lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20131206132648.GB6694@pd.tnic>
Date:	Fri, 6 Dec 2013 14:26:48 +0100
From:	Borislav Petkov <bp@...en8.de>
To:	Qiaowei Ren <qiaowei.ren@...el.com>
Cc:	Paolo Bonzini <pbonzini@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...hat.com>,
	Thomas Gleixner <tglx@...utronix.de>, x86@...nel.org,
	linux-kernel@...r.kernel.org, qemu-devel@...gnu.org,
	kvm@...r.kernel.org, Xudong Hao <xudong.hao@...el.com>,
	Liu Jinsong <jinsong.liu@...el.com>
Subject: Re: [PATCH 1/3] x86, mpx: add documentation on Intel MPX

On Sat, Dec 07, 2013 at 02:52:54AM +0800, Qiaowei Ren wrote:
> This patch adds the Documentation/intel_mpx.txt file with some
> information about Intel MPX.
> 
> Signed-off-by: Qiaowei Ren <qiaowei.ren@...el.com>
> Signed-off-by: Xudong Hao <xudong.hao@...el.com>
> Signed-off-by: Liu Jinsong <jinsong.liu@...el.com>
> ---
>  Documentation/intel_mpx.txt |   77 +++++++++++++++++++++++++++++++++++++++++++

Documentation/x86/ is probably a more fitting place for this.

>  1 files changed, 77 insertions(+), 0 deletions(-)
>  create mode 100644 Documentation/intel_mpx.txt
> 
> diff --git a/Documentation/intel_mpx.txt b/Documentation/intel_mpx.txt
> new file mode 100644
> index 0000000..3d947d0
> --- /dev/null
> +++ b/Documentation/intel_mpx.txt
> @@ -0,0 +1,77 @@
> +Intel(R) MPX Overview:
> +=====================
> +
> +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new
> +capability introduced into Intel Architecture. Intel MPX can
> +increase the robustness of software when it is used in conjunction
> +with compiler changes to check memory references, for those
> +references whose compile-time normal intentions are usurped

That's a strange formulation, what does it actually mean? The intentions
of references??

> +at runtime due to buffer overflow or underflow.
> +
> +Two of the most important goals of Intel MPX are to provide
> +this capability at very low performance overhead for newly
> +compiled code, and to provide compatibility mechanisms with
> +legacy software components. A direct benefit Intel MPX provides
> +is hardening software against malicious attacks designed to
> +cause or exploit buffer overruns.
> +
> +For details about the Intel MPX instructions, see "Intel(R)
> +Architecture Instruction Set Extensions Programming Reference".
> +
> +Intel(R) MPX Programming Model
> +------------------------------
> +
> +Intel MPX introduces new registers and new instructions that
> +operate on these registers. Some of the registers added are
> +bounds registers which store a pointer's lower bound and upper
> +bound limits. Whenever the pointer is used, the requested
> +reference is checked against the pointer's associated bounds,
> +thereby preventing out-of-bound memory access (such as buffer
> +overflows and overruns). Out-of-bounds memory references
> +initiate a #BR exception which can then be handled in an
> +appropriate manner.
> +
> +Loading and Storing Bounds using Translation
> +--------------------------------------------
> +
> +Intel MPX defines two instructions for load/store of the linear
> +address of a pointer to a buffer, along with the bounds of the
> +buffer into a paging structure of extended bounds. Specifically
> +when storing extended bounds, the processor will perform address
> +translation of the address where the pointer is stored to an
> +address in the Bound Table (BT) to determine the store location
> +of extended bounds. Loading of an extended bounds performs the

s/an//

> +reverse sequence.
> +

...

-- 
Regards/Gruss,
    Boris.

Sent from a fat crate under my desk. Formatting is fine.
--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ