Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

libmpx0 Intel memory protection extensions for skylake.

Here you can discuss every aspect of Debian. Note: not for support requests!
Post Reply
Message
Author
shirish
Posts: 845
Joined: 2010-12-08 12:59

libmpx0 Intel memory protection extensions for skylake.

#1 Post by shirish »

Hi all,
I just came across this :-

Code: Select all

[$] aptitude show libmpx0                                                                                                          
Package: libmpx0                         
State: not installed
Multi-Arch: same
Version: 5-20150321-1
Priority: optional
Section: libs
Maintainer: Debian GCC Maintainers <debian-gcc@lists.debian.org>
Architecture: amd64
Uncompressed Size: 25.6 k
Depends: gcc-5-base (= 5-20150321-1), libc6 (>= 2.17)
PreDepends: multiarch-support
Description: Intel memory protection extensions (runtime)
 Intel MPX is a set of processor features which, with compiler, runtime library and OS support, brings increased robustness to software by checking pointer references whose compile time normal intentions are usurped at runtime due to buffer overflow.
Homepage: http://gcc.gnu.org/
This doesn't tell much but going to https://en.wikipedia.org/wiki/Intel_MPX and then looking at https://en.wikipedia.org/wiki/Skylake_% ... tecture%29 the situation becomes much more clearer. Guess this will by default and will benefit greatly all those who will buy Skylake while with this perhaps legacy users (who won't have Skylake microprocessors) can also emulate the same albeit slowly.

If my understanding is wrong, please correct it.
Intel Dual-Core CPU E5400 (soc 775) @ 2.70GHz, onboard Intel G33, Asus MB P5KPL-AM IN (Intel G31), D-Link 2750u modem+router, 64-bit Debian Testing, Mate 1.26

reinob
Posts: 1189
Joined: 2014-06-30 11:42
Has thanked: 97 times
Been thanked: 45 times

Re: libmpx0 Intel memory protection extensions for skylake.

#2 Post by reinob »

shirish wrote:Guess this will by default and will benefit greatly all those who will buy Skylake while with this perhaps legacy users (who won't have Skylake microprocessors) can also emulate the same albeit slowly.

If my understanding is wrong, please correct it.
I cannot tell, but I would bet that this won't be used by default anywhere, and certainly not in debian, as this is a very intel 64-bit specific thing.

tomazzi
Posts: 730
Joined: 2013-08-02 21:33

Re: libmpx0 Intel memory protection extensions for skylake.

#3 Post by tomazzi »

What to do if You want to keep the income from sales rising, while already sold products are good/fast enough and there's no easy way to build significantly better product? Competitive products are getting to the market, and they are better/cheaper/less power-hungry...
Marketing gives the power - let's spread some bullshits about some "new technology" which increases so much appreciated "safety and robustness".

Why do I say so?
Well, MPX has only 4 registers for pointer bounds checking - taking into account that even relatively small program can use hundreds of pointers and hundreds of buffers, it is obvious, that 4 registers can't be used efficiently to protect all of them. Situation looks even worse, when we'll take into account that there can be hundreds of processes running in parallel and each of them uses that hundreds of pointers and buffers.
Conclusion is simple: only selected, most vulnerable portions of code can benefit from this solution...

That still sounds not bad, until we realise that such protection can be implemented in software, and in fact such techniques are already used for potentially voulnerable code.
The problem is, as always, that nobody knows all the cases when part of code should be protected in this way, until a new virus, new attack technique or a new voulnerability is discovered.

In othre words: MPX offers functionality which sound great, but it can't guarantee anything, and it's not new - as pointer bounds checking is already implemented in serious/high quality/deterministic software.

I really whish companies like Tilera will finally stop to affraid of Intel, and start to sell PC motherboards for their CPUs. Unfortunately, since microshit still holds about 56-78% of the PC market (depending on who is making the statistics) that would need a support for 100+ cores on winblows (what is impossible).

...anyway, it seems that I have to spend another few years with intel clones... ;)
Odi profanum vulgus

Post Reply