F20 System Wide Change: ARM as primary Architecture

[Florian Weimer]

On 07/11/2013 05:10 PM, Toshio Kuratomi wrote:
> On Thu, Jul 11, 2013 at 07:48:50AM -0400, Jonathan Masters wrote:
>> And following the legitimate concerns about stack-protector this was
>> raised by ARM into core Linaro as an urgent action for which engineering
>> resource is being assigned to correct this deficiency ASAP. Thus within
>> a day an issue has been noted that we were unaware of and is being worked
>> through a process to correct it, as would be the case with any deficiency
>> on x86. The stack protection stuff will be fixed. Let's bike shed over the
>> next nitpick nuance that the anti-ARM crowd want to throw in the way ;)
>>
> Just in case it wasn't part of what was discussed, please note that if all
> goes well, F20 will be switching to use -fstack-protector-strong rather than
> just -fstack-protector so we'd need the functionality for that implemented:

The good news is that -fstack-protector-strong is exclusively a 
middle-end feature which did not require any changes to the backend 
implementation.  It just caused more functions to be instrumented with 
canary checks, based on the local variables in the function and how they 
are used.

NVR optimization and retslot handling might different among 
architectures (I haven't checked), but the existing patch (in Fedora and 
upstream) does not deal with those anyway.

-- 
Florian Weimer / Red Hat Product Security Team