DragonFly kernel List (threaded) for 2003-12
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
RE: propolice for GCC?
:Right on... what did you find out for the overhead? (I've got (propolice) running on my workstation under Gentoo Linux and now Dragonfly and, as a desktop user, I can't say that I can tell.)
:
:I think it is a good thing to have a switch in /etc/make.conf (or whatever). It makes Dragonfly just that much cooler :-)
:
:Cheers,
:Ryan
Well, it's both smart and dumb at the same time. On the smart side
it only introduces the check code when local buffers are declared on the
stack. For example:
main()
{
char buf[256];
int x;
buf[0] = 1;
x = 5;
puts("hi");
}
-fstack-protector -fno-stack-protector
--------------------------- ------------------------------
main:
pushl %ebp pushl %ebp
movl %esp,%ebp movl %esp,%ebp
subl $276,%esp subl $264,%esp
pushl %ebx
movl __guard,%eax
movl %eax,-4(%ebp)
movb $1,-260(%ebp) movb $1,-256(%ebp)
movl $5,-4(%ebp) movl $5,-4(%ebp)
addl $-12,%esp addl $-12,%esp
pushl $.LC0 pushl $.LC0
call puts call puts
movl -4(%ebp),%eax
cmpl __guard,%eax
je .L3
addl $-8,%esp
movl -4(%ebp),%eax
pushl %eax
pushl $.LC1
call __stack_smash_handler
.p2align 2,0x90
. L3:
movl %ebx,%eax
movl -280(%ebp),%ebx
leave leave
ret ret
. Lfe1:
Since the vast majority of procedures do not declare buffers on the
stack, the vast majority of procedures will not contain stack-smashing
tests. This is why binary sizes do not get bloated, which is good!
When it does introduce stack smash code it loads a guard word at the
top of the procedure's stack and checks the guard word prior to
returning.
On the dumb side when you have multiple procedures in a single source
file, the stack_smash_handler code is reproduced for each procedure
that requires stack smashing checks.
Kernel without -fstack-protector:
-rwxr-xr-x 1 root wheel 3303755 Dec 10 14:41 kernel
Kernel with -fstack-protector:
-rwxr-xr-x 1 root wheel 3329995 Dec 10 14:55 kernel
/bin without -fstack-protector:
4132 /bin
/bin with -fstack-protector:
4308 /bin
Very reasonable IMHO.
-Matt
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]