Modernise GCC Flags
Summary
Update the default GCC flags to reflect current architecture requirements and compiler capabilities.
Owner
- Name: Florian Weimer
- Email: fweimer@redhat.com
- Release notes owner:
Current status
- Targeted release: Fedora 23
- Last updated: 2015-01-19
- Tracker bug:
Detailed Description
The following changes are propsoed.
- Enable position-independent executables (PIE) by default for all applications, using
-fpie -pie
. - Switch to SSE 2 for floating-point calculations, using
-msse2 -mfpmath=sse
. - Make
off_t
andino_t
64 bit by default (even on 32-bit architectures)
Copy relocations support in GCC and binutils makes the performance on x86_64 of PIE literally zero for many programs.
SSE 2 was introduced in 2000, almost 15 years ago, and all current IA-32 implementations known to the proponent (which meet Fedora's other requirements, such as support for atomic instructions) support it.
Benefit to Fedora
PIE-by-default provides better address-space randomization (ASLR).
SSE 2 slightly increases performance of floating-point heavy code.
SSE 2 support brings simplifications to code generators, and many upstreams have expressed a desire to deprecate i387 support:
64 bit inode values in file systems are increasingly 64 bit by default, and using a 32-bit ino_t
type introduces spurious failures, even for programs which have not explicitly enabled 64-bit file system interfaces because they deemed that unnecessary considering their typical input file sizes. Several libraries use off_t
in public headers, which currently leads to ABI bugs because this type can have different definitions depending on whether Large File Support is enabled or not.
Scope
- Proposal owners: If this proposal is accepted, a patch for
redhat-rpm-config
will have to be written.
- Other developers:
redhat-rpm-config
needs to be updated accordingly. Some tools which do not recognize PIE binaries (such as Nautilus, see [bug 737849]) will have to be fixed.
- Release engineering: This change requires a mass rebuild with new binutils and GCC 5.0.
- Policies and guidelines: Packages which follow the guidelines will automatically inherit the flags from
redhat-rpm-config
.
Upgrade/compatibility impact
Hardware which does not support SSE 2 will not be able to run Fedora binaries. For current hardware, the update will be transparent.
How To Test
PIE support is visible using file
. It will display (among other things)
ELF 32-bit LSB shared object
instead of:
ELF 32-bit LSB executable
SSE 2 support will be exercised during regular installation testing.
64-bit ino_t
/off_t
can be validated to some extent by checking for references to 32-bit interfaces such as fstat
.
User Experience
Ideally, users will not observe any change.
Dependencies
This change depends on GCC 5 and binutils 2.26.
Contingency Plan
- Contingency mechanism: If binutils 2.26 does not make it into Fedora 23, the copy-relocations optimization can be dropped.
- Contingency deadline: before the last mass rebuild
- Blocks release? No.
- Blocks product? No.
Documentation
From an upstream perspective, these changes are very minor, so there is no extensive documentation.
- Copy relocations support in GCC (spread across many months)
- Copy relocations support in binutils
- GCC documentation for target code generation flags
Release Notes
- Natively-compiled Fedora programs are now position-independent executables by default. This provides better address space randomization (ASLR) and therefore improved security hardening.
- Fedora for i386 now requires a CPU with SSE 2 support.