From patchwork Mon Apr  6 15:17:42 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Ilya Enkovich <enkovich.gnu@gmail.com>
X-Patchwork-Id: 458391
Return-Path: 
 <gcc-patches-return-394653-incoming=patchwork.ozlabs.org@gcc.gnu.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id D448C1400DE
	for <incoming@patchwork.ozlabs.org>;
	Tue,  7 Apr 2015 01:18:17 +1000 (AEST)
Authentication-Results: ozlabs.org; dkim=pass
	reason="1024-bit key; unprotected key"
	header.d=gcc.gnu.org header.i=@gcc.gnu.org header.b=pZabZyu4;
	dkim-adsp=none (unprotected policy); dkim-atps=neutral
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:date
	:from:to:cc:subject:message-id:references:mime-version
	:content-type:in-reply-to; q=dns; s=default; b=kV58cT425+h9HEN3m
	zdKywRBrgB0VfaIQvPcIs9nMjD+r+PMfaUTmOmDctczKq2JihOwPsVrIM2zLCVcB
	ABdzmSsePah7llk91QG47yHo2YeQlg1SJ1fj6d00wENMw1X5Zp/IWbLaCd2ViHaR
	ISUem1LRfKT/HWI+qJosVXWdqk=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=gcc.gnu.org; h=list-id
	:list-unsubscribe:list-archive:list-post:list-help:sender:date
	:from:to:cc:subject:message-id:references:mime-version
	:content-type:in-reply-to; s=default; bh=SfALUy8kx6gIcUuZ9M6E+FP
	pq0A=; b=pZabZyu4AFhwH0VLsKVJKaKY4gtBwOWXzip4KoQn0/xTCu9tMBEXWkG
	W/vquCysHTEivJ5TsoDfpS/48v0uF/qXOgvCDEK+ujz7yrejvQIMXCEcijARWIMB
	nUMVjVnLM4+SoIstyQ9t3387+0dMaBCckyLQPDnnsdBJBwToV6yM=
Received: (qmail 53621 invoked by alias); 6 Apr 2015 15:18:09 -0000
Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm
Precedence: bulk
List-Id: <gcc-patches.gcc.gnu.org>
List-Unsubscribe: 
 <mailto:gcc-patches-unsubscribe-incoming=patchwork.ozlabs.org@gcc.gnu.org>
List-Archive: <http://gcc.gnu.org/ml/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-help@gcc.gnu.org>
Sender: gcc-patches-owner@gcc.gnu.org
Delivered-To: mailing list gcc-patches@gcc.gnu.org
Received: (qmail 53612 invoked by uid 89); 6 Apr 2015 15:18:08 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.4 required=5.0 tests=AWL, BAYES_00,
	FREEMAIL_FROM, RCVD_IN_DNSWL_LOW,
	SPF_PASS autolearn=ham version=3.3.2
X-HELO: mail-wi0-f182.google.com
Received: from mail-wi0-f182.google.com (HELO mail-wi0-f182.google.com)
	(209.85.212.182) by sourceware.org
	(qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-GCM-SHA256
	encrypted) ESMTPS; Mon, 06 Apr 2015 15:18:03 +0000
Received: by wiax7 with SMTP id x7so23680452wia.0 for
	<gcc-patches@gcc.gnu.org>; Mon, 06 Apr 2015 08:18:00 -0700 (PDT)
X-Received: by 10.180.75.212 with SMTP id e20mr30784040wiw.26.1428333480843;
	Mon, 06 Apr 2015 08:18:00 -0700 (PDT)
Received: from msticlxl57.ims.intel.com (fmdmzpr01-ext.fm.intel.com.
	[192.55.54.36]) by mx.google.com with ESMTPSA id
	hi6sm6817845wjc.34.2015.04.06.08.17.57 (version=TLSv1
	cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Mon, 06 Apr 2015 08:17:59 -0700 (PDT)
Date: Mon, 6 Apr 2015 18:17:42 +0300
From: Ilya Enkovich <enkovich.gnu@gmail.com>
To: Sandra Loosemore <sandra@codesourcery.com>
Cc: Joseph Myers <joseph@codesourcery.com>,
	Richard Biener <rguenther@suse.de>, gcc-patches <gcc-patches@gcc.gnu.org>
Subject: Re: [PATCH, libmpx, i386,
	PR driver/65444] Pass '-z bndplt' when building dynamic objects
	with MPX
Message-ID: <20150406151742.GA43634@msticlxl57.ims.intel.com>
References: <20150318115630.GA64546@msticlxl57.ims.intel.com>
	<CAMbmDYYuG0GAuym4-RVUnX6EWVtjaCuA240HTCef65kU26H6YQ@mail.gmail.com>
	<20150331094702.GC52842@msticlxl57.ims.intel.com>
	<alpine.DEB.2.10.1504031932570.29464@digraph.polyomino.org.uk>
	<5521E515.2030802@codesourcery.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <5521E515.2030802@codesourcery.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-IsSubscribed: yes

On 05 Apr 19:44, Sandra Loosemore wrote:
> On 04/03/2015 01:34 PM, Joseph Myers wrote:
> >On Tue, 31 Mar 2015, Ilya Enkovich wrote:
> >
> >>+library.  It also passes '-z bndplt' to a linker in case it supports this
> >>+option (which is checked on libmpx configuration).  Note that old versions
> >>+of linker may ignore option.  Gold linker doesn't support '-z bndplt'
> >>+option.  With no '-z bndplt' support in linker all calls to dynamic libraries
> >>+lose passed bounds reducing overall protection level.  It's highly
> >>+recommended to use linker with '-z bndplt' support.  In case such linker
> >>+is not available it is adviced to always use @option{-static-libmpxwrappers}
> >>+for better protection level or use @option{-static} to completely avoid
> >>+external calls to dynamic libraries.  MPX-based instrumentation
> >
> >Use @samp{-z bndplt} rather than '' quoting (but Sandra may have further
> >advice on the substance of this documentation).
> 
> To tell the truth, I can't figure out what this means from a user
> perspective.  How does a user know whether the linker option is
> being ignored, or if they have a new enough linker?  If the linker
> available at configuration time doesn't support the option, does
> that mean the option will never be passed and users will never know
> that there are gaping holes in the pointer bounds checking?
> 
> My suggestion would be to pass the option unconditionally and make
> the documentation say something like

This option was rejected.

> 
> It also passes @option{-z bndplt} to the linker.  LD version xxx or
> later is required to use this feature.  If no linker support for
> @option{-z bndplt} is available, you should link with
> @option{-static-libmpxwrappers} or @option{-static} instead;
> otherwise calls to dynamic libraries lose bounds checking
> protection.
> 
> ... where you need to fill in "version xxx" appropriately.
> 
> -Sandra
> 

Thank you for comments.  Here is a doc update I'm going to install if nobody objects.

Ilya
---
2015-04-06  Ilya Enkovich  <ilya.enkovich@intel.com>

	* doc/invoke.texi (-fcheck-pointer-bounds): Fix
	formatting.

diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index c058710..72b9578 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -5858,12 +5858,12 @@ a runtime library to enable MPX in hardware and handle bounds
 violation signals.  By default when @option{-fcheck-pointer-bounds}
 and @option{-mmpx} options are used to link a program, the GCC driver
 links against the @file{libmpx} runtime library and @file{libmpxwrappers}
-library.  It also passes '-z bndplt' to a linker in case it supports this
-option (which is checked on libmpx configuration).  Note that old versions
-of linker may ignore option.  Gold linker doesn't support '-z bndplt'
-option.  With no '-z bndplt' support in linker all calls to dynamic libraries
-lose passed bounds reducing overall protection level.  It's highly
-recommended to use linker with '-z bndplt' support.  In case such linker
+library.  It also passes @option{-z bndplt} to a linker in case it supports
+this option (which is checked on libmpx configuration).  LD supports it starting
+from version 2.25.  Gold linker doesn't support @option{-z bndplt}
+option.  With no @option{-z bndplt} support in a linker all calls to dynamic
+libraries lose passed bounds reducing overall protection level.  It's highly
+recommended to use linker with @option{-z bndplt} support.  In case such linker
 is not available it is adviced to always use @option{-static-libmpxwrappers}
 for better protection level or use @option{-static} to completely avoid
 external calls to dynamic libraries.  MPX-based instrumentation