devel@lists.elisa.tech | Use compiler flags for stack protection in GCC and Clang

Home Messages Hashtags Subgroups

Date Date 1 - 2 of 2

Use compiler flags for stack protection in GCC and Clang

Shuah Khan #1892 All, Here is an article on gcc and clang compiler flags to use for stack protection: Use compiler flags for stack protection in GCC and Clang Both GCC and Clang provide a wide range of compiler flags to prevent stack-based attacks. Some of these flags relate to a specific kind of exploit. Others introduce generic protection. And some flags give feedback like warnings and reports to the user, providing a better understanding of the behavior of the stack program. Depending on the attack scenario, code size constraints, and execution speed, compilers provide a wide range of tools to address the attack. https://developers.redhat.com/articles/2022/06/02/use-compiler-flags-stack-protection-gcc-and-clang# thanks, -- Shuah
More All Messages By This Member
elana.copperman@... #1893 This is excellent, Shuah, and is very much aligned with previous work on kernel configurations and compiler settings for stack protection. Let's deep dive into these settings in this weeks LFSCS meeting, to understand how this ties in with: Performance considerations (already somewhat included in our Kernel Configurations DB ). Safety considerations, what is needed to "trust" such settings as part of a safety case. I think this has been our major roadblock to date. Regards Elana toggle quoted message Show quoted text From: devel@... <devel@...> on behalf of Shuah Khan <skhan@...> Sent: Friday, June 10, 2022 7:57 PM To: devel@... <devel@...> Cc: Shuah Khan <skhan@...> Subject: [ELISA Technical Community] Use compiler flags for stack protection in GCC and Clang EXTERNAL EMAIL: Do not click any links or open any attachments unless you trust the sender and know the content is safe. All, Here is an article on gcc and clang compiler flags to use for stack protection: Use compiler flags for stack protection in GCC and Clang Both GCC and Clang provide a wide range of compiler flags to prevent stack-based attacks. Some of these flags relate to a specific kind of exploit. Others introduce generic protection. And some flags give feedback like warnings and reports to the user, providing a better understanding of the behavior of the stack program. Depending on the attack scenario, code size constraints, and execution speed, compilers provide a wide range of tools to address the attack. https://developers.redhat.com/articles/2022/06/02/use-compiler-flags-stack-protection-gcc-and-clang# thanks, -- Shuah
More All Messages By This Member

1 - 2 of 2

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms