Re: [PATCH] MPX and CET changes in release notes
Hi Igor, On Wed, 14 Feb 2018, Tsimbalist, Igor V wrote: > MPX is going to be deprecated in gcc-8. Control-flow protection support > is in gcc-8. Reflect these in Release Notes for gcc-8. thanks for this update. Only some minor changes, then this is good to go. >> >> A new option -fcf-protection=[full|branch|return|none] is >> introduced to perform a code instrumentation to increase program >> security by "performs code instrumentation" (omit "a") >> checking that target addresses of control-flow transfer instructions >> (such as >> indirect function call, function return, indirect jump) are valid. >> Currently >> the instrumentation is supported on x86 GNU/Linux target only. "on x86 GNU/Linux targets" (since there are several such as i586, i686,...). >> See, the user No comma. >> >> GCC now supports the Intel Control-flow Enforcement Technology (CET) >> extension through -mibt, -mshstk, -mcet options. One of >> these "...through the -mibt, -mshstk, and -mcet options" Gerald
[PATCH] MPX and CET changes in release notes
MPX is going to be deprecated in gcc-8. Control-flow protection support is in gcc-8. Reflect these in Release Notes for gcc-8. Ok for trunk? Igor Index: changes.html === RCS file: /cvs/gcc/wwwdocs/htdocs/gcc-8/changes.html,v retrieving revision 1.36 diff -r1.36 changes.html 34a35,38 > > The MPX extensions to the C and C++ languages have been deprecated and > will be removed in a future release. > 43a48,56 > > A new option -fcf-protection=[full|branch|return|none] is > introduced to perform a code instrumentation to increase program security > by > checking that target addresses of control-flow transfer instructions > (such as > indirect function call, function return, indirect jump) are valid. > Currently > the instrumentation is supported on x86 GNU/Linux target only. See, the > user > guide for further information about the option syntax and section "New > Targets > and Target Specific Improvements" for IA-32/x86-64 for more details. > 402a416,421 > > GCC now supports the Intel Control-flow Enforcement Technology (CET) > extension through -mibt, -mshstk, -mcet options. One of these > options has to accompany the -fcf-protection option to enable > the code instrumentation for control-flow protection. > Igor