Re: [PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
On 01/28/2014 04:27 AM, Andy Lutomirski wrote: On 01/26/2014 01:08 AM, Qiaowei Ren wrote: +1) Providing handlers for bounds faults (#BR). + +When MPX is enabled, there are 2 new situations that can generate +#BR faults. If a bounds overflow occurs then a #BR is generated. +The fault handler will decode MPX instructions to get violation +address and set this address into extended struct siginfo. Can you document exactly where the insn address and pointer value end up? (If it's in the (IMO hideous) cr2 field in ucontext, this needs to be documented. If it's somewhere useful in siginfo, that should also be documented to save people the time it takes to figure it out.) Ok. I will describe extended siginfo at this documentation. Thanks, Qiaowei -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
On 01/26/2014 01:08 AM, Qiaowei Ren wrote: > This patch adds the Documentation/x86/intel_mpx.txt file with some > information about Intel MPX. > > Signed-off-by: Qiaowei Ren > --- > Documentation/x86/intel_mpx.txt | 226 > +++ > 1 files changed, 226 insertions(+), 0 deletions(-) > create mode 100644 Documentation/x86/intel_mpx.txt > > diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt > new file mode 100644 > index 000..052001c > --- /dev/null > +++ b/Documentation/x86/intel_mpx.txt > @@ -0,0 +1,226 @@ > +1. Intel(R) MPX Overview > + > + > + > +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new > +capability introduced into Intel Architecture. Intel MPX provides > +hardware features that can be used in conjunction with compiler > +changes to check memory references, for those references whose > +compile-time normal intentions are usurped at runtime due to > +buffer overflow or underflow. > + > +Two of the most important goals of Intel MPX are to provide > +this capability at very low performance overhead for newly > +compiled code, and to provide compatibility mechanisms with > +legacy software components. MPX architecture is designed > +allow a machine (i.e., the processor(s) and the OS software) > +to run both MPX enabled software and legacy software that > +is MPX unaware. In such a case, the legacy software does not > +benefit from MPX, but it also does not experience any change > +in functionality or reduction in performance. > + > +Intel(R) MPX Programming Model > +-- > + > +Intel MPX introduces new registers and new instructions that > +operate on these registers. Some of the registers added are > +bounds registers which store a pointer's lower bound and upper > +bound limits. Whenever the pointer is used, the requested > +reference is checked against the pointer's associated bounds, > +thereby preventing out-of-bound memory access (such as buffer > +overflows and overruns). Out-of-bounds memory references > +initiate a #BR exception which can then be handled in an > +appropriate manner. > + > +Loading and Storing Bounds using Translation > + > + > +Intel MPX defines two instructions for load/store of the linear > +address of a pointer to a buffer, along with the bounds of the > +buffer into a paging structure of extended bounds. Specifically > +when storing extended bounds, the processor will perform address > +translation of the address where the pointer is stored to an > +address in the Bound Table (BT) to determine the store location > +of extended bounds. Loading of an extended bounds performs the > +reverse sequence. > + > +The structure in memory to load/store an extended bound is a > +4-tuple consisting of lower bound, upper bound, pointer value > +and a reserved field. Bound loads and stores access 32-bit or > +64-bit operand size according to the operation mode. Thus, > +a bound table entry is 4*32 bits in 32-bit mode and 4*64 bits > +in 64-bit mode. > + > +The linear address of a bound table is stored in a Bound > +Directory (BD) entry. And the linear address of the bound > +directory is derived from either BNDCFGU or BNDCFGS registers. > +Bounds in memory are stored in Bound Tables (BT) as an extended > +bound, which are accessed via Bound Directory (BD) and address > +translation performed by BNDLDX/BNDSTX instructions. > + > +Bounds Directory (BD) and Bounds Tables (BT) are stored in > +application memory and are allocated by the application (in case > +of kernel use, the structures will be in kernel memory). The > +bound directory and each instance of bound table are in contiguous > +linear memory. > + > +XSAVE/XRESTOR Support of Intel MPX State > + > + > +Enabling Intel MPX requires an OS to manage two bits in XCR0: > + - BNDREGS for saving and restoring registers BND0-BND3, > + - BNDCSR for saving and restoring the user-mode configuration > +(BNDCFGU) and the status register (BNDSTATUS). > + > +The reason for having two separate bits is that BND0-BND3 is > +likely to be volatile state, while BNDCFGU and BNDSTATUS are not. > +Therefore, an OS has flexibility in handling these two states > +differently in saving or restoring them. > + > +For details about the Intel MPX instructions, see "Intel(R) > +Architecture Instruction Set Extensions Programming Reference". > + > + > +2. How to get the advantage of MPX > +== > + > + > +To get the advantage of MPX, changes are required in > +the OS kernel, binutils, compiler, system libraries support. > + > +MPX support in the GNU toolchain > + > + > +This section describes changes in GNU Binutils, GCC and Glibc > +to support MPX. > + > +The first step of MPX support is to implement support for new > +hardware features in binutils and the GCC. > + > +The second
Re: [PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
On 01/26/2014 01:08 AM, Qiaowei Ren wrote: This patch adds the Documentation/x86/intel_mpx.txt file with some information about Intel MPX. Signed-off-by: Qiaowei Ren qiaowei@intel.com --- Documentation/x86/intel_mpx.txt | 226 +++ 1 files changed, 226 insertions(+), 0 deletions(-) create mode 100644 Documentation/x86/intel_mpx.txt diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt new file mode 100644 index 000..052001c --- /dev/null +++ b/Documentation/x86/intel_mpx.txt @@ -0,0 +1,226 @@ +1. Intel(R) MPX Overview + + + +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new +capability introduced into Intel Architecture. Intel MPX provides +hardware features that can be used in conjunction with compiler +changes to check memory references, for those references whose +compile-time normal intentions are usurped at runtime due to +buffer overflow or underflow. + +Two of the most important goals of Intel MPX are to provide +this capability at very low performance overhead for newly +compiled code, and to provide compatibility mechanisms with +legacy software components. MPX architecture is designed +allow a machine (i.e., the processor(s) and the OS software) +to run both MPX enabled software and legacy software that +is MPX unaware. In such a case, the legacy software does not +benefit from MPX, but it also does not experience any change +in functionality or reduction in performance. + +Intel(R) MPX Programming Model +-- + +Intel MPX introduces new registers and new instructions that +operate on these registers. Some of the registers added are +bounds registers which store a pointer's lower bound and upper +bound limits. Whenever the pointer is used, the requested +reference is checked against the pointer's associated bounds, +thereby preventing out-of-bound memory access (such as buffer +overflows and overruns). Out-of-bounds memory references +initiate a #BR exception which can then be handled in an +appropriate manner. + +Loading and Storing Bounds using Translation + + +Intel MPX defines two instructions for load/store of the linear +address of a pointer to a buffer, along with the bounds of the +buffer into a paging structure of extended bounds. Specifically +when storing extended bounds, the processor will perform address +translation of the address where the pointer is stored to an +address in the Bound Table (BT) to determine the store location +of extended bounds. Loading of an extended bounds performs the +reverse sequence. + +The structure in memory to load/store an extended bound is a +4-tuple consisting of lower bound, upper bound, pointer value +and a reserved field. Bound loads and stores access 32-bit or +64-bit operand size according to the operation mode. Thus, +a bound table entry is 4*32 bits in 32-bit mode and 4*64 bits +in 64-bit mode. + +The linear address of a bound table is stored in a Bound +Directory (BD) entry. And the linear address of the bound +directory is derived from either BNDCFGU or BNDCFGS registers. +Bounds in memory are stored in Bound Tables (BT) as an extended +bound, which are accessed via Bound Directory (BD) and address +translation performed by BNDLDX/BNDSTX instructions. + +Bounds Directory (BD) and Bounds Tables (BT) are stored in +application memory and are allocated by the application (in case +of kernel use, the structures will be in kernel memory). The +bound directory and each instance of bound table are in contiguous +linear memory. + +XSAVE/XRESTOR Support of Intel MPX State + + +Enabling Intel MPX requires an OS to manage two bits in XCR0: + - BNDREGS for saving and restoring registers BND0-BND3, + - BNDCSR for saving and restoring the user-mode configuration +(BNDCFGU) and the status register (BNDSTATUS). + +The reason for having two separate bits is that BND0-BND3 is +likely to be volatile state, while BNDCFGU and BNDSTATUS are not. +Therefore, an OS has flexibility in handling these two states +differently in saving or restoring them. + +For details about the Intel MPX instructions, see Intel(R) +Architecture Instruction Set Extensions Programming Reference. + + +2. How to get the advantage of MPX +== + + +To get the advantage of MPX, changes are required in +the OS kernel, binutils, compiler, system libraries support. + +MPX support in the GNU toolchain + + +This section describes changes in GNU Binutils, GCC and Glibc +to support MPX. + +The first step of MPX support is to implement support for new +hardware features in binutils and the GCC. + +The second step is implementation of MPX instrumentation pass +in the GCC compiler which is responsible for
Re: [PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
On 01/28/2014 04:27 AM, Andy Lutomirski wrote: On 01/26/2014 01:08 AM, Qiaowei Ren wrote: +1) Providing handlers for bounds faults (#BR). + +When MPX is enabled, there are 2 new situations that can generate +#BR faults. If a bounds overflow occurs then a #BR is generated. +The fault handler will decode MPX instructions to get violation +address and set this address into extended struct siginfo. Can you document exactly where the insn address and pointer value end up? (If it's in the (IMO hideous) cr2 field in ucontext, this needs to be documented. If it's somewhere useful in siginfo, that should also be documented to save people the time it takes to figure it out.) Ok. I will describe extended siginfo at this documentation. Thanks, Qiaowei -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
On 01/26/2014 11:06 AM, Randy Dunlap wrote: On 01/26/2014 01:08 AM, Qiaowei Ren wrote: This patch adds the Documentation/x86/intel_mpx.txt file with some information about Intel MPX. Signed-off-by: Qiaowei Ren --- Documentation/x86/intel_mpx.txt | 226 +++ 1 files changed, 226 insertions(+), 0 deletions(-) create mode 100644 Documentation/x86/intel_mpx.txt diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt new file mode 100644 index 000..052001c --- /dev/null +++ b/Documentation/x86/intel_mpx.txt @@ -0,0 +1,226 @@ +1. Intel(R) MPX Overview + + + +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new +capability introduced into Intel Architecture. Intel MPX provides +hardware features that can be used in conjunction with compiler +changes to check memory references, for those references whose +compile-time normal intentions are usurped at runtime due to +buffer overflow or underflow. + +Two of the most important goals of Intel MPX are to provide +this capability at very low performance overhead for newly +compiled code, and to provide compatibility mechanisms with +legacy software components. MPX architecture is designed designed to +allow a machine (i.e., the processor(s) and the OS software) +to run both MPX enabled software and legacy software that +is MPX unaware. In such a case, the legacy software does not +benefit from MPX, but it also does not experience any change +in functionality or reduction in performance. + +Intel(R) MPX Programming Model +-- + +Intel MPX introduces new registers and new instructions that +operate on these registers. Some of the registers added are +bounds registers which store a pointer's lower bound and upper +bound limits. Whenever the pointer is used, the requested +reference is checked against the pointer's associated bounds, +thereby preventing out-of-bound memory access (such as buffer +overflows and overruns). Out-of-bounds memory references +initiate a #BR exception which can then be handled in an +appropriate manner. + +Loading and Storing Bounds using Translation + + +Intel MPX defines two instructions for load/store of the linear +address of a pointer to a buffer, along with the bounds of the +buffer into a paging structure of extended bounds. Specifically +when storing extended bounds, the processor will perform address +translation of the address where the pointer is stored to an +address in the Bound Table (BT) to determine the store location +of extended bounds. Loading of an extended bounds performs the +reverse sequence. + +The structure in memory to load/store an extended bound is a +4-tuple consisting of lower bound, upper bound, pointer value +and a reserved field. Bound loads and stores access 32-bit or +64-bit operand size according to the operation mode. Thus, +a bound table entry is 4*32 bits in 32-bit mode and 4*64 bits +in 64-bit mode. + +The linear address of a bound table is stored in a Bound +Directory (BD) entry. And the linear address of the bound The linear address +directory is derived from either BNDCFGU or BNDCFGS registers. +Bounds in memory are stored in Bound Tables (BT) as an extended +bound, which are accessed via Bound Directory (BD) and address +translation performed by BNDLDX/BNDSTX instructions. + +Bounds Directory (BD) and Bounds Tables (BT) are stored in +application memory and are allocated by the application (in case +of kernel use, the structures will be in kernel memory). The +bound directory and each instance of bound table are in contiguous +linear memory. + +XSAVE/XRESTOR Support of Intel MPX State + + +Enabling Intel MPX requires an OS to manage two bits in XCR0: + - BNDREGS for saving and restoring registers BND0-BND3, + - BNDCSR for saving and restoring the user-mode configuration +(BNDCFGU) and the status register (BNDSTATUS). + +The reason for having two separate bits is that BND0-BND3 is are +likely to be volatile state, while BNDCFGU and BNDSTATUS are not. +Therefore, an OS has flexibility in handling these two states +differently in saving or restoring them. + +For details about the Intel MPX instructions, see "Intel(R) +Architecture Instruction Set Extensions Programming Reference". + + +2. How to get the advantage of MPX drop trailing space above. +== + + +To get the advantage of MPX, changes are required in +the OS kernel, binutils, compiler, system libraries support. and system libraries support. + +MPX support in the GNU toolchain + + +This section describes changes in GNU Binutils, GCC and Glibc +to support MPX. + +The first step
Re: [PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
On 01/26/2014 01:08 AM, Qiaowei Ren wrote: > This patch adds the Documentation/x86/intel_mpx.txt file with some > information about Intel MPX. > > Signed-off-by: Qiaowei Ren > --- > Documentation/x86/intel_mpx.txt | 226 > +++ > 1 files changed, 226 insertions(+), 0 deletions(-) > create mode 100644 Documentation/x86/intel_mpx.txt > > diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt > new file mode 100644 > index 000..052001c > --- /dev/null > +++ b/Documentation/x86/intel_mpx.txt > @@ -0,0 +1,226 @@ > +1. Intel(R) MPX Overview > + > + > + > +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new > +capability introduced into Intel Architecture. Intel MPX provides > +hardware features that can be used in conjunction with compiler > +changes to check memory references, for those references whose > +compile-time normal intentions are usurped at runtime due to > +buffer overflow or underflow. > + > +Two of the most important goals of Intel MPX are to provide > +this capability at very low performance overhead for newly > +compiled code, and to provide compatibility mechanisms with > +legacy software components. MPX architecture is designed designed to > +allow a machine (i.e., the processor(s) and the OS software) > +to run both MPX enabled software and legacy software that > +is MPX unaware. In such a case, the legacy software does not > +benefit from MPX, but it also does not experience any change > +in functionality or reduction in performance. > + > +Intel(R) MPX Programming Model > +-- > + > +Intel MPX introduces new registers and new instructions that > +operate on these registers. Some of the registers added are > +bounds registers which store a pointer's lower bound and upper > +bound limits. Whenever the pointer is used, the requested > +reference is checked against the pointer's associated bounds, > +thereby preventing out-of-bound memory access (such as buffer > +overflows and overruns). Out-of-bounds memory references > +initiate a #BR exception which can then be handled in an > +appropriate manner. > + > +Loading and Storing Bounds using Translation > + > + > +Intel MPX defines two instructions for load/store of the linear > +address of a pointer to a buffer, along with the bounds of the > +buffer into a paging structure of extended bounds. Specifically > +when storing extended bounds, the processor will perform address > +translation of the address where the pointer is stored to an > +address in the Bound Table (BT) to determine the store location > +of extended bounds. Loading of an extended bounds performs the > +reverse sequence. > + > +The structure in memory to load/store an extended bound is a > +4-tuple consisting of lower bound, upper bound, pointer value > +and a reserved field. Bound loads and stores access 32-bit or > +64-bit operand size according to the operation mode. Thus, > +a bound table entry is 4*32 bits in 32-bit mode and 4*64 bits > +in 64-bit mode. > + > +The linear address of a bound table is stored in a Bound > +Directory (BD) entry. And the linear address of the bound The linear address > +directory is derived from either BNDCFGU or BNDCFGS registers. > +Bounds in memory are stored in Bound Tables (BT) as an extended > +bound, which are accessed via Bound Directory (BD) and address > +translation performed by BNDLDX/BNDSTX instructions. > + > +Bounds Directory (BD) and Bounds Tables (BT) are stored in > +application memory and are allocated by the application (in case > +of kernel use, the structures will be in kernel memory). The > +bound directory and each instance of bound table are in contiguous > +linear memory. > + > +XSAVE/XRESTOR Support of Intel MPX State > + > + > +Enabling Intel MPX requires an OS to manage two bits in XCR0: > + - BNDREGS for saving and restoring registers BND0-BND3, > + - BNDCSR for saving and restoring the user-mode configuration > +(BNDCFGU) and the status register (BNDSTATUS). > + > +The reason for having two separate bits is that BND0-BND3 is are > +likely to be volatile state, while BNDCFGU and BNDSTATUS are not. > +Therefore, an OS has flexibility in handling these two states > +differently in saving or restoring them. > + > +For details about the Intel MPX instructions, see "Intel(R) > +Architecture Instruction Set Extensions Programming Reference". > + > + > +2. How to get the advantage of MPX drop trailing space above. > +== > + > + > +To get the advantage of MPX, changes are required in > +the OS kernel, binutils, compiler, system libraries support. and system libraries support. > + > +MPX support in
[PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
This patch adds the Documentation/x86/intel_mpx.txt file with some information about Intel MPX. Signed-off-by: Qiaowei Ren --- Documentation/x86/intel_mpx.txt | 226 +++ 1 files changed, 226 insertions(+), 0 deletions(-) create mode 100644 Documentation/x86/intel_mpx.txt diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt new file mode 100644 index 000..052001c --- /dev/null +++ b/Documentation/x86/intel_mpx.txt @@ -0,0 +1,226 @@ +1. Intel(R) MPX Overview + + + +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new +capability introduced into Intel Architecture. Intel MPX provides +hardware features that can be used in conjunction with compiler +changes to check memory references, for those references whose +compile-time normal intentions are usurped at runtime due to +buffer overflow or underflow. + +Two of the most important goals of Intel MPX are to provide +this capability at very low performance overhead for newly +compiled code, and to provide compatibility mechanisms with +legacy software components. MPX architecture is designed +allow a machine (i.e., the processor(s) and the OS software) +to run both MPX enabled software and legacy software that +is MPX unaware. In such a case, the legacy software does not +benefit from MPX, but it also does not experience any change +in functionality or reduction in performance. + +Intel(R) MPX Programming Model +-- + +Intel MPX introduces new registers and new instructions that +operate on these registers. Some of the registers added are +bounds registers which store a pointer's lower bound and upper +bound limits. Whenever the pointer is used, the requested +reference is checked against the pointer's associated bounds, +thereby preventing out-of-bound memory access (such as buffer +overflows and overruns). Out-of-bounds memory references +initiate a #BR exception which can then be handled in an +appropriate manner. + +Loading and Storing Bounds using Translation + + +Intel MPX defines two instructions for load/store of the linear +address of a pointer to a buffer, along with the bounds of the +buffer into a paging structure of extended bounds. Specifically +when storing extended bounds, the processor will perform address +translation of the address where the pointer is stored to an +address in the Bound Table (BT) to determine the store location +of extended bounds. Loading of an extended bounds performs the +reverse sequence. + +The structure in memory to load/store an extended bound is a +4-tuple consisting of lower bound, upper bound, pointer value +and a reserved field. Bound loads and stores access 32-bit or +64-bit operand size according to the operation mode. Thus, +a bound table entry is 4*32 bits in 32-bit mode and 4*64 bits +in 64-bit mode. + +The linear address of a bound table is stored in a Bound +Directory (BD) entry. And the linear address of the bound +directory is derived from either BNDCFGU or BNDCFGS registers. +Bounds in memory are stored in Bound Tables (BT) as an extended +bound, which are accessed via Bound Directory (BD) and address +translation performed by BNDLDX/BNDSTX instructions. + +Bounds Directory (BD) and Bounds Tables (BT) are stored in +application memory and are allocated by the application (in case +of kernel use, the structures will be in kernel memory). The +bound directory and each instance of bound table are in contiguous +linear memory. + +XSAVE/XRESTOR Support of Intel MPX State + + +Enabling Intel MPX requires an OS to manage two bits in XCR0: + - BNDREGS for saving and restoring registers BND0-BND3, + - BNDCSR for saving and restoring the user-mode configuration +(BNDCFGU) and the status register (BNDSTATUS). + +The reason for having two separate bits is that BND0-BND3 is +likely to be volatile state, while BNDCFGU and BNDSTATUS are not. +Therefore, an OS has flexibility in handling these two states +differently in saving or restoring them. + +For details about the Intel MPX instructions, see "Intel(R) +Architecture Instruction Set Extensions Programming Reference". + + +2. How to get the advantage of MPX +== + + +To get the advantage of MPX, changes are required in +the OS kernel, binutils, compiler, system libraries support. + +MPX support in the GNU toolchain + + +This section describes changes in GNU Binutils, GCC and Glibc +to support MPX. + +The first step of MPX support is to implement support for new +hardware features in binutils and the GCC. + +The second step is implementation of MPX instrumentation pass +in the GCC compiler which is responsible for instrumenting all +memory accesses with pointer checks. Compiler changes for runtime +bound checks include: + + * Bounds creation for statically allocated objects, objects +
[PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
This patch adds the Documentation/x86/intel_mpx.txt file with some information about Intel MPX. Signed-off-by: Qiaowei Ren qiaowei@intel.com --- Documentation/x86/intel_mpx.txt | 226 +++ 1 files changed, 226 insertions(+), 0 deletions(-) create mode 100644 Documentation/x86/intel_mpx.txt diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt new file mode 100644 index 000..052001c --- /dev/null +++ b/Documentation/x86/intel_mpx.txt @@ -0,0 +1,226 @@ +1. Intel(R) MPX Overview + + + +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new +capability introduced into Intel Architecture. Intel MPX provides +hardware features that can be used in conjunction with compiler +changes to check memory references, for those references whose +compile-time normal intentions are usurped at runtime due to +buffer overflow or underflow. + +Two of the most important goals of Intel MPX are to provide +this capability at very low performance overhead for newly +compiled code, and to provide compatibility mechanisms with +legacy software components. MPX architecture is designed +allow a machine (i.e., the processor(s) and the OS software) +to run both MPX enabled software and legacy software that +is MPX unaware. In such a case, the legacy software does not +benefit from MPX, but it also does not experience any change +in functionality or reduction in performance. + +Intel(R) MPX Programming Model +-- + +Intel MPX introduces new registers and new instructions that +operate on these registers. Some of the registers added are +bounds registers which store a pointer's lower bound and upper +bound limits. Whenever the pointer is used, the requested +reference is checked against the pointer's associated bounds, +thereby preventing out-of-bound memory access (such as buffer +overflows and overruns). Out-of-bounds memory references +initiate a #BR exception which can then be handled in an +appropriate manner. + +Loading and Storing Bounds using Translation + + +Intel MPX defines two instructions for load/store of the linear +address of a pointer to a buffer, along with the bounds of the +buffer into a paging structure of extended bounds. Specifically +when storing extended bounds, the processor will perform address +translation of the address where the pointer is stored to an +address in the Bound Table (BT) to determine the store location +of extended bounds. Loading of an extended bounds performs the +reverse sequence. + +The structure in memory to load/store an extended bound is a +4-tuple consisting of lower bound, upper bound, pointer value +and a reserved field. Bound loads and stores access 32-bit or +64-bit operand size according to the operation mode. Thus, +a bound table entry is 4*32 bits in 32-bit mode and 4*64 bits +in 64-bit mode. + +The linear address of a bound table is stored in a Bound +Directory (BD) entry. And the linear address of the bound +directory is derived from either BNDCFGU or BNDCFGS registers. +Bounds in memory are stored in Bound Tables (BT) as an extended +bound, which are accessed via Bound Directory (BD) and address +translation performed by BNDLDX/BNDSTX instructions. + +Bounds Directory (BD) and Bounds Tables (BT) are stored in +application memory and are allocated by the application (in case +of kernel use, the structures will be in kernel memory). The +bound directory and each instance of bound table are in contiguous +linear memory. + +XSAVE/XRESTOR Support of Intel MPX State + + +Enabling Intel MPX requires an OS to manage two bits in XCR0: + - BNDREGS for saving and restoring registers BND0-BND3, + - BNDCSR for saving and restoring the user-mode configuration +(BNDCFGU) and the status register (BNDSTATUS). + +The reason for having two separate bits is that BND0-BND3 is +likely to be volatile state, while BNDCFGU and BNDSTATUS are not. +Therefore, an OS has flexibility in handling these two states +differently in saving or restoring them. + +For details about the Intel MPX instructions, see Intel(R) +Architecture Instruction Set Extensions Programming Reference. + + +2. How to get the advantage of MPX +== + + +To get the advantage of MPX, changes are required in +the OS kernel, binutils, compiler, system libraries support. + +MPX support in the GNU toolchain + + +This section describes changes in GNU Binutils, GCC and Glibc +to support MPX. + +The first step of MPX support is to implement support for new +hardware features in binutils and the GCC. + +The second step is implementation of MPX instrumentation pass +in the GCC compiler which is responsible for instrumenting all +memory accesses with pointer checks. Compiler changes for runtime +bound checks include: + + * Bounds creation for statically allocated
Re: [PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
On 01/26/2014 01:08 AM, Qiaowei Ren wrote: This patch adds the Documentation/x86/intel_mpx.txt file with some information about Intel MPX. Signed-off-by: Qiaowei Ren qiaowei@intel.com --- Documentation/x86/intel_mpx.txt | 226 +++ 1 files changed, 226 insertions(+), 0 deletions(-) create mode 100644 Documentation/x86/intel_mpx.txt diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt new file mode 100644 index 000..052001c --- /dev/null +++ b/Documentation/x86/intel_mpx.txt @@ -0,0 +1,226 @@ +1. Intel(R) MPX Overview + + + +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new +capability introduced into Intel Architecture. Intel MPX provides +hardware features that can be used in conjunction with compiler +changes to check memory references, for those references whose +compile-time normal intentions are usurped at runtime due to +buffer overflow or underflow. + +Two of the most important goals of Intel MPX are to provide +this capability at very low performance overhead for newly +compiled code, and to provide compatibility mechanisms with +legacy software components. MPX architecture is designed designed to +allow a machine (i.e., the processor(s) and the OS software) +to run both MPX enabled software and legacy software that +is MPX unaware. In such a case, the legacy software does not +benefit from MPX, but it also does not experience any change +in functionality or reduction in performance. + +Intel(R) MPX Programming Model +-- + +Intel MPX introduces new registers and new instructions that +operate on these registers. Some of the registers added are +bounds registers which store a pointer's lower bound and upper +bound limits. Whenever the pointer is used, the requested +reference is checked against the pointer's associated bounds, +thereby preventing out-of-bound memory access (such as buffer +overflows and overruns). Out-of-bounds memory references +initiate a #BR exception which can then be handled in an +appropriate manner. + +Loading and Storing Bounds using Translation + + +Intel MPX defines two instructions for load/store of the linear +address of a pointer to a buffer, along with the bounds of the +buffer into a paging structure of extended bounds. Specifically +when storing extended bounds, the processor will perform address +translation of the address where the pointer is stored to an +address in the Bound Table (BT) to determine the store location +of extended bounds. Loading of an extended bounds performs the +reverse sequence. + +The structure in memory to load/store an extended bound is a +4-tuple consisting of lower bound, upper bound, pointer value +and a reserved field. Bound loads and stores access 32-bit or +64-bit operand size according to the operation mode. Thus, +a bound table entry is 4*32 bits in 32-bit mode and 4*64 bits +in 64-bit mode. + +The linear address of a bound table is stored in a Bound +Directory (BD) entry. And the linear address of the bound The linear address +directory is derived from either BNDCFGU or BNDCFGS registers. +Bounds in memory are stored in Bound Tables (BT) as an extended +bound, which are accessed via Bound Directory (BD) and address +translation performed by BNDLDX/BNDSTX instructions. + +Bounds Directory (BD) and Bounds Tables (BT) are stored in +application memory and are allocated by the application (in case +of kernel use, the structures will be in kernel memory). The +bound directory and each instance of bound table are in contiguous +linear memory. + +XSAVE/XRESTOR Support of Intel MPX State + + +Enabling Intel MPX requires an OS to manage two bits in XCR0: + - BNDREGS for saving and restoring registers BND0-BND3, + - BNDCSR for saving and restoring the user-mode configuration +(BNDCFGU) and the status register (BNDSTATUS). + +The reason for having two separate bits is that BND0-BND3 is are +likely to be volatile state, while BNDCFGU and BNDSTATUS are not. +Therefore, an OS has flexibility in handling these two states +differently in saving or restoring them. + +For details about the Intel MPX instructions, see Intel(R) +Architecture Instruction Set Extensions Programming Reference. + + +2. How to get the advantage of MPX drop trailing space above. +== + + +To get the advantage of MPX, changes are required in +the OS kernel, binutils, compiler, system libraries support. and system libraries support. + +MPX support in the GNU toolchain + + +This section describes
Re: [PATCH v3 1/4] x86, mpx: add documentation on Intel MPX
On 01/26/2014 11:06 AM, Randy Dunlap wrote: On 01/26/2014 01:08 AM, Qiaowei Ren wrote: This patch adds the Documentation/x86/intel_mpx.txt file with some information about Intel MPX. Signed-off-by: Qiaowei Ren qiaowei@intel.com --- Documentation/x86/intel_mpx.txt | 226 +++ 1 files changed, 226 insertions(+), 0 deletions(-) create mode 100644 Documentation/x86/intel_mpx.txt diff --git a/Documentation/x86/intel_mpx.txt b/Documentation/x86/intel_mpx.txt new file mode 100644 index 000..052001c --- /dev/null +++ b/Documentation/x86/intel_mpx.txt @@ -0,0 +1,226 @@ +1. Intel(R) MPX Overview + + + +Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new +capability introduced into Intel Architecture. Intel MPX provides +hardware features that can be used in conjunction with compiler +changes to check memory references, for those references whose +compile-time normal intentions are usurped at runtime due to +buffer overflow or underflow. + +Two of the most important goals of Intel MPX are to provide +this capability at very low performance overhead for newly +compiled code, and to provide compatibility mechanisms with +legacy software components. MPX architecture is designed designed to +allow a machine (i.e., the processor(s) and the OS software) +to run both MPX enabled software and legacy software that +is MPX unaware. In such a case, the legacy software does not +benefit from MPX, but it also does not experience any change +in functionality or reduction in performance. + +Intel(R) MPX Programming Model +-- + +Intel MPX introduces new registers and new instructions that +operate on these registers. Some of the registers added are +bounds registers which store a pointer's lower bound and upper +bound limits. Whenever the pointer is used, the requested +reference is checked against the pointer's associated bounds, +thereby preventing out-of-bound memory access (such as buffer +overflows and overruns). Out-of-bounds memory references +initiate a #BR exception which can then be handled in an +appropriate manner. + +Loading and Storing Bounds using Translation + + +Intel MPX defines two instructions for load/store of the linear +address of a pointer to a buffer, along with the bounds of the +buffer into a paging structure of extended bounds. Specifically +when storing extended bounds, the processor will perform address +translation of the address where the pointer is stored to an +address in the Bound Table (BT) to determine the store location +of extended bounds. Loading of an extended bounds performs the +reverse sequence. + +The structure in memory to load/store an extended bound is a +4-tuple consisting of lower bound, upper bound, pointer value +and a reserved field. Bound loads and stores access 32-bit or +64-bit operand size according to the operation mode. Thus, +a bound table entry is 4*32 bits in 32-bit mode and 4*64 bits +in 64-bit mode. + +The linear address of a bound table is stored in a Bound +Directory (BD) entry. And the linear address of the bound The linear address +directory is derived from either BNDCFGU or BNDCFGS registers. +Bounds in memory are stored in Bound Tables (BT) as an extended +bound, which are accessed via Bound Directory (BD) and address +translation performed by BNDLDX/BNDSTX instructions. + +Bounds Directory (BD) and Bounds Tables (BT) are stored in +application memory and are allocated by the application (in case +of kernel use, the structures will be in kernel memory). The +bound directory and each instance of bound table are in contiguous +linear memory. + +XSAVE/XRESTOR Support of Intel MPX State + + +Enabling Intel MPX requires an OS to manage two bits in XCR0: + - BNDREGS for saving and restoring registers BND0-BND3, + - BNDCSR for saving and restoring the user-mode configuration +(BNDCFGU) and the status register (BNDSTATUS). + +The reason for having two separate bits is that BND0-BND3 is are +likely to be volatile state, while BNDCFGU and BNDSTATUS are not. +Therefore, an OS has flexibility in handling these two states +differently in saving or restoring them. + +For details about the Intel MPX instructions, see Intel(R) +Architecture Instruction Set Extensions Programming Reference. + + +2. How to get the advantage of MPX drop trailing space above. +== + + +To get the advantage of MPX, changes are required in +the OS kernel, binutils, compiler, system libraries support. and system libraries support. + +MPX support in the GNU toolchain + + +This section describes changes in GNU Binutils, GCC and Glibc +to support
