lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 07 Feb 2004 08:27:22 -0700
From: Theo de Raadt <deraadt@....openbsd.org>
To: Hilmi Ozdoganoglu <cyprian@...due.edu>
Cc: Dave Paris <dparis@...orks.com>, bugtraq@...urityfocus.com
Subject: Re: http://www.smashguard.org


> The idea is not to create "custom CPUs" but to have our modification
> picked up by major vendors.

Er..

> Clearly there is interest in applying
> hardware to solve security issues based on the latest press releases
> from AMD that AMD chips include buffer-overflow protection (see
> Computer World, January 15, 2004).

Whoa, hold on.  What these vendors are doing to their cpus is not on
the same scale as what you are suggesting.

In this regard, all AMD has added (to the amd64) is a per-page
non-executable bit.  In PAE mode, bit 63 of the PTE becomes a NX bit.

This is not really all that new.  sparc v8, sparc v9, alpha, and hppa
have had this for a very long time.  The motorola 88k is also capable
of this, due to the split mmu handling.  In general cpus like mips,
vax, m68k, and powerpc cpus are not capable of it.  Some cpus with
split code & data tlb's are -- if they have software tlb load
mechanisms -- and some arm cpus fall into this catagory.  But
performance can suffer significantly if the mechanims are poorly
designed.

Some operating systems make use of this.  Such as OpenBSD, for ..
what.. 2 years now..

Now why is this not the same as yours?  Even though we have an entire
operating system modified to operate with as many non-executable page
as possible, we still consider this a weaker protection mechanism than
gcc propolice.  However these two very cheap mechanisms can work
together to improve resistance; fewer bugs can be exploited to control
flow.

By the way, I am pleased to say that my research has shown that the
AMD PAE NX bit will work in 32 bit mode.  We are trying to make
modifications that will permit OpenBSD to use it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ