[Bug 5996] New: Enable UCLIBC_BUILD_NOW by Default
bugzilla at busybox.net
bugzilla at busybox.net
Thu Feb 28 00:00:30 UTC 2013
https://bugs.busybox.net/show_bug.cgi?id=5996
Summary: Enable UCLIBC_BUILD_NOW by Default
Product: uClibc
Version: 0.9.33.3
Platform: PC
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P5
Component: Other
AssignedTo: unassigned at uclibc.org
ReportedBy: noloader at gmail.com
CC: uclibc-cvs at uclibc.org
Estimated Hours: 0.0
This has security implications too. Surely Gingerbreak and its attack on the
PLT has not been forgotten??? (The PLT was used as a jumping off point or
trampoline).
The trade off (microsecond for the early bind) versus wiping out an entire
class of vulnerabilities seems like a win.
| This tells the linker to resolve all symbols when the library is │
│ first loaded, rather than when each function is first called. This │
│ increases start-up latency by a few microseconds and may do │
│ unnecessary work (resolving symbols that are never used), but the │
│ realtime people like it for making microbenchmark timings slightly │
│ more predictable and in some cases it can be slightly faster due to │
│ CPU cache behavior (not having to fault the linker back in to do │
│ lazy symbol resolution).
--
Configure bugmail: https://bugs.busybox.net/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the uClibc-cvs
mailing list