This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX
- From: "H.J. Lu" <hjl dot tools at gmail dot com>
- To: Jeff Law <law at redhat dot com>
- Cc: Sandra Loosemore <sandra at codesourcery dot com>, Ilya Enkovich <enkovich dot gnu at gmail dot com>, Joseph Myers <joseph at codesourcery dot com>, Richard Biener <rguenther at suse dot de>, gcc-patches <gcc-patches at gcc dot gnu dot org>
- Date: Tue, 7 Apr 2015 12:28:57 -0700
- Subject: Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX
- Authentication-results: sourceware.org; auth=none
- References: <20150318115630 dot GA64546 at msticlxl57 dot ims dot intel dot com> <CAMbmDYYuG0GAuym4-RVUnX6EWVtjaCuA240HTCef65kU26H6YQ at mail dot gmail dot com> <20150331094702 dot GC52842 at msticlxl57 dot ims dot intel dot com> <alpine dot DEB dot 2 dot 10 dot 1504031932570 dot 29464 at digraph dot polyomino dot org dot uk> <5521E515 dot 2030802 at codesourcery dot com> <20150406151742 dot GA43634 at msticlxl57 dot ims dot intel dot com> <5522BF01 dot 4030803 at codesourcery dot com> <5524297D dot 2050800 at redhat dot com>
On Tue, Apr 7, 2015 at 12:01 PM, Jeff Law <law@redhat.com> wrote:
> On 04/06/2015 11:14 AM, Sandra Loosemore wrote:
>>
>> On 04/06/2015 09:17 AM, Ilya Enkovich wrote:
>>>
>>> On 05 Apr 19:44, Sandra Loosemore wrote:
>>>>
>>>> On 04/03/2015 01:34 PM, Joseph Myers wrote:
>>>>>
>>>>> On Tue, 31 Mar 2015, Ilya Enkovich wrote:
>>>>>
>>>>>> +library. It also passes '-z bndplt' to a linker in case it
>>>>>> supports this
>>>>>> +option (which is checked on libmpx configuration). Note that old
>>>>>> versions
>>>>>> +of linker may ignore option. Gold linker doesn't support '-z bndplt'
>>>>>> +option. With no '-z bndplt' support in linker all calls to
>>>>>> dynamic libraries
>>>>>> +lose passed bounds reducing overall protection level. It's highly
>>>>>> +recommended to use linker with '-z bndplt' support. In case such
>>>>>> linker
>>>>>> +is not available it is adviced to always use
>>>>>> @option{-static-libmpxwrappers}
>>>>>> +for better protection level or use @option{-static} to completely
>>>>>> avoid
>>>>>> +external calls to dynamic libraries. MPX-based instrumentation
>>>>>
>>>>>
>>>>> Use @samp{-z bndplt} rather than '' quoting (but Sandra may have
>>>>> further
>>>>> advice on the substance of this documentation).
>>>>
>>>>
>>>> To tell the truth, I can't figure out what this means from a user
>>>> perspective. How does a user know whether the linker option is
>>>> being ignored, or if they have a new enough linker? If the linker
>>>> available at configuration time doesn't support the option, does
>>>> that mean the option will never be passed and users will never know
>>>> that there are gaping holes in the pointer bounds checking?
>>>>
>>>> My suggestion would be to pass the option unconditionally and make
>>>> the documentation say something like
>>>
>>>
>>> This option was rejected.
>>
>>
>> Hrmmmm, how about then just *never* passing the magic option to the
>> linker, and telling users they either have to pass it manually (and use
>> a linker that supports it), use static linking, or do without bounds
>> checking on dynamic libraries?
>>
>> Remember that most GCC users do not configure GCC themselves... they
>> use whatever came with their distro or from their toolchain vendor, or
>> was installed by their sysadmin. So most GCC users have no way to know
>> what linker their GCC binary was configured with and it's just confusing
>> that this important linker option might or might not be included based
>> on factors they don't know about or can't control.
>
> But the same arguments apply to forcing the user to manually pass the
> argument, select static linking, etc.
>
> If I think about the most common case usage, it's going to be a
> compiler/binutils pair built by a distribution such as Fedora, Ubuntu, etc
> and the configure time test will do the right thing. It's only cases where
> folks are updating components separately, or building themselves that the
> configure time test falls down.
You can't have it both ways. If the common usage is targeting
distributions, -z bndplt should always be passed to ld for MPX
since distributions should have the proper linker for MPX.
--
H.J.
- References:
- Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX
- Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX
- Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX
- Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX
- Re: [PATCH, libmpx, i386, PR driver/65444] Pass '-z bndplt' when building dynamic objects with MPX