[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [f-cpu] tlb last ! (secure bit, lib ring)



whygee@club-internet.fr a écrit :
> 
> nicO = The Lord of the Ring(s) ? :-)
> 
> this thread is looking (at least to me, i don't
> speak for other lurkers) like it's going in endless
> circles.

really no comment...

> 
> Sure, F-CPU was not designed for security in the
> beginning, and it's probably the right time to address
> this issue. But remember that it must remain simple,
> and what is simple for you might be out of reach
> for many people.
> 

Simple ? Or that *you* understand ?

> i'll adopt a "middle" behaviour : TLB format can
> be user-defined until F-CPU v1 is frozen. Though my
> new job at http://www.artabel.net/ might slow the process.
> 

I think that the discussion. Is quite closed. I'm ok for rwx right for
supervisor. I hope "s" bits will bit used, too (We should have a secure
jump, too. Don't you think ?).

Any comment ?

nicO

> All i want it something that works (and i'm not alone).
> I don't need a Hurd-like project.
> 
> /me ---> /home/bed.
> 
> ----Message d'origine----
> >Sujet: [f-cpu] tlb last ! (secure bit, lib ring)
> >De: "Nicolas Boulay" <nicolas.boulay@ifrance.com>
> >
> >I forgot to add for the tlb, the tagged region.
> >- So one more bit in the tlb ("secure bit").
> >- split the load&store in normal and secure one (to access the secure
> >area).
> >
> >Maybe we could have one user secure bit and one superuser secure bit.
> >
> >[That's mainly to definitely protect the return stack from buffer
> >overflow. return stack are on a secure area, and buffer are only managed
> >by normal load&store. Only fonction pointer are now a problem : this
> >could be solve with the use of a new ring to protect excve ? (that's
> >means that to access excve a kind of trap must occur which is a very
> >different thing compare to a typical function call)]
> >
> >[Maybe rwx right for this new (lib ?) ring could be added, too.]
> >
> >nicO
> >
> >
> >______________________________________________________________________________
> >Pour mieux recevoir vos emails, utilisez un PC plus performant !
> >Découvrez la nouvelle gamme DELL en exclusivité sur i (france)
> >http://www.ifrance.com/_reloc/signhdell
> >
> >*************************************************************
> >To unsubscribe, send an e-mail to majordomo@seul.org with
> >unsubscribe f-cpu       in the body. http://f-cpu.seul.org/
> >
> 
> *************************************************************
> To unsubscribe, send an e-mail to majordomo@seul.org with
> unsubscribe f-cpu       in the body. http://f-cpu.seul.org/
*************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe f-cpu       in the body. http://f-cpu.seul.org/