Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 25 Jul 2017 10:57:34 +0300
From: Hans Liljestrand <>
To: Kees Cook <>
Cc: "" <>,
	"Reshetova, Elena" <>,
	Dave Hansen <>,
	"H. Peter Anvin" <>
Subject: Re: [RFC PATCH 4/5] x86: MPXK base

On Mon, Jul 24, 2017 at 07:48:03PM -0700, Kees Cook wrote:
>On Mon, Jul 24, 2017 at 6:38 AM, Hans Liljestrand
><> wrote:
>> Enable and add needed support functionality for ring 0 MPX. MPXK is
>> enabled in init/main.c by setting the BNDCFGS MSR registers. This also
>> includes the mpxk_load_bounds implementation and error handling code for
>> MPX errors, i.e. bound violations.
>Maybe I missed it somewhere else, but this seems like there is no CPU
>feature flag testing. I'd expect runtime alternatives or something to
>disable this dynamically if the CPU didn't support it.

No, it seems I missed it :)

(although I am sure I had a test in there at some point)

Thanks for catching this!


>Kees Cook
>Pixel Security

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.