|
Bugtraq
mailing list archives
Re: http://www.smashguard.org
From: Theo de Raadt <deraadt () cvs openbsd org>
Date: Mon, 09 Feb 2004 17:04:20 -0700
As Theo said, the AMD buffer overflow "protection" is nothing more than
sensible separation of R and X bits per page, fixing a glaring and
anomalous defect in the original 386 MMU. Many CPUs before and since had
this feature, and it was just Intel slop in the early 1980s that
developed an MMU (and associated instruction set) that mistakenly
treated R and X per page as one bit.
It's going to get worse before it gets better.
At the same time that AMD is per-page X bit support to the x86
architecture, Intel is removing such capability from ARM cpus. And of
course mips cpus cannot do it. And it will be ages before x86
compatible cpus like the NSC Geode and such will have it.
So pretty much any low-power embedded device you can buy in the future
will not have such basic and simple protection.
Per-page execute permission functionality in a modern split-TLB CPU is
about 80 gates. On a non-split TLB it adds perhaps 80 gates + 20-per
line.
 By Date 
By Thread
Current thread:
Re: http://www.smashguard.org Leon Harris (Feb 04)
| 
Intro
