Le Thu, Sep 14, 2023 at 05:53:53PM +0200, Mark Kettenis a écrit : > > From: Theo de Raadt <dera...@cvs.openbsd.org> > > Date: Thu, 14 Sep 2023 01:02:14 -0600 (MDT) > > > > I do not think this should be enabled. > > Our stacks work differently. > > We don't put shit near the bottom of the main stack, because we > > reserve the space. > > For pthread stacks, we allocate them randomly also so you cannot > > determistically trash a specific object. > > This change also make very small stacks (meaning pthreads) potentially > > reach beyond the bottom in a weird new way. > > We simply don't need to cpu and pte's for this. > > But if the stack space is used we'll have to spend the CPU time to > fault the pages in and allocate the PTEs anyway. Only stupid code > allocates large amounts of stack space and doesn't use it! > > Now with -fstack-clash-protection, there will be a few additional > loads and the access pattern will be slightly different and there will > be slightly different. But if firefox enables this the performance > impact must be really, really small. > > As far as I understand, the proposed change would only make the option > available, but it would still be turned off by default. So only ports > that explicitly turn this option on would be affected.
i have no desire to die on this hill, so i've had upstream mozilla drop the -fstack-clash-protection option from CFLAGS when on OpenBSD. Landry
