Lines Matching refs:to
6 that can be used in conjunction with compiler changes to check memory
8 usurped at runtime due to buffer overflow or underflow.
14 For more information, please refer to Intel(R) Architecture Instruction
19 possible to use SDE (Intel(R) Software Development Emulator) instead, which
24 2. How to get the advantage of MPX
27 For MPX to work, changes are required in the kernel, binutils and compiler.
30 There are a lot of moving parts of this to all work right. The following
31 is how we expect the compiler, application and kernel to work together.
37 points the "bndcfgu" register to the directory (must also set the valid
39 that the app will be using MPX. The app must be careful not to access
41 when it calls the prctl(). This might be hard to guarantee if the app
42 is compiled with MPX. You can add "__attribute__((bnd_legacy))" to
43 the function to disable MPX instrumentation to help guarantee this.
44 Also be careful not to call out to any other code which might be
46 3) The kernel detects that the CPU has MPX, allows the new prctl() to
48 expected to keep the bounds directory at that locationWe note it
50 to access the bounds directory register is an expensive operation.
51 4) If the application needs to spill bounds out of the 4 registers, it
55 in the bounds directory point to the new table.
60 pointers, and we attempt to free the associated space in the bounds
61 tables. If an entire table becomes unused, we will attempt to free
68 * inserts code early in the application to call in to the "gcc runtime"
73 * calls a new prctl(PR_MPX_ENABLE_MANAGEMENT) to notify the kernel to
77 * Handles #BR exceptions and sends SIGSEGV to the app when it violates
79 * When bounds are spilled in to an unallocated bounds table, the kernel
81 updates the bounds directory to point to the new table. It keeps
95 * new bounds tables (BT) need to be allocated to save bounds.
98 We hook #BR handler to handle these two new situations.
104 MPX-enabled code needs more than these 4 registers, it needs to spill
106 the bounds to be moved between the bounds registers and some new "bounds
110 similar conceptually to a page fault and will be raised by the MPX
114 pointing the bounds-directory over to it.
116 The tables need to be accessed and controlled by userspace because
118 frequent. They potentially happen every time a register points to
119 memory. Any direct kernel involvement (like a syscall) to access the
128 never have to allocate them?
130 process address space to save bounds information. These tables can take
136 If we were to preallocate them for the 128TB of user virtual address
137 space, we would need to reserve 512TB+2GB, which is larger than the
141 infeasible to prepopulate bounds directories.
150 (think libraries). The kernel is really the only place to intercept
153 Q: Could a bounds fault be handed to userspace and the tables allocated
156 if mmap() would work it still requires locking or nasty tricks to
166 If a #BR is generated due to a bounds violation caused by MPX.
167 We need to decode MPX instructions to get violation address and
185 The '_addr' field refers to violation address, and new '_addr_and'
186 field refers to the upper/lower bounds when a #BR is caused.
188 Glibc will be also updated to support this new siginfo. So user
194 When a BNDSTX instruction attempts to save bounds to a bounds directory
203 Here, the solution for this issue is to hook do_munmap() to check
210 Two new prctl commands are added to enable and disable MPX bounds tables
217 directory. So kernel have to use XSAVE instruction to get the base
220 But XSAVE is expected to be very expensive. In order to do performance
221 optimization, we have to get the base of bounds directory and save it
222 into struct mm_struct to be used in future during PR_MPX_ENABLE_MANAGEMENT
229 1) If userspace is requesting help from the kernel to do the management
234 of bounds entry to have this entry valid. But, the kernel will decline
235 to assist in managing these tables.
243 However, if users did this, the kernel might be fooled in to unmaping an