On Tue, Dec 06, 2022 at 03:12:19AM +0000, Gary Buhrmaster wrote: > On Mon, Dec 5, 2022 at 10:53 PM Neal Gompa <ngompa13@xxxxxxxxx> wrote: > > > It has a similar impact that turning back on frame pointers would. > > > > Cf. https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level#the_gains_of_improved_security_coverage_outweigh_the_cost > > > > That article explicitly states: > "We need a proper study of performance and code size to understand > the magnitude of the impact" > > I look forward to seeing the results of that proper study before > this is even considered for approval (since, after all, one of the > strong push-backs for -fno-omit-frame-pointer was performance). Note that is not a fully equivalent scenario. The no-omit-frame-pointer proposal was only offering a functional debugging benefit to a fairly small number of users who are also developers, while adding a likely performance hit to all users. There needs to be a high bar to justify the performance hit when the benefit offered is narrow. This proposal is adding a functional security benefit to all users, alongside the possible performance hit. This is more easily justifiable, especially given Fedora's track record of being willing to security improvements even when they have a performance hit. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue