2015-03-18 19:45 GMT+03:00 H.J. Lu <hjl.to...@gmail.com>:
> On Wed, Mar 18, 2015 at 9:14 AM, Ilya Enkovich <enkovich....@gmail.com> wrote:
>> 2015-03-18 17:42 GMT+03:00 H.J. Lu <hjl.to...@gmail.com>:
>>> On Wed, Mar 18, 2015 at 7:31 AM, H.J. Lu <hjl.to...@gmail.com> wrote:
>>>
>>> MPX is a security feature. Knowing leaving a door open is a
>>> bad idea.
>>
>> Instrumented binary used with legacy libraries is a supported usage
>> model. Each user determines his own level of security.
>>
>
> It doesn't mean we should leave a door open. Are we supposed to
> detect this with MPX:
>
> [hjl@skylakeclient bug-1]$ cat x.c
> #include <string.h>
>
> int
> main ()
> {
> char buf[10];
> memset(buf, 'a', 11);
> return 0;
> }
> [hjl@skylakeclient bug-1]$
>
> I believe we should, not maybe. We shouldn't silent fail it
> when linker doesn't support -z bndplt.
It depends on compiler flags and libraries used and is up to user to
decide. User may be warned during libmpx configuration.
Ilya
>
> --
> H.J.
