Closed Bug 1423610 Opened 7 years ago Closed 3 months ago

Build with check-pointer-bounds (Intel MPX)

Categories

(Core :: Security, enhancement)

Product:
Core
Component:
Security
Type:
enhancement

Tracking

()

Status:
RESOLVED WONTFIX
Tracking Flags:
Tracking Status
firefox59 --- affected

People

(Reporter: tjr, Unassigned)

References

(Blocks 1 open bug)

Details

From https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html

--
-fcheck-pointer-bounds
Enable Pointer Bounds Checker instrumentation. Each memory reference is instrumented with checks of the pointer used for memory access against bounds associated with that pointer.

Currently there is only an implementation for Intel MPX available, thus x86 GNU/Linux target and -mmpx are required to enable this feature. MPX-based instrumentation requires a runtime library to enable MPX in hardware and handle bounds violation signals. By default when -fcheck-pointer-bounds and -mmpx options are used to link a program, the GCC driver links against the libmpx and libmpxwrappers libraries. Bounds checking on calls to dynamic libraries requires a linker with -z bndplt support; if GCC was configured with a linker without support for this option (including the Gold linker and older versions of ld), a warning is given if you link with -mmpx without also specifying -static, since the overall effectiveness of the bounds checking protection is reduced. See also -static-libmpxwrappers.

MPX-based instrumentation may be used for debugging and also may be included in production code to increase program security. Depending on usage, you may have different requirements for the runtime library. The current version of the MPX runtime library is more oriented for use as a debugging tool. MPX runtime library usage implies -lpthread. See also -static-libmpx. The runtime library behavior can be influenced using various CHKP_RT_* environment variables. See https://gcc.gnu.org/wiki/Intel%20MPX%20support%20in%20the%20GCC%20compiler for more details.

Generated instrumentation may be controlled by various -fchkp-* options and by the bnd_variable_size structure field attribute (see Type Attributes) and bnd_legacy, and bnd_instrument function attributes (see Function Attributes). GCC also provides a number of built-in functions for controlling the Pointer Bounds Checker. See Pointer Bounds Checker builtins, for more information.
--


It only would help Linux and it requires packaging another library, but I wanted to get a bug on the record for this for documentation at least.
Also wanted to point to Tor's work on this.
See Also: → https://trac.torproject.org/projects/tor/ticket/16352
See Also: → 897470
Severity: normal → S3

MPX is dead

Status: NEW → RESOLVED
Closed: 3 months ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.