Intel® oneAPI Math Kernel Library
Ask questions and share information with other developers who use Intel® Math Kernel Library.
Announcements
The Intel sign-in experience has changed to support enhanced security controls. If you sign in, click here for more information.
6743 Discussions

Intel MKL does not enable the control flow guard (CFG)

gatendol
Beginner
‎07-15-2020 08:36 AM
490 Views

Hi,

I am using Intel MKL via nuget package. Our software release pipelines use BinSkim, a tool which validates compiler/linker settings and other security-relevant binary characteristics. When this task runs on intel MKL DLLs, it throws errors –

mkl_avx.dll: error *****: 'mkl_avx.dll' does not enable the control flow guard (CFG) mitigation. To resolve this issue, pass /guard:cf on both the compiler and linker command lines. Binaries also require the /DYNAMICBASE linker option in order to enable CFG.

and some others like below

mkl_avx.dll : error *****.ExceptionLoadingPdb : ***** : 'mkl_avx.dll' was not evaluated for check 'DoNotIncorporateVulnerableDependencies' because its PDB could not be loaded. (E_PDB_NO_DEBUG_INFO (Pdb is stripped of cv (CodeView) info))
 
We cannot ship products with MKL due to this issue. Is there a nuget package that enables CFG?
0 Kudos

Link Copied

1 Reply
Gennady_F_Intel
Moderator
‎08-20-2020 06:12 AM
432 Views

Gaurav, there is no such package available at this moment but we already saw a similar request and probably will add such option into a future version of Intel MKL. This thread would be updated in the case of any news.


0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.