aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Documentation/x86/intel_mpx.txt18
-rw-r--r--arch/x86/Kconfig30
-rw-r--r--arch/x86/kernel/traps.c2
3 files changed, 41 insertions, 9 deletions
diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt
index 4472ed2ad921..818518a3ff01 100644
--- a/Documentation/x86/intel_mpx.txt
+++ b/Documentation/x86/intel_mpx.txt
@@ -7,11 +7,15 @@ that can be used in conjunction with compiler changes to check memory
7references, for those references whose compile-time normal intentions are 7references, for those references whose compile-time normal intentions are
8usurped at runtime due to buffer overflow or underflow. 8usurped at runtime due to buffer overflow or underflow.
9 9
10You can tell if your CPU supports MPX by looking in /proc/cpuinfo:
11
12 cat /proc/cpuinfo | grep ' mpx '
13
10For more information, please refer to Intel(R) Architecture Instruction 14For more information, please refer to Intel(R) Architecture Instruction
11Set Extensions Programming Reference, Chapter 9: Intel(R) Memory Protection 15Set Extensions Programming Reference, Chapter 9: Intel(R) Memory Protection
12Extensions. 16Extensions.
13 17
14Note: Currently no hardware with MPX ISA is available but it is always 18Note: As of December 2014, no hardware with MPX is available but it is
15possible to use SDE (Intel(R) Software Development Emulator) instead, which 19possible to use SDE (Intel(R) Software Development Emulator) instead, which
16can be downloaded from 20can be downloaded from
17http://software.intel.com/en-us/articles/intel-software-development-emulator 21http://software.intel.com/en-us/articles/intel-software-development-emulator
@@ -30,9 +34,15 @@ is how we expect the compiler, application and kernel to work together.
30 instrumentation as well as some setup code called early after the app 34 instrumentation as well as some setup code called early after the app
31 starts. New instruction prefixes are noops for old CPUs. 35 starts. New instruction prefixes are noops for old CPUs.
322) That setup code allocates (virtual) space for the "bounds directory", 362) That setup code allocates (virtual) space for the "bounds directory",
33 points the "bndcfgu" register to the directory and notifies the kernel 37 points the "bndcfgu" register to the directory (must also set the valid
34 (via the new prctl(PR_MPX_ENABLE_MANAGEMENT)) that the app will be using 38 bit) and notifies the kernel (via the new prctl(PR_MPX_ENABLE_MANAGEMENT))
35 MPX. 39 that the app will be using MPX. The app must be careful not to access
40 the bounds tables between the time when it populates "bndcfgu" and
41 when it calls the prctl(). This might be hard to guarantee if the app
42 is compiled with MPX. You can add "__attribute__((bnd_legacy))" to
43 the function to disable MPX instrumentation to help guarantee this.
44 Also be careful not to call out to any other code which might be
45 MPX-instrumented.
363) The kernel detects that the CPU has MPX, allows the new prctl() to 463) The kernel detects that the CPU has MPX, allows the new prctl() to
37 succeed, and notes the location of the bounds directory. Userspace is 47 succeed, and notes the location of the bounds directory. Userspace is
38 expected to keep the bounds directory at that locationWe note it 48 expected to keep the bounds directory at that locationWe note it
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index d69f1cd87fd9..2995788bcb1d 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -249,10 +249,6 @@ config HAVE_INTEL_TXT
249 def_bool y 249 def_bool y
250 depends on INTEL_IOMMU && ACPI 250 depends on INTEL_IOMMU && ACPI
251 251
252config X86_INTEL_MPX
253 def_bool y
254 depends on CPU_SUP_INTEL
255
256config X86_32_SMP 252config X86_32_SMP
257 def_bool y 253 def_bool y
258 depends on X86_32 && SMP 254 depends on X86_32 && SMP
@@ -1594,6 +1590,32 @@ config X86_SMAP
1594 1590
1595 If unsure, say Y. 1591 If unsure, say Y.
1596 1592
1593config X86_INTEL_MPX
1594 prompt "Intel MPX (Memory Protection Extensions)"
1595 def_bool n
1596 depends on CPU_SUP_INTEL
1597 ---help---
1598 MPX provides hardware features that can be used in
1599 conjunction with compiler-instrumented code to check
1600 memory references. It is designed to detect buffer
1601 overflow or underflow bugs.
1602
1603 This option enables running applications which are
1604 instrumented or otherwise use MPX. It does not use MPX
1605 itself inside the kernel or to protect the kernel
1606 against bad memory references.
1607
1608 Enabling this option will make the kernel larger:
1609 ~8k of kernel text and 36 bytes of data on a 64-bit
1610 defconfig. It adds a long to the 'mm_struct' which
1611 will increase the kernel memory overhead of each
1612 process and adds some branches to paths used during
1613 exec() and munmap().
1614
1615 For details, see Documentation/x86/intel_mpx.txt
1616
1617 If unsure, say N.
1618
1597config EFI 1619config EFI
1598 bool "EFI runtime service support" 1620 bool "EFI runtime service support"
1599 depends on ACPI 1621 depends on ACPI
diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
index a9ae20579895..88900e288021 100644
--- a/arch/x86/kernel/traps.c
+++ b/arch/x86/kernel/traps.c
@@ -331,7 +331,7 @@ dotraplinkage void do_bounds(struct pt_regs *regs, long error_code)
331 break; /* Success, it was handled */ 331 break; /* Success, it was handled */
332 case 1: /* Bound violation. */ 332 case 1: /* Bound violation. */
333 info = mpx_generate_siginfo(regs, xsave_buf); 333 info = mpx_generate_siginfo(regs, xsave_buf);
334 if (PTR_ERR(info)) { 334 if (IS_ERR(info)) {
335 /* 335 /*
336 * We failed to decode the MPX instruction. Act as if 336 * We failed to decode the MPX instruction. Act as if
337 * the exception was not caused by MPX. 337 * the exception was not caused by MPX.
generated by cgit v1.2.2 (git 2.25.0) at 2025-08-22 22:49:01 -0400