Integration of ProPolice in FreeBSD
John Baldwin
jhb at freebsd.org
Wed Apr 23 19:54:30 UTC 2008
On Wednesday 23 April 2008 10:33:56 am Jeremie Le Hen wrote:
> > Does GCC provide an attribute that can be applied to a function to disable
> > stack protection? We could explicitly disable it for the few functions
> > (mi_startup(), initi386(), etc.) on the call path to mi_startup().
>
> Sorry, I should have mentionned that I've already skimmed over gcc info
> page and then asked on #gcc on FreeNode for such an atttribute, but
> there isn't:
>
> % 22:16 < Guilt> there are a lot of problems in enabling/disabling
> % fstack-protector in the mid of the program
> % 22:16 < Guilt> one is that specs for libssp are taken from the driver
> % program
> % 22:17 < Guilt> not the compiler (cc1) and it's not possible to
> % arbitrarily enable/disable those
>
> Ultimately those functions should be moved into separate compilation
> units. Maybe the current layout is sufficient, I don't know. Would you
> please give me some hint about the functions that must not be protected?
> Maybe all the MD stuff?
Well, we never return from mi_startup() (the last SYSINIT() calls scheduler()
where thread0 runs for the rest of its life). I'm not sure how the ssp stuff
works, but if it happens on return from the function, then given that you are
probably just fine as it is?
--
John Baldwin
More information about the freebsd-arch
mailing list