Commit a54455766b9e3d3c27a6cef758355d2591d81d68
Exists in
ti-lsk-linux-4.1.y
and in
10 other branches
Merge branch 'x86-mpx-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
Pull x86 MPX fixes from Thomas Gleixner: "Three updates for the new MPX infrastructure: - Use the proper error check in the trap handler - Add a proper config option for it - Bring documentation up to date" * 'x86-mpx-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: x86, mpx: Give MPX a real config option prompt x86, mpx: Update documentation x86_64/traps: Fix always true condition
Showing 3 changed files Side-by-side Diff
Documentation/x86/intel_mpx.txt
| ... | ... | @@ -7,11 +7,15 @@ |
| 7 | 7 | references, for those references whose compile-time normal intentions are |
| 8 | 8 | usurped at runtime due to buffer overflow or underflow. |
| 9 | 9 | |
| 10 | +You can tell if your CPU supports MPX by looking in /proc/cpuinfo: | |
| 11 | + | |
| 12 | + cat /proc/cpuinfo | grep ' mpx ' | |
| 13 | + | |
| 10 | 14 | For more information, please refer to Intel(R) Architecture Instruction |
| 11 | 15 | Set Extensions Programming Reference, Chapter 9: Intel(R) Memory Protection |
| 12 | 16 | Extensions. |
| 13 | 17 | |
| 14 | -Note: Currently no hardware with MPX ISA is available but it is always | |
| 18 | +Note: As of December 2014, no hardware with MPX is available but it is | |
| 15 | 19 | possible to use SDE (Intel(R) Software Development Emulator) instead, which |
| 16 | 20 | can be downloaded from |
| 17 | 21 | http://software.intel.com/en-us/articles/intel-software-development-emulator |
| ... | ... | @@ -30,9 +34,15 @@ |
| 30 | 34 | instrumentation as well as some setup code called early after the app |
| 31 | 35 | starts. New instruction prefixes are noops for old CPUs. |
| 32 | 36 | 2) That setup code allocates (virtual) space for the "bounds directory", |
| 33 | - points the "bndcfgu" register to the directory and notifies the kernel | |
| 34 | - (via the new prctl(PR_MPX_ENABLE_MANAGEMENT)) that the app will be using | |
| 35 | - MPX. | |
| 37 | + points the "bndcfgu" register to the directory (must also set the valid | |
| 38 | + bit) and notifies the kernel (via the new prctl(PR_MPX_ENABLE_MANAGEMENT)) | |
| 39 | + that the app will be using MPX. The app must be careful not to access | |
| 40 | + the bounds tables between the time when it populates "bndcfgu" and | |
| 41 | + when it calls the prctl(). This might be hard to guarantee if the app | |
| 42 | + is compiled with MPX. You can add "__attribute__((bnd_legacy))" to | |
| 43 | + the function to disable MPX instrumentation to help guarantee this. | |
| 44 | + Also be careful not to call out to any other code which might be | |
| 45 | + MPX-instrumented. | |
| 36 | 46 | 3) The kernel detects that the CPU has MPX, allows the new prctl() to |
| 37 | 47 | succeed, and notes the location of the bounds directory. Userspace is |
| 38 | 48 | expected to keep the bounds directory at that locationWe note it |
arch/x86/Kconfig
| ... | ... | @@ -249,10 +249,6 @@ |
| 249 | 249 | def_bool y |
| 250 | 250 | depends on INTEL_IOMMU && ACPI |
| 251 | 251 | |
| 252 | -config X86_INTEL_MPX | |
| 253 | - def_bool y | |
| 254 | - depends on CPU_SUP_INTEL | |
| 255 | - | |
| 256 | 252 | config X86_32_SMP |
| 257 | 253 | def_bool y |
| 258 | 254 | depends on X86_32 && SMP |
| ... | ... | @@ -1593,6 +1589,32 @@ |
| 1593 | 1589 | also a small increase in the kernel size if this is enabled. |
| 1594 | 1590 | |
| 1595 | 1591 | If unsure, say Y. |
| 1592 | + | |
| 1593 | +config X86_INTEL_MPX | |
| 1594 | + prompt "Intel MPX (Memory Protection Extensions)" | |
| 1595 | + def_bool n | |
| 1596 | + depends on CPU_SUP_INTEL | |
| 1597 | + ---help--- | |
| 1598 | + MPX provides hardware features that can be used in | |
| 1599 | + conjunction with compiler-instrumented code to check | |
| 1600 | + memory references. It is designed to detect buffer | |
| 1601 | + overflow or underflow bugs. | |
| 1602 | + | |
| 1603 | + This option enables running applications which are | |
| 1604 | + instrumented or otherwise use MPX. It does not use MPX | |
| 1605 | + itself inside the kernel or to protect the kernel | |
| 1606 | + against bad memory references. | |
| 1607 | + | |
| 1608 | + Enabling this option will make the kernel larger: | |
| 1609 | + ~8k of kernel text and 36 bytes of data on a 64-bit | |
| 1610 | + defconfig. It adds a long to the 'mm_struct' which | |
| 1611 | + will increase the kernel memory overhead of each | |
| 1612 | + process and adds some branches to paths used during | |
| 1613 | + exec() and munmap(). | |
| 1614 | + | |
| 1615 | + For details, see Documentation/x86/intel_mpx.txt | |
| 1616 | + | |
| 1617 | + If unsure, say N. | |
| 1596 | 1618 | |
| 1597 | 1619 | config EFI |
| 1598 | 1620 | bool "EFI runtime service support" |
arch/x86/kernel/traps.c
| ... | ... | @@ -331,7 +331,7 @@ |
| 331 | 331 | break; /* Success, it was handled */ |
| 332 | 332 | case 1: /* Bound violation. */ |
| 333 | 333 | info = mpx_generate_siginfo(regs, xsave_buf); |
| 334 | - if (PTR_ERR(info)) { | |
| 334 | + if (IS_ERR(info)) { | |
| 335 | 335 | /* |
| 336 | 336 | * We failed to decode the MPX instruction. Act as if |
| 337 | 337 | * the exception was not caused by MPX. |