diff options
Diffstat (limited to 'Documentation')
| -rw-r--r-- | Documentation/x86/intel_mpx.txt | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt index 4472ed2ad921..818518a3ff01 100644 --- a/Documentation/x86/intel_mpx.txt +++ b/Documentation/x86/intel_mpx.txt | |||
| @@ -7,11 +7,15 @@ that can be used in conjunction with compiler changes to check memory | |||
| 7 | references, for those references whose compile-time normal intentions are | 7 | references, for those references whose compile-time normal intentions are |
| 8 | usurped at runtime due to buffer overflow or underflow. | 8 | usurped at runtime due to buffer overflow or underflow. |
| 9 | 9 | ||
| 10 | You can tell if your CPU supports MPX by looking in /proc/cpuinfo: | ||
| 11 | |||
| 12 | cat /proc/cpuinfo | grep ' mpx ' | ||
| 13 | |||
| 10 | For more information, please refer to Intel(R) Architecture Instruction | 14 | For more information, please refer to Intel(R) Architecture Instruction |
| 11 | Set Extensions Programming Reference, Chapter 9: Intel(R) Memory Protection | 15 | Set Extensions Programming Reference, Chapter 9: Intel(R) Memory Protection |
| 12 | Extensions. | 16 | Extensions. |
| 13 | 17 | ||
| 14 | Note: Currently no hardware with MPX ISA is available but it is always | 18 | Note: As of December 2014, no hardware with MPX is available but it is |
| 15 | possible to use SDE (Intel(R) Software Development Emulator) instead, which | 19 | possible to use SDE (Intel(R) Software Development Emulator) instead, which |
| 16 | can be downloaded from | 20 | can be downloaded from |
| 17 | http://software.intel.com/en-us/articles/intel-software-development-emulator | 21 | http://software.intel.com/en-us/articles/intel-software-development-emulator |
| @@ -30,9 +34,15 @@ is how we expect the compiler, application and kernel to work together. | |||
| 30 | instrumentation as well as some setup code called early after the app | 34 | instrumentation as well as some setup code called early after the app |
| 31 | starts. New instruction prefixes are noops for old CPUs. | 35 | starts. New instruction prefixes are noops for old CPUs. |
| 32 | 2) That setup code allocates (virtual) space for the "bounds directory", | 36 | 2) That setup code allocates (virtual) space for the "bounds directory", |
| 33 | points the "bndcfgu" register to the directory and notifies the kernel | 37 | points the "bndcfgu" register to the directory (must also set the valid |
| 34 | (via the new prctl(PR_MPX_ENABLE_MANAGEMENT)) that the app will be using | 38 | bit) and notifies the kernel (via the new prctl(PR_MPX_ENABLE_MANAGEMENT)) |
| 35 | MPX. | 39 | that the app will be using MPX. The app must be careful not to access |
| 40 | the bounds tables between the time when it populates "bndcfgu" and | ||
| 41 | when it calls the prctl(). This might be hard to guarantee if the app | ||
| 42 | is compiled with MPX. You can add "__attribute__((bnd_legacy))" to | ||
| 43 | the function to disable MPX instrumentation to help guarantee this. | ||
| 44 | Also be careful not to call out to any other code which might be | ||
| 45 | MPX-instrumented. | ||
| 36 | 3) The kernel detects that the CPU has MPX, allows the new prctl() to | 46 | 3) The kernel detects that the CPU has MPX, allows the new prctl() to |
| 37 | succeed, and notes the location of the bounds directory. Userspace is | 47 | succeed, and notes the location of the bounds directory. Userspace is |
| 38 | expected to keep the bounds directory at that locationWe note it | 48 | expected to keep the bounds directory at that locationWe note it |