From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-patches-return-491571-listarch-gcc-patches=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 24010 invoked by alias); 4 Dec 2018 03:51:10 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Received: (qmail 23999 invoked by uid 89); 4 Dec 2018 03:51:09 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2 spammy=
X-HELO: EUR03-DB5-obe.outbound.protection.outlook.com
Received: from mail-eopbgr40066.outbound.protection.outlook.com (HELO EUR03-DB5-obe.outbound.protection.outlook.com) (40.107.4.66) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 04 Dec 2018 03:51:07 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector1-arm-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=tX2dKtXmUnKIAaEsELIpa8Cp/3trNTp52Mr67rzcHJY=; b=FTYkVGCBsxWKmQskqKpUoccasGnBbUmcACoH2YvTBic/DsGzTgExEybF81KN85Delr8QwkYGDGwxij7ZI+1LN5is/v/EeCN/06/GqnK6fFeyIvTP+p5dBJibWXKZlmpQK3PElunSOzDMmHYOiKXcD2W2EmQnYJIoHG/fZp+Thmk=
Received: from HE1PR08MB1035.eurprd08.prod.outlook.com (10.166.125.145) by HE1PR08MB1034.eurprd08.prod.outlook.com (10.166.125.144) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1382.22; Tue, 4 Dec 2018 03:51:03 +0000
Received: from HE1PR08MB1035.eurprd08.prod.outlook.com ([fe80::f972:2c5d:c57c:7537]) by HE1PR08MB1035.eurprd08.prod.outlook.com ([fe80::f972:2c5d:c57c:7537%2]) with mapi id 15.20.1382.020; Tue, 4 Dec 2018 03:51:02 +0000
From: Wilco Dijkstra <Wilco.Dijkstra@arm.com>
To: Florian Weimer <fweimer@redhat.com>, GCC Patches <gcc-patches@gcc.gnu.org>
CC: nd <nd@arm.com>
Subject: Re: [RFC][AArch64] Add support for system register based stack protector canary access
Date: Tue, 04 Dec 2018 03:51:00 -0000
Message-ID: <HE1PR08MB1035E1E335F7344C8EDE002C83AF0@HE1PR08MB1035.eurprd08.prod.outlook.com>
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Wilco.Dijkstra@arm.com;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-SW-Source: 2018-12/txt/msg00145.txt.bz2

Hi,

Florian wrote:
> For userland, I would like to eventually copy the OpenBSD approach for
> architectures which have some form of PC-relative addressing: we can
> have multiple random canaries in (RELRO) .rodata in sufficiently close
> to the code that needs them (assuming that we have split .rodata).  At
> least for x86-64, I expect this to be a small win.  It's also a slight
> hardening improvement if the reference canary is not stored in writable
> memory.

On AArch64 hardware pointer signing already provides a free and more robust
implementation of stack canaries, so we could change -fstack-protector to
use that when pointer signing is enabled.

Wilco