Intel MPX Memory Protection Still Baking For Linux
While we are still waiting for Broadwell to land in the coming months as the next-gen processors succeeding Haswell, Intel Linux developers are already working on early steps towards Intel Skylake enablement. Intel MPX is short for the Memory Protection Extensions and is an x86 iextension for checking pointer references and trying to help developers better fend off possible buffer overflows.
MPX was first detailed by Intel last year as a mix of OS, compiler, and run-time work for increasing software security through checking pointer references. For those not yet familiar with Intel MPX, see the Intel.com articles.
Intel developers have been playing with Intel MPX for GCC since last year while on the kernel side they are still working to land the changes. Qiaowei Ren of Intel published a fresh set of five patches to the Linux kernel on Saturday with this patch series.
Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new capability introduced into Intel Architecture. Intel MPX can increase the robustness of software when it is used in conjunction with compiler changes to check that memory references intended at compile time do not become unsafe at runtime.This new code probably won't end up being mainlined until at least the Linux 3.15 kernel (but could be a surprise for the Linux 3.14 merge window that soon will be opening), but at least that's still well ahead of the expected Intel Skylake debut in 2015. Besides MPX, the 14nm Intel Skylake is expected to also offer new SHA extensions, ADX Add-Carry Instructions, AVX-512F, and various other improvements.
Two of the most important goals of Intel MPX are to provide this capability at very low performance overhead for newly compiled code, and to provide compatibility mechanisms with legacy software components. A direct benefit Intel MPX provides is hardening software against malicious attacks designed to cause or exploit buffer overruns.
Intel MPX introduces new registers and new instructions that operate on these registers. Some of the registers added are bounds registers which store a pointer's lower bound and upper bound limits. Whenever the pointer is used, the requested reference is checked against the pointer's associated bounds, thereby preventing out-of-bound memory access (such as buffer overflows and overruns). Out-of-bounds memory references initiate a #BR exception which can then be handled in an appropriate manner.