Re: Overview Of New Intel Core i7(Nehalem) Processor

On Thu, 11 Jun 2009 06:31:19 -0700 (PDT), MooseFET
<kensmith@xxxxxxxxx> wrote:

On Jun 10, 7:41 pm, John Larkin
[....]

If x86 had serious i/d space separation, and Microcrap used it, all
sorts of exploits would be impossible.

Code space being in different chips, on a different bus is the ideal.
The memory can be logically divided into sections and security can be
good, however, it requires that the hardware prevent the application
from causing the memory usage to change. If the x86 segmentation
didn't have mistakes in how it was done, it could have worked for
this. It would still be a pigs breakfast but it would have worked.

Ideally, there should be two stacks, one for the return addresses and
a different one for the passed parameters and local variables. The
processor could have the parameter stack protected against accesses
beyond the limit of what is permitted for the current subroutine.
This boundary number would automatically be updated on a return.

Yes. C mixes up parameters, local variables, buffers, pointers, and
return addresses all on the same stack. Then apparently interleaves
stacks in the same address space as the subroutine code itself!
There's no way to apply hardware memory-management protections to a
tangled mess like that.


The task swapping part of the OS is really the only part that needs
access to every bit of memory. This would be only a few hundreds of
bytes.

Run the OS in its own CPU!

John

.

Relevant Pages

  • Re: Overview Of New Intel Core i7(Nehalem) Processor
    ... If x86 had serious i/d space separation, and Microcrap used it, all ... Code space being in different chips, on a different bus is the ideal. ... stacks in the same address space as the subroutine code itself! ... There's no way to apply hardware memory-management protections to a ...
    (sci.electronics.design)
  • Re: Overview Of New Intel Core i7(Nehalem) Processor
    ... Code space being in different chips, on a different bus is the ideal. ... The memory can be logically divided into sections and security can be ... good, however, it requires that the hardware prevent the application ... stacks in the same address space as the subroutine code itself! ...
    (sci.electronics.design)
  • Re: 16/32 processor operating mode
    ... Okay, x86 it is. ... hardware perspective, as I already mentioned, most memory accesses are ... called a "cache line") in a single operation. ... much of the data bus is active when accessing stuff on the bus. ...
    (alt.lang.asm)
  • Re: Zones in Linux
    ... called as NORMAL, DMA, HIGH memory zones. ... In that author specified that x86 won't be able to access above 868MB. ... All 32 bit x86 processors are able to access at least 4 GB of physical memory. ... With PAE, x86 processors are able to address 64GB of physical memory, although in all cases, 4GB is the virtual address range. ...
    (comp.os.linux.development.system)
  • A few questions about Prolog...
    ... few Prolog implementations, and would appreciate if the community ... SWI-Prolog uses a lot of memory for stacks? ... It seems that YAP ...
    (comp.lang.prolog)