[Cryptography] [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say
ianG
iang at iang.org
Sun Dec 22 01:36:44 EST 2013
On 21/12/13 02:48 AM, Jerry Leichter wrote:
> On Dec 19, 2013, at 5:39 PM, Phillip Hallam-Baker <hallam at gmail.com> wrote:
>
> Off topic, but:
>> Some chips have microcode on microcode. The DEC Alpha even let the operating system write instructions into the microcode (this allowed the chip to emulate the VAX four ring security system).
> Alpha's were not microcoded. The standard instructions were all implemented RISC-style.
This is a good point. Using RISC chips would be a substantial defence
against the attack that has been outlined (leaving aside the obviously
contentious debate as to whether the risk is serious).
What RISC CPUs are there these days in widespread deployment in
off-the-shelf general purpose computers?
> OS's didn't, as far as I know, load PALcode. Rather, the PALcode needed to support a particular OS was loaded before the OS was loaded. PALcode *could* provide a way for an OS to change the code later, but I don't think any standard variant did. (Keep in mind that even the OS couldn't touch the perfectly ordinary system memory where the PALcode resided unless the PALcode consented to fill a TLB entry to map that memory - which I very much doubt the standard PALcode would ever do.)
If there was a way to reveal a signature of the PALcode, then it could
be checked against known good sigs. Just musing...
iang
More information about the cryptography
mailing list