GCC 12 Adds Stack Variable Auto-Initialization, Other Security Improvements Forthcoming

Written by Michael Larabel in GNU on 23 September 2021 at 07:17 AM EDT. 20 Comments
GNU
Qing Zhao of Oracle presented yesterday during the LPC2021 GNU Tools Track around the work they and others have been engaged in for improving the security of the GNU Compiler Collection (GCC).

In some areas this GCC security work is about catching up with security features already implemented by LLVM Clang. Among the features have been for zeroing out caller-used registers on return, auto initializing of stack variables, unsigned overflow detection, and more. For instance with GCC 11 is the zero-call-used-regs compiler feature and now with Linux 5.15 that feature can be optionally used to enhance the kernel security.

Slipping under our radar earlier this month was that GCC 12 has landed stack variable auto-initialization. This new GCC 12 security feature can be turned on with the "-ftrivial-auto-var-init=zero" compiler switch. LLVM/Clang saw this security option posted back in 2018.


With the stack variable auto initialization, it leaves GCC still needing to support speculative load hardening, unsigned overflow protection, and control flow integrity improvements to match the Clang security features.

Those wishing to learn more about the GCC security work ongoing by Oracle and others can see the presentation below along with the slides.

20 Comments
Related News
GCC 14 Compiler Adds AArch64 GNU/Hurd Support
GCC 14 Boasts Nice ASCII Art For Visualizing Buffer Overflows
GNU Poke 4.0 & Poke-ELF 1.0 Released For Dealing With Binary Data
GNU Coreutils 9.5 Can Yield 10~20% Throughput Boost For cp, mv & cat Commands
IBM Posts GCC Patches For -mcpu=power11 Support
GNU Linux-libre 6.8-gnu Dealing With Blobs From New Intel Drivers
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Linux 6.10 To Merge NTSYNC Driver For Emulating Windows NT Synchronization Primitives
Fedora 41 Looks To "-O3" Optimizations For Its Python Build
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
APT 2.9 Released: Debian's APT 3.0 To Have A New UI With Colors, Columnar Display & More
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Open-Source Radeon Driver Enables Support For Vulkan Video H.264/H.265 Encode
Ubuntu 24.04 Beta Now Available For Testing