Re: [PATCH 2/5] x86, mpx: hook #BR exception handler to allocatebound tables

From: H. Peter Anvin
Date: Fri Jan 17 2014 - 11:59:17 EST

On 01/17/2014 08:56 AM, Borislav Petkov wrote:
> On Fri, Jan 17, 2014 at 08:51:31AM -0800, H. Peter Anvin wrote:
>> We shouldn't have any BOUND or MPX instructions in kernel space. Panic.
> How do we enforce that?

#BR exception from kernel space -> panic.

We have tons of rules on kernel code... e.g. no FPU usage. This one is
minor in comparison.


