On 07/11/2013 11:49 AM, Jakub Jelinek wrote:
Stack guards are present, but using libssp, which is the fallback
way,
second class citizen and most likely slower than the standard way.
E.g. the libssp stack guard setup always uses /dev/urandom, while I guess
even on ARM kernel provides AT_RANDOM that can be just used.
And I'd bet that even on ARM reading the stack guard via TLS (well,
static only always, i.e. hardcoded offset from TLS register), especially for
PIC, is faster than doing GOT read and two memory references.
Thanks. Security-wise, is the implementation roughly equivalent in what
is protected against, albeit less efficient?
--
Brendan Conoboy / Red Hat, Inc. / blc(a)redhat.com