Hi! On Mon, 2016-05-23 at 11:45:46 +0100, Steven Chamberlain wrote: > This may be a silly / obvious question to ask, but: > do any of the proposed hardening options _really_ change the ABI?
I don't think it's silly at all! I've actually wondered this myself and asked Bálint in person and at least in #812782, perhaps somewhere else. > I think LLVM/Clang's ASan implementation does (for Feature: "symbol size > changing for global variables" on > https://github.com/google/sanitizers/wiki/AddressSanitizerClangVsGCC) > but couldn't confirm if that is the case with GCC (which seems to not > implement that particular feature, at least). I think the problem Bálint described with ASAN was something else, but TBH I cannot remember what was it. In any case I've found the documentation about the various *SAN very lacking. :( And this specific part was not covered at all when I looked at the time. > If there's no ABI change, creation of a new arch and gnuhardened*-*-* > triplet wouldn't be needed; hardened packages would be co-installable > with official ones without using multi-arch; and perhaps all that is > needed is a separate archive suite, to achieve what was suggested on > http://balintreczey.hu/blog/proposing-amd64-hardened-architecture-for-debian/ > > (Or, packages in the main archive could enable those hardening options?). Exactly my thoughts, and what I also told Bálint at the time. Thanks, Guillem
