Re: Stacks, was Segments

Liste des GroupesRevenir à c arch 
Sujet : Re: Stacks, was Segments
De : mitchalsup (at) *nospam* aol.com (MitchAlsup1)
Groupes : comp.arch
Date : 07. Feb 2025, 03:53:29
Autres entêtes
Organisation : Rocksolid Light
Message-ID : <53523df618d4ccb47978c68c5dc7c171@www.novabbs.org>
References : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
User-Agent : Rocksolid Light
On Thu, 6 Feb 2025 21:53:27 +0000, EricP wrote:

Stephen Fuld wrote:
-----------------
>
I am a little confused here.  When you talk about I0MMU addresses, are
you talking about memory addresses or disk addresses?  ISTM that
protecting memory of lower privileged programs is useless if a higher
privileged program can force a page out to disk, then can read the data
from the disk drive itself.  Of course, the same is true for data
written to disk by a lesser privileged program.  If the higher
privileged program can read the file, then it can compromise security.
>
I'm just kinda free associating what the consequences of restricting
the HV's access to lesser privilege levels might be.
>
As I understand it, the AMD secure HV approach is that memory owned by a
guest kernel and its applications is encrypted and only the guest kernel
has the key. Memory content is only decrypted while inside the core.
As the key is only stored inside that guest kernel memory there is
no way for HV to get at it.
Interesting, so you can see the data you just can't interpret the
bit-patterns. This still leaves the door open for malicious action.

So it doesn't matter that the HV has access to guest memory because it
can only see encrypted memory values. Presumably such data is encrypted
on disk so intercepting a DMA gives you nothing.
It maters if HV can access (especially modify) what is in storage
(not memory), making it impossible for secure process from using
his own data !

But it doesn't look like blocking HV access to the guest kernel, user,
or sandbox memory accomplishes the same security because the HV can
always diddle its own page tables to grant itself access.
My 66000 does it differently. HV can create a PTE that translates
"anywhere", but cannot use the VA of Guest OS or SM in order to
use that PTE. There are 4 VAS privilege levels::
               HoB = 0          nest   HoB = 1       nest
application:   application VAS   yes   no access       X
Guest OS       application VAS   yes   Guest OS VAS   yes
HyperVisor     HyperVisor VAS    no    Guest OS VAS   yes
Secure         HyperVisor VAS    no    SM VAS         no
So, HV has no 'direct' path to Application VAS using standard
memory access protocols.

Date Sujet#  Auteur
1 Oct 24 * Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)387MitchAlsup1
1 Oct 24 `* Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)386Thomas Koenig
1 Oct 24  +* Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)379MitchAlsup1
2 Oct 24  i+* Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)377Brett
3 Oct 24  ii`* Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)376Lawrence D'Oliveiro
3 Oct 24  ii +- Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)1Brett
3 Oct 24  ii +- Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)1Anton Ertl
3 Oct 24  ii `* Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)373David Brown
3 Oct 24  ii  `* Byte ordering (was: Whether something is RISC or not)372Anton Ertl
3 Oct 24  ii   +- Re: Byte ordering (was: Whether something is RISC or not)1David Brown
3 Oct 24  ii   +* Re: Byte ordering (was: Whether something is RISC or not)369Lawrence D'Oliveiro
4 Oct 24  ii   i+- Re: Byte ordering1Lynn Wheeler
4 Oct 24  ii   i+* Re: Byte ordering (was: Whether something is RISC or not)365David Brown
4 Oct 24  ii   ii`* Re: Byte ordering (was: Whether something is RISC or not)364Anton Ertl
4 Oct 24  ii   ii +* Re: Byte ordering5BGB
5 Oct 24  ii   ii i`* Re: Byte ordering4MitchAlsup1
5 Oct 24  ii   ii i +* Re: Byte ordering2BGB
5 Oct 24  ii   ii i i`- Re: Byte ordering1Lawrence D'Oliveiro
5 Oct 24  ii   ii i `- Re: Byte ordering1Lawrence D'Oliveiro
5 Oct 24  ii   ii +* Re: Byte ordering (was: Whether something is RISC or not)13Lawrence D'Oliveiro
5 Oct 24  ii   ii i`* Re: Byte ordering (was: Whether something is RISC or not)12Brett
5 Oct 24  ii   ii i `* Re: Byte ordering (was: Whether something is RISC or not)11Anton Ertl
5 Oct 24  ii   ii i  `* Re: Byte ordering (was: Whether something is RISC or not)10Michael S
6 Oct 24  ii   ii i   +- Re: Byte ordering1Terje Mathisen
6 Oct 24  ii   ii i   `* Re: Byte ordering (was: Whether something is RISC or not)8Brett
7 Oct 24  ii   ii i    `* Re: Byte ordering (was: Whether something is RISC or not)7Lawrence D'Oliveiro
7 Oct 24  ii   ii i     `* Re: Byte ordering (was: Whether something is RISC or not)6Brett
7 Oct 24  ii   ii i      `* Re: Byte ordering (was: Whether something is RISC or not)5Michael S
7 Oct 24  ii   ii i       +* Re: Byte ordering2Stefan Monnier
7 Oct 24  ii   ii i       i`- Re: Byte ordering1Michael S
7 Oct 24  ii   ii i       `* Re: Byte ordering (was: Whether something is RISC or not)2Lawrence D'Oliveiro
8 Oct 24  ii   ii i        `- Re: Byte ordering1Terje Mathisen
6 Oct 24  ii   ii `* Re: Byte ordering345David Brown
6 Oct 24  ii   ii  `* Re: Byte ordering344Anton Ertl
6 Oct 24  ii   ii   +* Re: Byte ordering189John Dallman
7 Oct 24  ii   ii   i+* Re: Byte ordering20Lawrence D'Oliveiro
8 Oct 24  ii   ii   ii`* Re: Byte ordering19John Dallman
9 Oct 24  ii   ii   ii +- VMS/NT memory management (was: Byte ordering)1Stefan Monnier
15 Oct 24  ii   ii   ii +* Re: Byte ordering2Lawrence D'Oliveiro
15 Oct 24  ii   ii   ii i`- Re: Byte ordering1MitchAlsup1
15 Oct 24  ii   ii   ii `* Re: Byte ordering15Lawrence D'Oliveiro
15 Oct 24  ii   ii   ii  +* Re: Byte ordering3Michael S
15 Oct 24  ii   ii   ii  i+- Re: Byte ordering1John Dallman
18 Oct 24  ii   ii   ii  i`- Re: Byte ordering1Lawrence D'Oliveiro
15 Oct 24  ii   ii   ii  +* Re: Byte ordering9John Dallman
16 Oct 24  ii   ii   ii  i+* Re: Byte ordering7George Neuner
16 Oct 24  ii   ii   ii  ii`* Re: Byte ordering6Terje Mathisen
16 Oct 24  ii   ii   ii  ii `* Re: Byte ordering5David Brown
17 Oct 24  ii   ii   ii  ii  +* Re: Byte ordering2George Neuner
17 Oct 24  ii   ii   ii  ii  i`- Re: Byte ordering1David Brown
17 Oct 24  ii   ii   ii  ii  `* Re: clouds, not Byte ordering2John Levine
17 Oct 24  ii   ii   ii  ii   `- Re: clouds, not Byte ordering1David Brown
18 Oct 24  ii   ii   ii  i`- Re: Byte ordering1Lawrence D'Oliveiro
16 Oct 24  ii   ii   ii  `* Re: Byte ordering2Paul A. Clayton
18 Oct 24  ii   ii   ii   `- Re: Microkernels & Capabilities (was Re: Byte ordering)1Lawrence D'Oliveiro
7 Oct 24  ii   ii   i`* 80286 protected mode168Anton Ertl
7 Oct 24  ii   ii   i +* Re: 80286 protected mode5Lars Poulsen
7 Oct 24  ii   ii   i i`* Re: 80286 protected mode4Terje Mathisen
7 Oct 24  ii   ii   i i +- Re: 80286 protected mode1Michael S
7 Oct 24  ii   ii   i i `* Re: 80286 protected mode2Lawrence D'Oliveiro
8 Oct 24  ii   ii   i i  `- Re: 80286 protected mode1Terje Mathisen
7 Oct 24  ii   ii   i +* Re: 80286 protected mode3Brett
7 Oct 24  ii   ii   i i`* Re: 80286 protected mode2Michael S
7 Oct 24  ii   ii   i i `- Re: 80286 protected mode1Brett
7 Oct 24  ii   ii   i +- Re: 80286 protected mode1Lawrence D'Oliveiro
8 Oct 24  ii   ii   i +* Re: 80286 protected mode152MitchAlsup1
8 Oct 24  ii   ii   i i+* Re: 80286 protected mode4Lawrence D'Oliveiro
8 Oct 24  ii   ii   i ii`* Re: 80286 protected mode3MitchAlsup1
9 Oct 24  ii   ii   i ii +- Re: 80286 protected mode1David Brown
15 Oct 24  ii   ii   i ii `- Re: 80286 protected mode1Lawrence D'Oliveiro
8 Oct 24  ii   ii   i i`* Re: 80286 protected mode147Anton Ertl
8 Oct 24  ii   ii   i i +- Re: 80286 protected mode1Robert Finch
9 Oct 24  ii   ii   i i `* Re: 80286 protected mode145David Brown
9 Oct 24  ii   ii   i i  +* Re: 80286 protected mode79MitchAlsup1
9 Oct 24  ii   ii   i i  i`* Re: 80286 protected mode78David Brown
9 Oct 24  ii   ii   i i  i `* Re: 80286 protected mode77Stephen Fuld
10 Oct 24  ii   ii   i i  i  +* Re: 80286 protected mode2MitchAlsup1
10 Oct 24  ii   ii   i i  i  i`- Re: 80286 protected mode1David Brown
10 Oct 24  ii   ii   i i  i  +- Re: 80286 protected mode1David Brown
11 Oct 24  ii   ii   i i  i  `* Re: 80286 protected mode73Tim Rentsch
15 Oct 24  ii   ii   i i  i   `* Re: 80286 protected mode72Stefan Monnier
15 Oct 24  ii   ii   i i  i    +* Re: 80286 protected mode30MitchAlsup1
16 Oct 24  ii   ii   i i  i    i+* Re: 80286 protected mode25MitchAlsup1
16 Oct 24  ii   ii   i i  i    ii+* Re: C and turtles, 80286 protected mode13John Levine
16 Oct 24  ii   ii   i i  i    iii+* Re: C and turtles, 80286 protected mode7MitchAlsup1
16 Oct 24  ii   ii   i i  i    iiii`* Re: C and turtles, 80286 protected mode6John Levine
17 Oct 24  ii   ii   i i  i    iiii `* Re: C and turtles, 80286 protected mode5Thomas Koenig
20 Oct 24  ii   ii   i i  i    iiii  `* Re: C and turtles, 80286 protected mode4Lawrence D'Oliveiro
20 Oct 24  ii   ii   i i  i    iiii   `* Re: C and turtles, 80286 protected mode3George Neuner
22 Oct 24  ii   ii   i i  i    iiii    `* Re: C and turtles, 80286 protected mode2Tim Rentsch
22 Oct 24  ii   ii   i i  i    iiii     `- Re: C and turtles, 80286 protected mode1George Neuner
16 Oct 24  ii   ii   i i  i    iii+- Re: C and turtles, 80286 protected mode1David Brown
16 Oct 24  ii   ii   i i  i    iii`* Re: C and turtles, 80286 protected mode4Paul A. Clayton
17 Oct 24  ii   ii   i i  i    iii +- Re: C and turtles, 80286 protected mode1David Brown
20 Oct 24  ii   ii   i i  i    iii `* Re: C and turtles, 80286 protected mode2Lawrence D'Oliveiro
20 Oct 24  ii   ii   i i  i    iii  `- Re: C and turtles, 80286 protected mode1Paul A. Clayton
16 Oct 24  ii   ii   i i  i    ii+* Re: 80286 protected mode7Thomas Koenig
16 Oct 24  ii   ii   i i  i    iii+* Re: 80286 protected mode2MitchAlsup1
17 Oct 24  ii   ii   i i  i    iiii`- Re: 80286 protected mode1Tim Rentsch
17 Oct 24  ii   ii   i i  i    iii`* Re: 80286 protected mode4Tim Rentsch
17 Oct 24  ii   ii   i i  i    iii `* Re: fine points of dynamic memory allocation, not 80286 protected mode3John Levine
17 Oct 24  ii   ii   i i  i    ii+* Re: 80286 protected mode3George Neuner
17 Oct 24  ii   ii   i i  i    ii`- Re: 80286 protected mode1Tim Rentsch
16 Oct 24  ii   ii   i i  i    i+* Re: 80286 protected mode3David Brown
17 Oct 24  ii   ii   i i  i    i`- Re: 80286 protected mode1Tim Rentsch
16 Oct 24  ii   ii   i i  i    `* Re: 80286 protected mode41David Brown
9 Oct 24  ii   ii   i i  +* Re: 80286 protected mode51Thomas Koenig
13 Oct 24  ii   ii   i i  `* Re: 80286 protected mode14Anton Ertl
8 Oct 24  ii   ii   i `* Re: 80286 protected mode6John Levine
3 Jan 25  ii   ii   `* Re: Byte ordering154Waldek Hebisch
6 Oct 24  ii   i`* Re: Byte ordering (was: Whether something is RISC or not)2Michael S
3 Oct 24  ii   `- Re: Byte ordering (was: Whether something is RISC or not)1John Dallman
2 Oct 24  i`- Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)1Thomas Koenig
2 Oct 24  +* Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)5David Schultz
3 Oct 24  `- Re: Whether something is RISC or not (Re: PDP-8 theology, not Concertina II Progress)1Lawrence D'Oliveiro

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal