On Fri, 2013-03-29 at 10:48 -0700, John Reiser wrote:
-fPIE code is larger and takes longer to execute. The cost varies
minimal (< 2%) in many cases to 10% or more for "non-dynamic" arrays on
-fPIE for Thumb mode on ARM is particularly painful.
RELRO can cost one extra page of physical RAM per process because the
of the RELRO region tends to increase fragmentation and decrease sharability.
Almost true, but wildly misleading.
RELRO adds a class of variables that are "read-only after relocation
processing". These are variables that _could not be shared anyway_
since their runtime value depends on where ld.so loads the process,
which is randomized. They do have to be mapped to a different page, but
that's because you can't map less than a page. And there's no
fragmentation cost, because the relro section is mapped immediately
after the normal rodata section.
I appreciate the concern for the extra page of dirty data per process
(actually per relro'd ELF object in the link map, including DSOs, but
let's not split hairs), but if we were concerned about 4k here and there
I assure you there are more deserving targets for that wrath than relro.