Hi, I propose to add to gcc a new option regarding stack protector - "-fstack-protector-strong", in addition to current gcc's "-fstack-protector-all", which protects ALL functions, and "-fstack-protector", which protects functions that have a big (signed/unsigned) char array or have alloca called.
Background - some times stack-protector is too-simple while stack-protector-all over-kills, for example, to build one of our core systems, we forcibly add "-fstack-protector-all" to all compile commands, which brings big performance penalty (due to extra stack guard/check insns on function prologue and epilogue) on both atom and arm. To use "-fstack-protector" is just regarded as not secure enough (only "protects" <2% functions) by the system secure team. So I'd like to add the option "-fstack-protector-strong", that hits the balance between "-fstack-protector" and "-fstack-protector-all". Benefit - gain big performance while sacrificing little security (for scenarios using -fstack-protector-all) Status - implemented internally, to be up-streamed or merged to google branch only. Detail - here. Thoughts? Thanks! -Han
