Reviewers: , Message: Hi, this is to port the patch from google/main to trunk, which provides a new stack protection option - "fstack-protector-strong".
Previous review for google trunk is here - http://codereview.appspot.com/5461043 Status - it has been used in google/main for 2 quarters, building the whole chromiumos with no securiy degradation. Benefit - gain big performance while sacrificing little security (for scenarios using -fstack-protector-all) Background - some times stack-protector is too-simple while stack-protector-all over-kills, for example, to build one of our core systems, we forcibly add "-fstack-protector-all" to all compile commands, which brings big performance penalty (due to extra stack guard/check insns on function prologue and epilogue) on both atom and arm. To use "-fstack-protector" is just regarded as not secure enough (only "protects" <2% functions) by the system secure team. So I'd like to add the option "-fstack-protector-strong", that hits the balance between "-fstack-protector" and "-fstack-protector-all". Detail - https://docs.google.com/a/google.com/document/d/1xXBH6rRZue4f296vGt9YQcuLVQHeE516stHwt8M9xyU/edit?hl=en_US Tested - dejagnu, building chromiumos from scratch. Ok for trunk? Thank, -Han Description: This is to port the patch from google/main to trunk, which provides a new stack protection option - "fstack-protector-strong". Previous review for google trunk is here - http://codereview.appspot.com/5461043 Status - it has been used in google/main for 2 quarters, building the whole chromiumos with no securiy degradation. Benefit - gain big performance while sacrificing little security (for scenarios using -fstack-protector-all) Background - some times stack-protector is too-simple while stack-protector-all over-kills, for example, to build one of our core systems, we forcibly add "-fstack-protector-all" to all compile commands, which brings big performance penalty (due to extra stack guard/check insns on function prologue and epilogue) on both atom and arm. To use "-fstack-protector" is just regarded as not secure enough (only "protects" <2% functions) by the system secure team. So I'd like to add the option "-fstack-protector-strong", that hits the balance between "-fstack-protector" and "-fstack-protector-all". Detail - https://docs.google.com/a/google.com/document/d/1xXBH6rRZue4f296vGt9YQcuLVQHeE516stHwt8M9xyU/edit?hl=en_US Tested - building chromiumos from scratch. Please review this at http://codereview.appspot.com/6303078/ Affected files: M gcc/cfgexpand.c M gcc/common.opt gcc/doc/invoke.texi A gcc/testsuite/g++.dg/fstack-protector-strong.C A gcc/testsuite/gcc.dg/fstack-protector-strong.c