Page MenuHomeFreeBSD
Differential D56870

kernel: Enable -fstack-protector-strong
ClosedPublic
Actions

Authored by markj on May 7 2026, 4:32 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Jun 20, 3:53 PM
Unknown Object (File)
Tue, Jun 16, 9:13 PM
Unknown Object (File)
Tue, Jun 16, 11:29 AM
Unknown Object (File)
Thu, Jun 4, 10:15 PM
Unknown Object (File)
Sat, May 30, 2:33 PM
Unknown Object (File)
May 21 2026, 10:45 PM
Unknown Object (File)
May 21 2026, 1:14 PM
Unknown Object (File)
May 20 2026, 11:18 PM
View All 25 Files
Subscribers
emaste
imp
olce
olivier

Details

Reviewers
olivier
emaste
olce
Commits
rG7dc01dec4c3a: kernel: Enable -fstack-protector-strong by default
rG8deebce931fa: kernel: Enable -fstack-protector-strong by default
Summary

This extends stack canary use to all functions which perform operations
on arrays, not just those which operate on byte buffers.

Test Plan

I ran will-it-scale on a 16-core ryzen 7950X3D (hyperthreading enabled, will disable it if I do another run): https://people.freebsd.org/~markj/stack-protector-strong/will-it-scale2.html

The results aren't very conclusive. (will-it-scale also isn't a great test for this, but it's convenient and I have some scripts for it.) The stack-protector option changes the kernel's .text layout and I suspect that the small differences observed in the benchmark are a result of that rather than direct overhead of the option itself. In particular:

   text    data     bss     dec     hex filename
21042932        1756749 8728192 31527873        1e113c1 /boot/kernel.no-stack-protector/kernel
21142484        1756749 8728192 31627425        1e298a1 /boot/kernel.stack-protector/kernel
21485116        1756749 8728192 31970057        1e7d309 /boot/kernel.stack-protector-strong/kernel

and across the benchmarks there's no consistent "winner". I wouldn't expect the kernel to matter at all for the malloc 1KB benchmarks for instance, as there are no system calls happening.

With -fstack-protector-strong something like ~9000 functions in the kernel are covered, versus ~1500 by default. (This isn't counting kernel modules.)

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 72878
Build 69761: arc lint + arc unit

Event Timeline

markj created this revision.May 7 2026, 4:32 PM
Herald added a subscriber: imp. · View Herald TranscriptMay 7 2026, 4:32 PM
markj requested review of this revision.May 7 2026, 4:32 PM
Harbormaster completed remote builds in B72878: Diff 177370.May 7 2026, 4:32 PM
emaste added a subscriber: emaste.May 7 2026, 4:45 PM
olivier accepted this revision.May 12 2026, 9:02 PM
olivier added a subscriber: olivier.

No performance impact (CPU usage increase) for our use case

This revision is now accepted and ready to land.May 12 2026, 9:02 PM
emaste accepted this revision.May 12 2026, 9:08 PM
olce accepted this revision.May 12 2026, 9:09 PM
olce added a subscriber: olce.

Great!

markj edited the test plan for this revision. (Show Details)May 14 2026, 3:38 PM
markj edited the test plan for this revision. (Show Details)May 22 2026, 2:47 PM
Closed by commit rG8deebce931fa: kernel: Enable -fstack-protector-strong by default (authored by markj). · Explain WhyMay 22 2026, 2:55 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG8deebce931fa: kernel: Enable -fstack-protector-strong by default.
markj added a commit: rG7dc01dec4c3a: kernel: Enable -fstack-protector-strong by default.Mon, Jun 15, 6:02 PM

Revision Contents
Changeset List

PathSize
sys/
conf/
2 lines

Diff 177370

View Options

sys/conf/kern.mk

Loading...