From: Dave Hansen <dave.hansen@linux.intel.com>
To: Ingo Molnar <mingo@kernel.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
LKML <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
the arch/x86 maintainers <x86@kernel.org>
Subject: Re: [GIT pull] x86 mpx support for 3.19
Date: Thu, 11 Dec 2014 14:02:38 -0800 [thread overview]
Message-ID: <548A147E.1020507@linux.intel.com> (raw)
In-Reply-To: <20141211061935.GA5059@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1557 bytes --]
On 12/10/2014 10:19 PM, Ingo Molnar wrote:
> * Dave Hansen <dave.hansen@linux.intel.com> wrote:
>> @@ -1575,6 +1571,27 @@ config X86_SMAP
>>
>> If unsure, say Y.
>>
>> +config X86_INTEL_MPX
>> + prompt "Intel MPX (Memory Protection Extensions)" if EXPERT
>
> I think the 'if EXPERT' needs to be dropped.
Fine with me.
>> + def_bool y
>> + depends on CPU_SUP_INTEL
>
> On the one hand, the 'def_bool y' might be acceptable, if we
> think of MPX as X32 or SECCOMP: ABI extensions that are only
> really useful if all distros enable it.
It's a _bit_ different than X32 or SECCOMP, though. An x32 app is a
doorstop if the kernel's config option is off. An MPX-instrumented app
ends up looking like a dumb app running a bunch of noops (for the MPX
instructions and prefixes) and being mean to the icache, but it's not a
doorstop.
That said, we *really* want distros enabling it. (Putting my Intel hat
on firmly now...) MPX already requires recompiling binaries, which is a
fairly large burden. If an application writer goes to that trouble, we
really want to make sure that the kernel support is there.
It'd be a real shame to have an app compiled with MPX support (and all
those noops and their overhead), running on a CPU with silicon that
supports MPX, and a kernel that *can* support MPX... and then not use it.
>> + Enabling this option will make the kernel larger and
>> + slightly increase the size of some kernel data
>> + structures.
>
> And will add a few branches to critical code paths, right?
Yep, new patch attached.
[-- Attachment #2: x86-mpx-real-config-option-v3.patch --]
[-- Type: text/x-patch, Size: 1859 bytes --]
From: Dave Hansen <dave.hansen@linux.intel.com>
Give MPX a real config option. The CPUs that support it
(referenced here):
https://software.intel.com/en-us/forums/topic/402393
are not available publicly, so we need to make it somewhat
easy to disable.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
---
b/arch/x86/Kconfig | 28 ++++++++++++++++++++++++----
1 file changed, 24 insertions(+), 4 deletions(-)
diff -puN arch/x86/Kconfig~x86-mpx-real-config-option-v3 arch/x86/Kconfig
--- a/arch/x86/Kconfig~x86-mpx-real-config-option-v3 2014-12-11 07:37:05.147501580 -0800
+++ b/arch/x86/Kconfig 2014-12-11 07:38:55.864495123 -0800
@@ -248,10 +248,6 @@ config HAVE_INTEL_TXT
def_bool y
depends on INTEL_IOMMU && ACPI
-config X86_INTEL_MPX
- def_bool y
- depends on CPU_SUP_INTEL
-
config X86_32_SMP
def_bool y
depends on X86_32 && SMP
@@ -1575,6 +1571,30 @@ config X86_SMAP
If unsure, say Y.
+config X86_INTEL_MPX
+ prompt "Intel MPX (Memory Protection Extensions)"
+ def_bool y
+ depends on CPU_SUP_INTEL
+ ---help---
+ MPX provides hardware features that can be used in
+ conjunction with compiler-instrumented code to check
+ memory references. It is designed to detect buffer
+ overflow or underflow bugs.
+
+ This option enables running applications which are
+ instrumented or otherwise use MPX. It does not use MPX
+ itself inside the kernel or to protect the kernel
+ against bad memory references.
+
+ Enabling this option will make the kernel larger:
+ ~8k of kernel text and 36 bytes of data on a 64-bit
+ defconfig. It adds a long to the 'mm_struct' which
+ will increase the kernel memory overhead of each
+ process and adds some branches to paths used during
+ exec() and munmap().
+
+ If unsure, say Y.
+
config EFI
bool "EFI runtime service support"
depends on ACPI
_
next prev parent reply other threads:[~2014-12-11 22:04 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-09 14:08 [GIT pull] x86 mpx support for 3.19 Thomas Gleixner
2014-12-10 19:05 ` Linus Torvalds
2014-12-10 19:41 ` Dave Hansen
2014-12-10 19:49 ` Linus Torvalds
2014-12-10 20:39 ` Dave Hansen
2014-12-10 20:49 ` Linus Torvalds
2014-12-12 16:40 ` H. Peter Anvin
2014-12-11 6:19 ` Ingo Molnar
2014-12-11 22:02 ` Dave Hansen [this message]
2014-12-12 8:31 ` Ingo Molnar
2014-12-12 12:30 ` Pavel Machek
2014-12-12 15:47 ` Dave Hansen
2014-12-12 17:21 ` Pavel Machek
2014-12-10 19:49 ` Dave Hansen
2014-12-11 2:14 ` Eric W. Biederman
2014-12-11 2:30 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=548A147E.1020507@linux.intel.com \
--to=dave.hansen@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).