From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path:
Received: by sourceware.org (Postfix, from userid 2140)
id E4C2B386180D; Wed, 20 Dec 2023 07:59:31 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org E4C2B386180D
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
s=default; t=1703059171;
bh=b6QOE5ZbK5GrvS5h4D7gReKS2RR3EaHz1SLTK1evg8U=;
h=To:Subject:Date:From:From;
b=AupWSfD1hLmPxoJvDvQrRGE1XuNm/rEN4t3V6TnDa/qn2ksFX48B3SA8QslbcWz7p
lR94jGM1hJAm0q40Dt0XwZPhWuV1uE8uz0tIkrwJj73NDPoddmHKgmWU29Zw7cwnVG
1thqNkuvN1RGTVIZ7kv1QgfuhmeU4CfwuA73Rwpc=
To: gcc-cvs-wwwdocs@gcc.gnu.org
Subject: gcc-wwwdocs branch master updated. 79b804a9bda634f0efad4fe15564d1b2374adb35
X-Git-Refname: refs/heads/master
X-Git-Reftype: branch
X-Git-Oldrev: e56dc0003729ea6f7d26594dae34d218543edb49
X-Git-Newrev: 79b804a9bda634f0efad4fe15564d1b2374adb35
Message-Id: <20231220075931.E4C2B386180D@sourceware.org>
Date: Wed, 20 Dec 2023 07:59:31 +0000 (GMT)
From: Alexandre Oliva
List-Id:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gcc-wwwdocs".
The branch, master has been updated
via 79b804a9bda634f0efad4fe15564d1b2374adb35 (commit)
from e56dc0003729ea6f7d26594dae34d218543edb49 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 79b804a9bda634f0efad4fe15564d1b2374adb35
Author: Alexandre Oliva
Date: Wed Dec 20 04:57:24 2023 -0300
new AdaCore-contributed hardening features in gcc 13 and 14
Mention hardening of conditionals (added in gcc 13), control flow
redundancy, hardened booleans, and stack scrubbing.
Also cover forced inlining of string operations while at that.
diff --git a/htdocs/gcc-13/changes.html b/htdocs/gcc-13/changes.html
index ee6383a0..d3bacc16 100644
--- a/htdocs/gcc-13/changes.html
+++ b/htdocs/gcc-13/changes.html
@@ -168,6 +168,12 @@ You may also want to check out our
been added, see also
Profiling and Test Coverage in Freestanding Environments.
+
+ New options -fharden-compares
+ and -fharden-conditional-branches
to verify compares
+ and conditional branches, to detect some power-deprivation
+ hardware attacks, using reversed conditions.
+
diff --git a/htdocs/gcc-14/changes.html b/htdocs/gcc-14/changes.html
index 11c7ca7e..24e6409a 100644
--- a/htdocs/gcc-14/changes.html
+++ b/htdocs/gcc-14/changes.html
@@ -128,6 +128,35 @@ a work-in-progress.
of hardening flags. The options it enables can be displayed using the
--help=hardened
option.
+
+ New option -fharden-control-flow-redundancy
, to
+ verify, at the end of functions, that the visited basic blocks
+ correspond to a legitimate execution path, so as to detect and
+ prevent attacks that transfer control into the middle of
+ functions.
+
+
+ New type attribute hardbool
, for C and Ada. Hardened
+ booleans take user-specified representations for true
+ and false
, presumably with higher hamming distance
+ than standard booleans, and get verified at every use, detecting
+ memory corruption and some malicious attacks.
+
+
+ New type attribute strub
to control stack scrubbing
+ properties of functions and variables. The stack frame used by
+ functions marked with the attribute gets zeroed-out upon returning
+ or exception escaping. Scalar variables marked with the attribute
+ cause functions contaning or accessing them to get stack scrubbing
+ enabled implicitly.
+
+
+ New option -finline-stringops
, to force inline
+ expansion of memcmp
, memcpy
,
+ memmove
and memset
, even when that is
+ not an optimization, to avoid relying on library
+ implementations.
+
New Languages and Language specific improvements
-----------------------------------------------------------------------
Summary of changes:
htdocs/gcc-13/changes.html | 6 ++++++
htdocs/gcc-14/changes.html | 29 +++++++++++++++++++++++++++++
2 files changed, 35 insertions(+)
hooks/post-receive
--
gcc-wwwdocs