Intel MPX Memory Protection Still Baking For Linux

Written by Michael Larabel in Intel on 11 January 2014 at 09:15 PM EST. Add A Comment
INTEL
Intel Linux developers are still working to land Memory Protection Extensions (MPX) support into the mainline Linux kernel for this new feature coming to Skylake.

While we are still waiting for Broadwell to land in the coming months as the next-gen processors succeeding Haswell, Intel Linux developers are already working on early steps towards Intel Skylake enablement. Intel MPX is short for the Memory Protection Extensions and is an x86 iextension for checking pointer references and trying to help developers better fend off possible buffer overflows.

MPX was first detailed by Intel last year as a mix of OS, compiler, and run-time work for increasing software security through checking pointer references. For those not yet familiar with Intel MPX, see the Intel.com articles.

Intel developers have been playing with Intel MPX for GCC since last year while on the kernel side they are still working to land the changes. Qiaowei Ren of Intel published a fresh set of five patches to the Linux kernel on Saturday with this patch series.
Intel(R) Memory Protection Extensions (Intel(R) MPX) is a new capability introduced into Intel Architecture. Intel MPX can increase the robustness of software when it is used in conjunction with compiler changes to check that memory references intended at compile time do not become unsafe at runtime.

Two of the most important goals of Intel MPX are to provide this capability at very low performance overhead for newly compiled code, and to provide compatibility mechanisms with legacy software components. A direct benefit Intel MPX provides is hardening software against malicious attacks designed to cause or exploit buffer overruns.

Intel MPX introduces new registers and new instructions that operate on these registers. Some of the registers added are bounds registers which store a pointer's lower bound and upper bound limits. Whenever the pointer is used, the requested reference is checked against the pointer's associated bounds, thereby preventing out-of-bound memory access (such as buffer overflows and overruns). Out-of-bounds memory references initiate a #BR exception which can then be handled in an appropriate manner.
This new code probably won't end up being mainlined until at least the Linux 3.15 kernel (but could be a surprise for the Linux 3.14 merge window that soon will be opening), but at least that's still well ahead of the expected Intel Skylake debut in 2015. Besides MPX, the 14nm Intel Skylake is expected to also offer new SHA extensions, ADX Add-Carry Instructions, AVX-512F, and various other improvements.
Add A Comment
Related News
Intel Has Many Improvements For The Xe Graphics Driver In Linux 6.10
Intel Enabling Linux Driver Display Support For Upcoming "Battlemage" GPUs
Intel Media Driver 2024Q1 Brings Arrow Lake H Support
Intel Compute Runtime 24.13.29138.7 Brings Improved OpenCL/OpenGL Sharing
Intel oneVPL GPU Runtime 2024Q1 Brings VP9 Fix & AV1 Refinements
Intel Preps Adaptive Sync SDP, Lunar Lake Display & More DG2 PCI IDs In Linux 6.10
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Fedora Linux 40 Cleared For Release Next Week
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Ubuntu 24.04 Supports Easy Installation Of OpenZFS Root File-System With Encryption
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"