get a picture but it practically never reflects the typical workload of a human (let us ignore FPS and games at that point) 


It would be interesting to see how performance was impacted on 32 bit
arm
given that this thread made clear most mobile operating systems enforce full PIE/PIC and most are running ARM on 32 bit i'd say if we have a much larger problem if that's a showstopper for Fedora 

however, numbers and *real human testing* would be interesting too

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux