lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Fri, 30 Apr 2004 18:45:42 -0600
From: Theo de Raadt <deraadt@....openbsd.org>
To: Pavel Machek <pavel@....cz>
Cc: Crispin Cowan <crispin@...unix.com>,
	Hilmi Ozdoganoglu <cyprian@...due.edu>,
	Dave Paris <dparis@...orks.com>, bugtraq@...urityfocus.com
Subject: Re: http://www.smashguard.org


> > >The idea is not to create "custom CPUs" but to have our modification
> > >picked up by major vendors.  Clearly there is interest in applying
> > >hardware to solve security issues based on the latest press releases
> > >from AMD that AMD chips include buffer-overflow protection (see
> > >Computer World, January 15, 2004).
> > >
> > As Theo said, the AMD buffer overflow "protection" is nothing more than 
> > sensible separation of R and X bits per page, fixing a glaring and 
> 
> Actually it is not "sensible", and it is not separation.
> 
> You can have r--, r-x, but you can't have --x.

Oh for the record.  A few chips make it possible to have --x
permissions.

alpha (I am not positive)
sparc64 (I am not positive)

ia64
hppa
amd29k

m88k

The first two have software tlb refillers with a split tlb architecture,
but I am not sure if there is tlb "leak"

The next three have specific page table bits for kernel (r w x) and
user (r w x).

The last has a harvard-style split mmu (entirely different mmu for
code and data), and it should be possible to play games to do it...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ