From: Sandra Loosemore <sandra@codesourcery.com>
To: Ilya Enkovich <enkovich.gnu@gmail.com>
Cc: Joseph Myers <joseph@codesourcery.com>,
Richard Biener <rguenther@suse.de>,
gcc-patches <gcc-patches@gcc.gnu.org>
Subject: Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX
Date: Mon, 06 Apr 2015 17:15:00 -0000 [thread overview]
Message-ID: <5522BF01.4030803@codesourcery.com> (raw)
In-Reply-To: <20150406151742.GA43634@msticlxl57.ims.intel.com>
On 04/06/2015 09:17 AM, Ilya Enkovich wrote:
> On 05 Apr 19:44, Sandra Loosemore wrote:
>> On 04/03/2015 01:34 PM, Joseph Myers wrote:
>>> On Tue, 31 Mar 2015, Ilya Enkovich wrote:
>>>
>>>> +library. It also passes '-z bndplt' to a linker in case it supports this
>>>> +option (which is checked on libmpx configuration). Note that old versions
>>>> +of linker may ignore option. Gold linker doesn't support '-z bndplt'
>>>> +option. With no '-z bndplt' support in linker all calls to dynamic libraries
>>>> +lose passed bounds reducing overall protection level. It's highly
>>>> +recommended to use linker with '-z bndplt' support. In case such linker
>>>> +is not available it is adviced to always use @option{-static-libmpxwrappers}
>>>> +for better protection level or use @option{-static} to completely avoid
>>>> +external calls to dynamic libraries. MPX-based instrumentation
>>>
>>> Use @samp{-z bndplt} rather than '' quoting (but Sandra may have further
>>> advice on the substance of this documentation).
>>
>> To tell the truth, I can't figure out what this means from a user
>> perspective. How does a user know whether the linker option is
>> being ignored, or if they have a new enough linker? If the linker
>> available at configuration time doesn't support the option, does
>> that mean the option will never be passed and users will never know
>> that there are gaping holes in the pointer bounds checking?
>>
>> My suggestion would be to pass the option unconditionally and make
>> the documentation say something like
>
> This option was rejected.
Hrmmmm, how about then just *never* passing the magic option to the
linker, and telling users they either have to pass it manually (and use
a linker that supports it), use static linking, or do without bounds
checking on dynamic libraries?
Remember that most GCC users do not configure GCC themselves... they
use whatever came with their distro or from their toolchain vendor, or
was installed by their sysadmin. So most GCC users have no way to know
what linker their GCC binary was configured with and it's just confusing
that this important linker option might or might not be included based
on factors they don't know about or can't control.
> +++ b/gcc/doc/invoke.texi
> @@ -5858,12 +5858,12 @@ a runtime library to enable MPX in hardware and handle bounds
> violation signals. By default when @option{-fcheck-pointer-bounds}
> and @option{-mmpx} options are used to link a program, the GCC driver
> links against the @file{libmpx} runtime library and @file{libmpxwrappers}
> -library. It also passes '-z bndplt' to a linker in case it supports this
> -option (which is checked on libmpx configuration). Note that old versions
> -of linker may ignore option. Gold linker doesn't support '-z bndplt'
> -option. With no '-z bndplt' support in linker all calls to dynamic libraries
> -lose passed bounds reducing overall protection level. It's highly
> -recommended to use linker with '-z bndplt' support. In case such linker
> +library. It also passes @option{-z bndplt} to a linker in case it supports
> +this option (which is checked on libmpx configuration). LD supports it starting
> +from version 2.25. Gold linker doesn't support @option{-z bndplt}
> +option. With no @option{-z bndplt} support in a linker all calls to dynamic
> +libraries lose passed bounds reducing overall protection level. It's highly
> +recommended to use linker with @option{-z bndplt} support. In case such linker
> is not available it is adviced to always use @option{-static-libmpxwrappers}
> for better protection level or use @option{-static} to completely avoid
> external calls to dynamic libraries. MPX-based instrumentation
Besides being confusing, there are typos ("adviced") and grammatical
errors here.
If we really cannot make the linker option either always used or always
omitted, how about something like this?
If GCC was configured with a linker that supports @option{-z bndplt},
then this option is also passed when linking. It is supported in LD
starting with version 2.25, but not in the Gold linker. You should pass
@option{-z bndplt} on your link line explicitly if you are not certain
how your GCC was configured.
Without this option and appropriate linker support, all calls to dynamic
libraries lose bounds checking information. If no linker support for
@option{-z bndplt} is available, you should link with @option{-static}
instead to avoid external calls to dynamic libraries.
...then add a paragraph break before "MPX-based instrumentation...."
-Sandra
next prev parent reply other threads:[~2015-04-06 17:15 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-18 11:56 Ilya Enkovich
2015-03-18 12:03 ` H.J. Lu
2015-03-18 12:05 ` Ilya Enkovich
2015-03-18 12:08 ` H.J. Lu
2015-03-18 12:13 ` Ilya Enkovich
2015-03-18 12:25 ` H.J. Lu
2015-03-18 12:42 ` Richard Biener
2015-03-18 13:24 ` Ilya Enkovich
2015-03-18 13:32 ` H.J. Lu
2015-03-18 13:41 ` Ilya Enkovich
2015-03-18 13:52 ` H.J. Lu
2015-03-18 13:59 ` Ilya Enkovich
2015-03-18 14:02 ` Jakub Jelinek
2015-03-18 14:31 ` H.J. Lu
2015-03-18 14:42 ` H.J. Lu
2015-03-18 16:14 ` Ilya Enkovich
2015-03-18 16:45 ` H.J. Lu
2015-03-18 17:13 ` Ilya Enkovich
2015-03-18 17:14 ` H.J. Lu
2015-03-18 17:34 ` Ilya Enkovich
2015-03-18 17:39 ` H.J. Lu
2015-03-18 18:13 ` Ilya Enkovich
2015-03-18 14:03 ` Robert Dewar
2015-03-18 14:33 ` Markus Trippelsdorf
2015-03-23 10:19 ` Ilya Enkovich
2015-03-31 9:47 ` Ilya Enkovich
2015-04-02 4:34 ` Jeff Law
2015-04-02 11:01 ` H.J. Lu
2015-04-03 19:34 ` Joseph Myers
2015-04-06 1:45 ` Sandra Loosemore
2015-04-06 2:35 ` H.J. Lu
2015-04-06 3:08 ` Sandra Loosemore
2015-04-06 15:18 ` Ilya Enkovich
2015-04-06 15:28 ` Jeff Law
2015-04-06 15:54 ` Ilya Enkovich
2015-05-26 9:26 ` Ilya Enkovich
2015-05-27 15:35 ` Jeff Law
2015-06-03 9:04 ` Ilya Enkovich
2015-06-03 15:29 ` Joseph Myers
2015-06-03 15:59 ` Ilya Enkovich
2015-06-03 16:03 ` Joseph Myers
2015-06-04 14:14 ` Ilya Enkovich
2015-06-04 15:55 ` Joseph Myers
2015-06-05 14:44 ` Ilya Enkovich
2015-06-25 19:00 ` Jeff Law
2015-04-06 17:15 ` Sandra Loosemore [this message]
2015-04-07 19:01 ` Jeff Law
2015-04-07 19:29 ` H.J. Lu
2015-04-07 20:12 ` Markus Trippelsdorf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5522BF01.4030803@codesourcery.com \
--to=sandra@codesourcery.com \
--cc=enkovich.gnu@gmail.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=joseph@codesourcery.com \
--cc=rguenther@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).