© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Here's the rationale for _ALL from lkml. If _ALL is needed to catch vmsplice-like stuff, we should use it. As for performance, it seems that only limited situations on already slow x86 hardware would even notice the effect on the icache. We should obviously make sure it actually works, of course. :)
---
* Kees Cook <email address hidden> wrote:
> What is the rationale for why CC_STACKPROTECT
> using CC_STACKPROTECTOR? I would have expected _ALL to be a
> separate option (as it was in earlier versions), but it seems it
> is forced on by commit 113c5413cf9051c
it used to be a separate option. I merged them into one, because we
had too many options really, and because the vmsplice exploit would
only have been caught by the _ALL variant. So the 'light' variant
never really worked well IMO.
Ingo