On Wed, Mar 18, 2015 at 10:13 AM, Ilya Enkovich <enkovich....@gmail.com> wrote:
> 2015-03-18 19:45 GMT+03:00 H.J. Lu <hjl.to...@gmail.com>:
>> On Wed, Mar 18, 2015 at 9:14 AM, Ilya Enkovich <enkovich....@gmail.com>
>> wrote:
>>> 2015-03-18 17:42 GMT+03:00 H.J. Lu <hjl.to...@gmail.com>:
>>>> On Wed, Mar 18, 2015 at 7:31 AM, H.J. Lu <hjl.to...@gmail.com> wrote:
>>>>
>>>> MPX is a security feature. Knowing leaving a door open is a
>>>> bad idea.
>>>
>>> Instrumented binary used with legacy libraries is a supported usage
>>> model. Each user determines his own level of security.
>>>
>>
>> It doesn't mean we should leave a door open. Are we supposed to
>> detect this with MPX:
>>
>> [hjl@skylakeclient bug-1]$ cat x.c
>> #include <string.h>
>>
>> int
>> main ()
>> {
>> char buf[10];
>> memset(buf, 'a', 11);
>> return 0;
>> }
>> [hjl@skylakeclient bug-1]$
>>
>> I believe we should, not maybe. We shouldn't silent fail it
>> when linker doesn't support -z bndplt.
>
> It depends on compiler flags and libraries used and is up to user to
> decide. User may be warned during libmpx configuration.
>
What is "USER"? The one who build GCC may not be same
person who uses GCC.
--
H.J.
