Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 24 Jul 2017 19:48:03 -0700
From: Kees Cook <keescook@...omium.org>
To: Hans Liljestrand <liljestrandh@...il.com>
Cc: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, 
	"Reshetova, Elena" <elena.reshetova@...el.com>, Dave Hansen <dave.hansen@...el.com>, 
	"H. Peter Anvin" <hpa@...or.com>
Subject: Re: [RFC PATCH 4/5] x86: MPXK base

On Mon, Jul 24, 2017 at 6:38 AM, Hans Liljestrand
<liljestrandh@...il.com> wrote:
> Enable and add needed support functionality for ring 0 MPX. MPXK is
> enabled in init/main.c by setting the BNDCFGS MSR registers. This also
> includes the mpxk_load_bounds implementation and error handling code for
> MPX errors, i.e. bound violations.

Maybe I missed it somewhere else, but this seems like there is no CPU
feature flag testing. I'd expect runtime alternatives or something to
disable this dynamically if the CPU didn't support it.

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.