F22 System Wide Change: Harden all packages with position-independent code
Jakub Jelinek
jakub at redhat.com
Fri Jan 9 11:54:21 UTC 2015
On Thu, Jan 08, 2015 at 01:45:20PM -0500, Miloslav Trmač wrote:
> Hello,
> > = Proposed System Wide Change: Harden all packages with position-independent
> > code =
> >
> > Harden all packages with position-independent code to limit the damage from
> > certain security vulnerabilities.
>
> So this proposal is for _all_ architectures, including the
> register-starved 32-bit i?86 where the overhead is, IIRC, around 10%.
> I am by now quite convinced that x86_64 should be using PIE by default.
> As for 32-bit, I’m torn between “this is too much overhead” and “32-bit
> isn’t worth the worry, let’s instead make the defaults consistent.”
On i?86 it isn't around 10%, but more like 10%-30%.
That said, even on x86_64 it isn't anything close to no overhead.
Tried last night to rebuild GCC's cc1plus as -fpie -pie, and then
rebuild stage3 of GCC with make -j1 separately with the original stage3
cc1plus (ET_EXEC binary) and PIE cc1plus (ET_DYN). The build (which
included still time for various other tools being not PIE, make, ld, as)
got 2.1% slower user time. Also, the number of relocations and
memory consumption got up.
Non-PIE cc1plus:
Relocation section '.rela.dyn' at offset 0x187d30 contains 190 entries:
Relocation section '.rela.plt' at offset 0x188f00 contains 284 entries:
GNU_RELRO 0x1d14730 0x0000000002314730 0x0000000002314730 0x0058d0 0x0058d0 R 0x1
PIE cc1plus:
Relocation section '.rela.dyn' at offset 0x187d90 contains 75803 entries:
Relocation section '.rela.plt' at offset 0x344018 contains 230 entries:
GNU_RELRO 0x1e18cf0 0x0000000002018cf0 0x0000000002018cf0 0x10e310 0x10e310 R 0x1
That means e.g. on the startup of each cc1plus process, that means 1MB extra
COW wastage (executable has 24KB of pages written and then made
non-writable, while PIE over 1MB).
Jakub
More information about the devel
mailing list