lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200402100004.i1A04Kbe008387@cvs.openbsd.org>
Date: Mon, 09 Feb 2004 17:04:20 -0700
From: Theo de Raadt <deraadt@....openbsd.org>
To: Crispin Cowan <crispin@...unix.com>
Cc: Hilmi Ozdoganoglu <cyprian@...due.edu>,
	Dave Paris <dparis@...orks.com>, bugtraq@...urityfocus.com
Subject: Re: http://www.smashguard.org


> As Theo said, the AMD buffer overflow "protection" is nothing more than 
> sensible separation of R and X bits per page, fixing a glaring and 
> anomalous defect in the original 386 MMU. Many CPUs before and since had 
> this feature, and it was just Intel slop in the early 1980s that 
> developed an MMU (and associated instruction set) that mistakenly 
> treated R and X per page as one bit.

It's going to get worse before it gets better.

At the same time that AMD is per-page X bit support to the x86
architecture, Intel is removing such capability from ARM cpus.  And of
course mips cpus cannot do it.  And it will be ages before x86
compatible cpus like the NSC Geode and such will have it.

So pretty much any low-power embedded device you can buy in the future
will not have such basic and simple protection.

Per-page execute permission functionality in a modern split-TLB CPU is
about 80 gates.  On a non-split TLB it adds perhaps 80 gates + 20-per
line.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ