Date: Fri, 18 Apr 2008 12:20:45 -0700 From: Marcel Moolenaar <xcllnt@mac.com> To: Max Laier <max@love2party.net> Cc: Jeremie Le Hen <jeremie@le-hen.org>, freebsd-arch@freebsd.org Subject: Re: Integration of ProPolice in FreeBSD Message-ID: <4D7941ED-03BA-4F3B-8590-65EA8142EC00@mac.com> In-Reply-To: <200804181945.59189.max@love2party.net> References: <20080418132749.GB4840@obiwan.tataz.chchile.org> <200804181945.59189.max@love2party.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 18, 2008, at 10:45 AM, Max Laier wrote: > On Friday 18 April 2008 15:27:49 Jeremie Le Hen wrote: >> Hi, >> >> As you may already know I've integrated GCC's ProPolice into FreeBSD. >> The build infrastructure overlord, namely ru@, (I'm quoting kan@) has >> reviewed the patch and technically it is ready to hit the CVS tree. >> >> A few things should be discussed beforehand though. >> >> First, should we build world and/or kernel with SSP by default? I've >> scamped a trivial benchmark back in 2006: timing buildworld with and >> without SSP. You can found the result on my webpage: >> http://tataz.chchile.org/~tataz/FreeSBD/SSP/#section1 > > 404 :-\ > >> Also, the original ProPolice author achieved a thorough performance >> comparison with and without SSP, and the overhead is really small: >> http://www.trl.ibm.com/projects/security/ssp/node5.html >> I would like to reach a consensus on whether SSP should be opt-in or >> opt-out on FreeBSD. >> >> >> Another concern that Robert Watson showed back in 2006 [1] when I >> brought >> forward my patch was the compatibility between pre-SSP and post-SSP >> binaries/libraries. >> >> I'll try to make it simple and short. SSP requires two additional >> symbols that are kindly provided by libc. Any binary or library >> compiled with SSP will require them. As long as your libc contains >> the >> symbols, you can smoothly run pre-SSP applications with post-SSP >> libs as >> well as the other way around. >> >> Also Kris explained [2] that once applied, it is painful to try to >> revert the change (removing SSP symbols from libc). This is true but >> once the patch gets committed, it should hopefully never happen. > > So I'd suggest something along the lines of: > > 1) Add the needed support symbols to libc (they don't hurt anyone, > right?) autoconf? With tools like autoconf, I'm much less inclined to say that some unused symbol, library, header or whatever is harmless. I've turned into a "if we don't use it, don't add/keep it" person :-) -- Marcel Moolenaar xcllnt@mac.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D7941ED-03BA-4F3B-8590-65EA8142EC00>