On 01/09/2015 04:05 AM, Reindl Harald wrote:
*but* since *mobile phones* and other operating systems in the meantime are full PIE and it improves security how can someone justify the reason performance on a desktop/server distribution with much more powerful hardware?
Often the usage statistics are vastly different. A mobile phone might instantiate a module (main program or shared library) a few thousand times per day, while a desktop/server often instantiates a module many thousand times per minute. Thus the initial costs of processing the relocation table often do not matter on the phone, but can be significant on the desktop/server. Modifying the relocation table of a PIE/PIC module costs a page of RAM. This can matter in a small VM that has only 256MB or 512MB of RAM. On a phone the net cost can be zero because if the pre-image is kept compressed then often every page in the process image is new anyway. A desktop/server usually stores most modules uncompressed and shareable. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
