search for: bndcu

Displaying 7 results from an estimated 7 matches for "bndcu".

2018 Jun 30
2
Using BuildMI to insert Intel MPX instruction BNDCU failed
Hello everyone, I'm a newbie of llvm. I'm trying to insert Intel MPX instruction BNDCU with BuildMI. I add my machinefunctionpass at addPreEmitPass2. Here is the code of insertion: BuildMI(MBB, MI, DL, TII->get(X86::BNDCU64rr)).addReg(X86::BND2, RegState::Define).addReg(X86::R10); And here is to stack track when I compiler program with modified llc: /home/shenyouren/...
2013 Sep 10
0
[LLVMdev] Intel Memory Protection Extensions (and types question)
...pointer and metadata exist in separate registers, but single instructions (loads and stores) operate on the pointer + metadata. > Which MPX instructions do you mean here? Ah, sorry, I was confusing MPX with one of the other HardBound-like schemes here. In MPX, you must implicitly insert the BNDCU and BNDCL instructions. I would expect that you'd want to model the BNDCU + BNDCL + MOV sequence as a single pseudo for as long as possible to ensure that the bounds checks were performed at the correct time and not elided, but they are separate instructions (although if they don't do micr...
2013 Sep 10
2
[LLVMdev] Intel Memory Protection Extensions (and types question)
On Tue, Sep 10, 2013 at 1:19 PM, David Chisnall <David.Chisnall at cl.cam.ac.uk > wrote: > On 10 Sep 2013, at 10:13, Kostya Serebryany <kcc at google.com> wrote: > > > How did you come with 320 bits? > > 320=64*4+64, which is the size of the metadata table entry plus pointer > size, > > > Sorry, that should have been 192. The specification allows the
2013 Sep 10
3
[LLVMdev] Intel Memory Protection Extensions (and types question)
...exist in separate registers, but single > instructions (loads and stores) operate on the pointer + metadata. > > Which MPX instructions do you mean here? > > Ah, sorry, I was confusing MPX with one of the other HardBound-like > schemes here. In MPX, you must implicitly insert the BNDCU and BNDCL > instructions. I would expect that you'd want to model the BNDCU + BNDCL + > MOV sequence as a single pseudo for as long as possible to ensure that the > bounds checks were performed at the correct time and not elided, but they > are separate instructions (although if th...
2017 Feb 08
4
[RFC] Using Intel MPX to harden SafeStack
...ctions in MPX. The runtime library [1] simply initializes one bounds register, BND0, to have an upper bound that is set below all safe stacks and above all ordinary data. A pre-isel patch instruments stores that are not authorized to access the safe stack by preceding each such instruction with a BNDCU instruction. That checks whether the following store accesses memory that is entirely below the upper bound in BND0 [2]. Loads are not instrumented, since the purpose of the checks is only to help prevent corruption of the safe stacks. Authorized safe stack accesses are not instrumented, since t...
2013 Sep 10
0
[LLVMdev] Intel Memory Protection Extensions (and types question)
On 10 Sep 2013, at 12:13, Kostya Serebryany <kcc at google.com> wrote: > Well, ok, you can treat this as a 192-bit fat pointer, but AFAICT this is not the real intention of the MPX developers > since a fat pointer will break all ABIs, and MPX tries to preserve them. MPX is an implementation of the HardBound concept from UPenn, where this was a design goal (see also their 'low-fat
2017 Feb 18
2
[RFC] Using Intel MPX to harden SafeStack
On 2/7/2017 20:02, Kostya Serebryany wrote: > ... > > My understanding is that BNDCU is the cheapest possible instruction, > just like XOR or ADD, > so the overhead should be relatively small. > Still my guesstimate would be >= 5% since stores are very numerous. > And such overhead will be on top of whatever overhead SafeStack has. > Do you have any measurements...