2c88c742d0
GCC 9 reworks the way the references to the stack canary are emitted, to prevent the value from being spilled to the stack before the final comparison in the epilogue, defeating the purpose, given that the spill slot is under control of the attacker that we are protecting ourselves from. Since our canary value address is obtained without accessing memory (as opposed to pre-v7 code that will obtain it from a literal pool), it is unlikely (although not guaranteed) that the compiler will spill the canary value in the same way, so let's just disable this improvement when building with GCC9+. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Kees Cook <keescook@chromium.org> |
||
---|---|---|
.. | ||
.gitignore | ||
arm_ssp_per_task_plugin.c | ||
cyc_complexity_plugin.c | ||
gcc-common.h | ||
gcc-generate-gimple-pass.h | ||
gcc-generate-ipa-pass.h | ||
gcc-generate-rtl-pass.h | ||
gcc-generate-simple_ipa-pass.h | ||
gen-random-seed.sh | ||
Kconfig | ||
latent_entropy_plugin.c | ||
Makefile | ||
randomize_layout_plugin.c | ||
sancov_plugin.c | ||
stackleak_plugin.c | ||
structleak_plugin.c |