propolice for GCC?

Matthew Dillon dillon at apollo.backplane.com
Wed Dec 10 14:57:29 PST 2003


:Right on... what did you find out for the overhead? (I've got (propolice) running on my workstation under Gentoo Linux and now Dragonfly and, as a desktop user, I can't say that I can tell.)
: 
:I think it is a good thing to have a switch in /etc/make.conf (or whatever).  It makes Dragonfly just that much cooler :-)
: 
:Cheers,
:Ryan

    Well, it's both smart and dumb at the same time.  On the smart side
    it only introduces the check code when local buffers are declared on the
    stack.  For example:

main()
{
    char buf[256];
    int x;

    buf[0] = 1;
    x = 5;
    puts("hi");
}
     
	-fstack-protector			-fno-stack-protector
	---------------------------		------------------------------
main:
        pushl %ebp				pushl %ebp
        movl %esp,%ebp				movl %esp,%ebp
        subl $276,%esp				subl $264,%esp
        pushl %ebx
        movl __guard,%eax
        movl %eax,-4(%ebp)
        movb $1,-260(%ebp)			movb $1,-256(%ebp)
        movl $5,-4(%ebp)			movl $5,-4(%ebp)
        addl $-12,%esp				addl $-12,%esp
        pushl $.LC0				pushl $.LC0
        call puts				call puts
        movl -4(%ebp),%eax
        cmpl __guard,%eax
        je .L3
        addl $-8,%esp
        movl -4(%ebp),%eax
        pushl %eax
        pushl $.LC1
        call __stack_smash_handler
        .p2align 2,0x90
. L3:
        movl %ebx,%eax
        movl -280(%ebp),%ebx
        leave					leave
        ret					ret
. Lfe1:

    Since the vast majority of procedures do not declare buffers on the 
    stack, the vast majority of procedures will not contain stack-smashing
    tests.  This is why binary sizes do not get bloated, which is good!

    When it does introduce stack smash code it loads a guard word at the
    top of the procedure's stack and checks the guard word prior to
    returning.

    On the dumb side when you have multiple procedures in a single source
    file, the stack_smash_handler code is reproduced for each procedure
    that requires stack smashing checks.

    Kernel without -fstack-protector:

	-rwxr-xr-x  1 root  wheel   3303755 Dec 10 14:41 kernel

    Kernel with -fstack-protector:

	-rwxr-xr-x  1 root  wheel   3329995 Dec 10 14:55 kernel

    /bin without -fstack-protector:

	4132    /bin

    /bin with -fstack-protector:

	4308    /bin

    Very reasonable IMHO.

					-Matt







More information about the Kernel mailing list