This is the mail archive of the gcc-patches@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX


On 04/06/2015 09:17 AM, Ilya Enkovich wrote:
On 05 Apr 19:44, Sandra Loosemore wrote:
On 04/03/2015 01:34 PM, Joseph Myers wrote:
On Tue, 31 Mar 2015, Ilya Enkovich wrote:

+library.  It also passes '-z bndplt' to a linker in case it supports this
+option (which is checked on libmpx configuration).  Note that old versions
+of linker may ignore option.  Gold linker doesn't support '-z bndplt'
+option.  With no '-z bndplt' support in linker all calls to dynamic libraries
+lose passed bounds reducing overall protection level.  It's highly
+recommended to use linker with '-z bndplt' support.  In case such linker
+is not available it is adviced to always use @option{-static-libmpxwrappers}
+for better protection level or use @option{-static} to completely avoid
+external calls to dynamic libraries.  MPX-based instrumentation

Use @samp{-z bndplt} rather than '' quoting (but Sandra may have further
advice on the substance of this documentation).

To tell the truth, I can't figure out what this means from a user
perspective.  How does a user know whether the linker option is
being ignored, or if they have a new enough linker?  If the linker
available at configuration time doesn't support the option, does
that mean the option will never be passed and users will never know
that there are gaping holes in the pointer bounds checking?

My suggestion would be to pass the option unconditionally and make
the documentation say something like

This option was rejected.

Hrmmmm, how about then just *never* passing the magic option to the linker, and telling users they either have to pass it manually (and use a linker that supports it), use static linking, or do without bounds checking on dynamic libraries?

Remember that most GCC users do not configure GCC themselves... they use whatever came with their distro or from their toolchain vendor, or was installed by their sysadmin. So most GCC users have no way to know what linker their GCC binary was configured with and it's just confusing that this important linker option might or might not be included based on factors they don't know about or can't control.

+++ b/gcc/doc/invoke.texi
@@ -5858,12 +5858,12 @@ a runtime library to enable MPX in hardware and handle bounds
  violation signals.  By default when @option{-fcheck-pointer-bounds}
  and @option{-mmpx} options are used to link a program, the GCC driver
  links against the @file{libmpx} runtime library and @file{libmpxwrappers}
-library.  It also passes '-z bndplt' to a linker in case it supports this
-option (which is checked on libmpx configuration).  Note that old versions
-of linker may ignore option.  Gold linker doesn't support '-z bndplt'
-option.  With no '-z bndplt' support in linker all calls to dynamic libraries
-lose passed bounds reducing overall protection level.  It's highly
-recommended to use linker with '-z bndplt' support.  In case such linker
+library.  It also passes @option{-z bndplt} to a linker in case it supports
+this option (which is checked on libmpx configuration).  LD supports it starting
+from version 2.25.  Gold linker doesn't support @option{-z bndplt}
+option.  With no @option{-z bndplt} support in a linker all calls to dynamic
+libraries lose passed bounds reducing overall protection level.  It's highly
+recommended to use linker with @option{-z bndplt} support.  In case such linker
  is not available it is adviced to always use @option{-static-libmpxwrappers}
  for better protection level or use @option{-static} to completely avoid
  external calls to dynamic libraries.  MPX-based instrumentation

Besides being confusing, there are typos ("adviced") and grammatical errors here.

If we really cannot make the linker option either always used or always omitted, how about something like this?

If GCC was configured with a linker that supports @option{-z bndplt}, then this option is also passed when linking. It is supported in LD starting with version 2.25, but not in the Gold linker. You should pass @option{-z bndplt} on your link line explicitly if you are not certain how your GCC was configured. Without this option and appropriate linker support, all calls to dynamic libraries lose bounds checking information. If no linker support for @option{-z bndplt} is available, you should link with @option{-static} instead to avoid external calls to dynamic libraries.

...then add a paragraph break before "MPX-based instrumentation...."

-Sandra


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]