On Fri, 2020-06-05 at 07:33 +0000, devel-request(a)lists.fedoraproject.org wrote:
----------------------------------------------------------------------
Date: Fri, 5 Jun 2020 09:16:21 +0200
From: Frantisek Zatloukal <fzatlouk(a)redhat.com>
Subject: Re: Fedora 33 System-Wide Change proposal: CompilerPolicy
Change
To: Development discussions related to Fedora
<devel(a)lists.fedoraproject.org>
Message-ID:
<CACBV9ZgCJm-5jbaG4myZfByjg6gt7dZoeA26uxcqtzcnrp4G4g(a)mail.gmail.com>
Content-Type: multipart/alternative;
boundary="00000000000064befd05a7510a78"
--00000000000064befd05a7510a78
Content-Type: text/plain; charset="UTF-8"
On Fri, Jun 5, 2020 at 9:11 AM Igor Raits <ignatenkobrain(a)fedoraproject.org>
wrote:
> Also we probably should mention that -fstack-clash-protection is not
> available in clang, so in theory binaries can be less secure due to
> that.
This seems to be worked on as per
https://reviews.llvm.org/D68720?id=224102 (on
x86, I am not sure on what arches GCC supports -fstack-clash-protection ).
stack-clash-protection is under active development in Clang/LLVM. Serge has done
the x86_64 implementation and engineers from IBM are currently working on
implementations for Power and Z series. I'm also in contact with ARM engineers
to try and get AArch64 covered as well. Realistically I expect Power and Z to
land in LLVM 11 and AArch64 in LLVM 12.
jeff