On 12/10/2014 10:19 PM, Ingo Molnar wrote:
> * Dave Hansen <dave.hansen@linux.intel.com> wrote:
>> @@ -1575,6 +1571,27 @@ config X86_SMAP
>>  
>>  	  If unsure, say Y.
>>  
>> +config X86_INTEL_MPX
>> +	prompt "Intel MPX (Memory Protection Extensions)" if EXPERT
> 
> I think the 'if EXPERT' needs to be dropped.

Fine with me.

>> +	def_bool y
>> +	depends on CPU_SUP_INTEL
> 
> On the one hand, the 'def_bool y' might be acceptable, if we 
> think of MPX as X32 or SECCOMP: ABI extensions that are only 
> really useful if all distros enable it.

It's a _bit_ different than X32 or SECCOMP, though.  An x32 app is a
doorstop if the kernel's config option is off.  An MPX-instrumented app
ends up looking like a dumb app running a bunch of noops (for the MPX
instructions and prefixes) and being mean to the icache, but it's not a
doorstop.

That said, we *really* want distros enabling it.  (Putting my Intel hat
on firmly now...)  MPX already requires recompiling binaries, which is a
fairly large burden.  If an application writer goes to that trouble, we
really want to make sure that the kernel support is there.

It'd be a real shame to have an app compiled with MPX support (and all
those noops and their overhead), running on a CPU with silicon that
supports MPX, and a kernel that *can* support MPX... and then not use it.

>> +	  Enabling this option will make the kernel larger and
>> +	  slightly increase the size of some kernel data
>> +	  structures.
> 
> And will add a few branches to critical code paths, right?

Yep, new patch attached.