On Tue, Oct 15, 2013 at 12:42:44PM -0400, Carlos O'Donell wrote: > On 10/14/2013 10:55 AM, Matthew Garrett wrote: > > Did the arm32 portions of this end up being completed for F20? > > For 32-bit ARM on f20: > > - Stack guard: > - Existing glibc support provides stack guard value in global > variable and is used by existing runtime. Regression tests are > passing in glibc testsuite. Verified working. Upstream verified > that global variable is the best compromise for performance across > all 32-bit ARM targets (TLS will be too slow in the average case).
What's the effective difference in security between this and the existing ports? > - Pointer mangling: > - Not supported. Do we ship it in the x86 ports? > Upstream glibc 2.19 summary: > > - Stack guard support already present using global variable. > > - Will have pointer encryption support using global variable, > and could be a candidate for backport to f20. Cool. This is a runtime change, right? There's no requirement for a rebuild to take advantage of it? > Do we need pointer mangling? If so then we need someone to file an > f20 specific bug so the glibc team can look at backporting the fix. > I won't commit to it until I review exactly what might need changing. The aim was for parity of important features, but it doesn't seem like we've ever advertised pointer guard as a Fedora feature so I'm not personally that worried. -- Matthew Garrett | mj...@srcf.ucam.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
