I am biased here. This is exploring a new primitive. Prefer to see where this takes us rather than waiting for a long term perfect thing.
-
-
Replying to @acar_can @CopperheadOS
Hardware shouldn't even be involved. It's about grasping at ways to monopolize the cpu/isa market, not protecting users.
2 replies 0 retweets 0 likes -
Replying to @RichFelker @CopperheadOS
Thank you for knowing my goals and motivations better than I do. They may be different than
1 reply 0 retweets 0 likes -
... the reasons for ARM to pick them up. Still it is an exciting primitive and hopefully fills a gap.
1 reply 0 retweets 0 likes -
Replying to @acar_can @RichFelker
It's a probabilistic mitigation in direct conflict with an existing probabilistic mitigation for entropy. Improving one hurts the other.
2 replies 0 retweets 1 like -
Replying to @CopperheadOS @RichFelker
It actually works pretty well with all forms of ASLR. Did you have something else in mind?
1 reply 0 retweets 0 likes -
Replying to @acar_can @RichFelker
It doesn't work well with ASLR since ARM64 currently has quite weak ASLR and fixing that would mean taking away bits from this new feature.
2 replies 0 retweets 0 likes -
Replying to @CopperheadOS @RichFelker
11 bits is enough for PA. ASLR can have its 52 bits if it can afford the extra page table memory.
1 reply 0 retweets 0 likes -
Replying to @acar_can @RichFelker
The address space is still capped at 48 bit, no? That leaves 47-bit for userspace which is 35-bit in terms of 4k pages rather than bytes.
2 replies 0 retweets 0 likes -
11 bits means an 1/2048 chance of bypassing it simply by guessing. At least it's not as bad as the KASLR entropy.
2 replies 0 retweets 0 likes
Or: attack 1 billion devices, not caring which 2 million you pwn...
-
-
Replying to @RichFelker @CopperheadOS
This is in the context of having strong ASLR and a 52 bit address space. PA adds bits ASLR can not use otherwise.
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.