[dpdk-dev] Compiler hardening flags for libraries and performance implications
Luca Boccassi
lboccass at Brocade.com
Tue Jul 26 16:53:13 CEST 2016
Hello,
While working on uploading DPDK to Ubuntu and Debian, we were wondering
if anyone had any thoughts/opinions on enabling compiler hardening flags
for the DPDK libraries and the possible performance implications.
Especially 2 of the hardening options provided on Debian/Ubuntu [1]
explicitly cite performance implications:
- "bind now" (ld -z now), which forces to resolve all dynamic symbols
immediately at load
- "stack protector" (-fstack-protector-strong), which adds safety checks
against stack overwrites
Any opinions? Would anyone have reservations if we enabled all of these
in the packages that will be distributed in Ubuntu and Debian?
Thanks!
--
Kind regards,
Luca Boccassi
[1] https://wiki.debian.org/Hardening#Environment_variables
More information about the dev
mailing list