Prev: The Mark Robert Thorson FAQ: Read all about this LIAR, BULLY, THUG, CYBERSTALKER and HARASSER
Next: Why IA-64 flopped (was: Guessing wrong)
From: jean de henri on 13 Apr 2008 04:28
>I can then patch that data into instructions that use them.
wht does that mean ?

On Apr 10, 3:06 am, Wei Hu <wei....(a)gmail.com> wrote:
> Thank you all for your replies. That is exactly what I want to
> achieve. I want to keep a piece of data inside a process' memory from
> being readable by remote attackers using memory errors they
> discovered. Of course I can use mprotect() to make the data accessible
> by designated instructions. But the problem is that I do not want to
> pay a high overhead. If I'm able to read-protect executable pages, I
> can then patch that data into instructions that use them.
>
> -Wei
>
> On Apr 9, 3:54 pm, "Eric P." <eric_patti...(a)sympaticoREMOVE.ca> wrote:
>
>
>
> > "Eric P." wrote:
>
> > I should have said that the VAX hardware supported this but
> > I don't recall any software actually using the feature.
> > The only potential use would be for code that user mode
> > must be able to execute but no one can look at.
>
> > Eric- Hide quoted text -
>
> - Show quoted text -

From: Eric P. on 13 Apr 2008 12:12
Wei Hu wrote:
>
> Thank you all for your replies. That is exactly what I want to
> achieve. I want to keep a piece of data inside a process' memory from
> being readable by remote attackers using memory errors they
> discovered. Of course I can use mprotect() to make the data accessible
> by designated instructions. But the problem is that I do not want to
> pay a high overhead. If I'm able to read-protect executable pages, I
> can then patch that data into instructions that use them.

I don't think this approach would work even if the cpu
did support it and x86 does not. see below.

>
> -Wei
>
> On Apr 9, 3:54 pm, "Eric P." <eric_patti...(a)sympaticoREMOVE.ca> wrote:
> > "Eric P." wrote:
> >
> > I should have said that the VAX hardware supported this but
> > I don't recall any software actually using the feature.
> > The only potential use would be for code that user mode
> > must be able to execute but no one can look at.
> >
> > Eric

I was misremembering this slightly.
The VAX/VMS programming languages, linker, and executable file
memory sections all allowed Read/Write/Execute attributes to be
specified. But the hardware only had NoAccess/ReadOnly/ReadWrite
access control for the 4 privilege modes, in various combinations.

It would be a very limited usefulness anyway.
If an MMU did support user mode ExecuteOnly page access then you
might protect an algorithm from prying eyes by locating it in a DLL.
You might protect constant values for things like decryption keys
by using Load Immediate instructions to load values into registers
and pass them to routines, but then the number of registers becomes
an issue.

But the need for this would be so rare as to be hard to justify,
and using the mechanism would be very hardware platform dependent,
and you can accomplish the same thing in a platform independent
manner by moving the code/data into the kernel. And hard coding
"secret" keys into exe files is not a good idea
(as the various alt.cracks groups could attest).

Eric

First  |  Prev  | 
Pages: 1 2
Prev: The Mark Robert Thorson FAQ: Read all about this LIAR, BULLY, THUG, CYBERSTALKER and HARASSER
Next: Why IA-64 flopped (was: Guessing wrong)