From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gcc-patches-return-393723-listarch-gcc-patches=gcc.gnu.org@gcc.gnu.org>
Received: (qmail 53279 invoked by alias); 18 Mar 2015 17:14:45 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Received: (qmail 53254 invoked by uid 89); 18 Mar 2015 17:14:43 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=2.8 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,KAM_FROM_URIBL_PCCC,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.2
X-HELO: mail-oi0-f42.google.com
Received: from mail-oi0-f42.google.com (HELO mail-oi0-f42.google.com) (209.85.218.42) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-GCM-SHA256 encrypted) ESMTPS; Wed, 18 Mar 2015 17:14:42 +0000
Received: by oifl3 with SMTP id l3so12109309oif.0        for <gcc-patches@gcc.gnu.org>; Wed, 18 Mar 2015 10:14:40 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.202.208.22 with SMTP id h22mr1123116oig.78.1426698880562; Wed, 18 Mar 2015 10:14:40 -0700 (PDT)
Received: by 10.76.134.102 with HTTP; Wed, 18 Mar 2015 10:14:40 -0700 (PDT)
In-Reply-To: <CAMbmDYZq8ww6Ot_EoRJ5oJCPppiRc-_F1DzwQY3i+b8R6qWaJQ@mail.gmail.com>
References: <CAMbmDYZ2cd3MxwBEn5XUtsx=bV_a68-pWnLxE6=iE9M2BrY=KA@mail.gmail.com>	<CAMe9rOr=EKOdg-coaFD6p7Ch746ogCMMQ0Oi8X=j+iG8QEp5ZQ@mail.gmail.com>	<CAMbmDYYvawszQfnxfJBnkMa6tQ4SuS+jzE9j33rs+nDM656TEQ@mail.gmail.com>	<CAMe9rOorXdhkXoSB6YtuEqf75LKw_bJGyz6cKxWcAi0do-cRCA@mail.gmail.com>	<CAFiYyc2vFJe=8ucExq7Vf2iixg9pQb3KwjpdWw7KRnk_J4FjJw@mail.gmail.com>	<CAMbmDYY17OTkGkLb1iL+HKvt7nvyJjgT5XnFpDQOZhDwG6B7_w@mail.gmail.com>	<CAMe9rOrkWyGkv7ndR9rQBL2rG5zg8g8_oZTB222u5k7YHE14NA@mail.gmail.com>	<CAMbmDYbUpZsBDOrB_SC2=EYo6g19BaRa=jjm6vDYGD4ZFziXEA@mail.gmail.com>	<CAMe9rOqiBC9AF=hxMX8C2x2-WpHmHXBZpyv4xYdg96iO+NDpiw@mail.gmail.com>	<CAMbmDYaNDDc6d_K61_kzzaZnfaieWvvyRLvy3kUvf=Eb6C8CXw@mail.gmail.com>	<20150318140224.GL1746@tucnak.redhat.com>	<CAMe9rOq64hQyM+G+d_XguaFUHyOSLh4QM_yHeSxzJm28uXLe4w@mail.gmail.com>	<CAMe9rOoQ33JnsEk6m8dNGACty+zgsS24jkgWN7fAQoa9FGKZTw@mail.gmail.com>	<CAMbmDYbqxdBMs2XjDAL2ia5rwTwRfqSPDoBPS+=oJEBcJ1FJuw@mail.gmail.com>	<CAMe9rOq0fw+b+UGvRs-Fr3+43ud7jy9xe_EKsP0oXftB+0UdiA@mail.gmail.com>	<CAMbmDYZq8ww6Ot_EoRJ5oJCPppiRc-_F1DzwQY3i+b8R6qWaJQ@mail.gmail.com>
Date: Wed, 18 Mar 2015 17:14:00 -0000
Message-ID: <CAMe9rOp7yEs7Mv4RxLD7bW3yVyLLaovd+rUqr76U5sCwiVrVvg@mail.gmail.com>
Subject: Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX
From: "H.J. Lu" <hjl.tools@gmail.com>
To: Ilya Enkovich <enkovich.gnu@gmail.com>
Cc: Jakub Jelinek <jakub@redhat.com>, Richard Biener <richard.guenther@gmail.com>, 	GCC Patches <gcc-patches@gcc.gnu.org>, Uros Bizjak <ubizjak@gmail.com>
Content-Type: text/plain; charset=UTF-8
X-IsSubscribed: yes
X-SW-Source: 2015-03/txt/msg00963.txt.bz2

On Wed, Mar 18, 2015 at 10:13 AM, Ilya Enkovich <enkovich.gnu@gmail.com> wrote:
> 2015-03-18 19:45 GMT+03:00 H.J. Lu <hjl.tools@gmail.com>:
>> On Wed, Mar 18, 2015 at 9:14 AM, Ilya Enkovich <enkovich.gnu@gmail.com> wrote:
>>> 2015-03-18 17:42 GMT+03:00 H.J. Lu <hjl.tools@gmail.com>:
>>>> On Wed, Mar 18, 2015 at 7:31 AM, H.J. Lu <hjl.tools@gmail.com> wrote:
>>>>
>>>> MPX is a security feature.  Knowing leaving a door open is a
>>>> bad idea.
>>>
>>> Instrumented binary used with legacy libraries is a supported usage
>>> model. Each user determines his own level of security.
>>>
>>
>> It doesn't mean we should leave a door open.  Are we supposed to
>> detect this with MPX:
>>
>> [hjl@skylakeclient bug-1]$ cat x.c
>> #include <string.h>
>>
>> int
>> main ()
>> {
>>   char buf[10];
>>   memset(buf, 'a', 11);
>>   return 0;
>> }
>> [hjl@skylakeclient bug-1]$
>>
>> I believe we should, not maybe.  We shouldn't silent fail it
>> when linker doesn't support -z bndplt.
>
> It depends on compiler flags and libraries used and is up to user to
> decide. User may be warned during libmpx configuration.
>

What is "USER"?  The one who build GCC may not be same
person who uses GCC.


-- 
H.J.