|
|
|
Why Was Intel a No-Show on No Execute?
By: Larry Seltzer
2004-05-25
Article Rating: / 0
There are 0 user comments on this Network Security & Hardware story.
Why Was Intel a No-Show on No Execute? (
Page 1 of 2 ) Windows XP SP2 will include support for NX features in newer processors. Why only the newer ones? The CPU companies let us down on this.A big part of the brain surgery Microsoft is performing on Windows XP Service Pack 2 is support for new "NX" features in x86 processors. These features allow software (the Windows OS in this case) to mark certain areas of program memory as non-executable. Since a large number of remote attacks—Blaster and Sasser, for example—rely on executing code from areas not intended to hold executable code, proper use of this feature should prevent a large percentage of attacks.
The processor companies, and I suppose Intel in particular, are getting away a little easy on this. Its all hindsight, but why havent we had this feature for years? Buffer overflows have been a big problem for a long, long time, yet weve barely begun to see CPUs from the x86 world that implement the feature.
According to Microsofts explanation of "Execution Protection," the companys name for NX support in Windows, the whole problem has to do with executing code out of areas of the program, basically the stack and heaps, that are reserved for data. This would generally be considered good software engineering practice anyway, but there are a few applications where it could present problems. For software that must manipulate code in a data area and then execute it, Microsoft provides a mechanism to mark the areas as executable.
The classic example, cited by Microsoft, is a just-in-time compiler, or JIT, most famous in the Java Virtual Machine (JVM). I asked Sun about it, and they said changes were made to the JVM for Version 1.5 to support NX and then they backported these changes to the latest 1.4.2_05 release, to be released this summer. Both the 32- and 64-bit VMs support NX.
But not all low-level software requires changes. I asked Sophos, which makes anti-virus software and also owns ActiveState, maker of Perl. Perl is interpreted rather than JIT-ed, so theres little chance it would have a problem. Their anti-virus products arent affected. Its possible to imagine certain debugger techniques causing problems, but there are workarounds for all these cases, and the tools will all be updated to mark pages as executable.
Next page: Idea not a new one.
|
|
�������xv6(;^+(gEW-eɶĶ<=uҦHHbL�̙_b?�.Kٻ;-@�U*�
w�}Aȥ3&W9)ٟ O�,��Ij}݇P�G�'()o��1m�n�f](� _h���oL,�Q�� tjOt0.Pk< �Z5�7�54o/~e0S�-ڎIQ>)�N�մ�H�m(�P8"t,ZB;"?*B4�m$*oQT|:�XQ=*2tНS�[�BT!|DJ�k4�ʏшIG_a��{+!�X]�D4��ڮq�4]�b'(cO^2j��b㥨��aP`\�9t}�^=
Go&lw��"�ScO$ӡ��NfI%(0��Q#@ڮ�SV�HfFԲ;o� tG
ob=u�ק&Y!
b�S�3Mu��N_GB?�¥0~J
�V�#vR8�E[3Uֶ5�]q?ݙc�oE-2'l"R�
?q7`BaC�J&5\_�-"���ˑ,ftg0�e���ʆ}ʡVWR\=TʇOcrL1-gdTzEÝto4w?һT)UsqS !GA
�mkh[I#ZI;v{>~n_^~;�r ��� AַRߘw`Z�LTQRxf���Rc@G,{B+�oVqW-ÒhZIAv��ina�[�E�4bEUCdN&[m&m}Yf0Zi�C�A+WtW?#�ˠjqw~vrq>y?wN=d/'t: +?9VU'��lxkij�� d�Pp9L+pzr(�~8ܴ$Z7N.; ]Tg�K�`HםBm۲ܾ.BZKE�[ aXY|T͢��4-��I`�o$SNE �-�u��v��P���y۬ M�Z!r)
u%(�7�>hr�
Q@e)#8?�݇I��hJq�䨉kYSl �R揇4| ~ާ�,-|y"�b�r�ݢHPsnS�EI7#DL�<�v�;3�r!DKI��88����gd{�.Ӱ�erq�|Zo֖͉*]X[u5jZl�E?ƴ;]gl�ꎓz�>:AGA�ti�šh4/P7&��h`C:}ҍ;LZ�
'pGbd��x:�Abχ�&
ahMi5
!FAтM�t�T�;n�]`�2��Z��9<=L&���z��Vt���#`���V����GPC!]7$>�(�V�r`{)�qmAl}h`1 >5g�%ɣ�A\IQ�o�g�dSJJds�� 4.gH)AH �=[h��� ]��99�
�łH~ݑ�vZ)J��Pl=!ԑt݁ZfX�fZ1kpBa�"@���s2�iB7��ƉeLH|��B3} HqڛuV<ۢf|a* ,q{r�ׁ�fX8ȣ�=p
�Tf~Yv�Y۶h
|T&](\u�I�J&��k*HY3�j-y6y"N{�
+KM'WQV�{z)5f�+b*q��(>�t�P\O�&ō4�)�BЊO}��lYWn%,joI8�T*�Ұ.�Z)�e�Y
mc-VXt�
jQWtT(:��АTtm6bX�dž��J>!1Ad�/a:(9Lp�o{:�{j`�a�C��%UV��LLY�sX)Z-2{5�k枭l0!.(2n( 这�,�
Yf6<:O]��yh��ugH~vP9���3?磔YTp�$480T�]2�agRhj]Maf(0q�|0�{�s?�9pJ/�]{>,Y\�/�+]5�&@0mE�"}QiNR}�
Ȳ^z`uޤ
R��X%}T5!?CU^ٯV�R�w-"ZT�jUUR;.Z
7;�fAq{ ��8pG#}y�>�W&Ow�Xfe�Q:���~�m��^F39X>>:
'01�2&�Zr�lx\a5G�OO�{)�0v��]����wkq
%\`EY;?Z}n)�rdd8+ѡ,X���r]TՑG7`wo*Q��
�:@�!G:0=Z�,(Y)Y���Թ^S˶+ZЁ P}�̹5u2�XX��``!>�~2F8b&�aj4X[�↪�%}g�/��{/R.4F@�2<"C��8\�vl:��ӁZFB -Қ8�k*a,0r�]X��bbק�$o,�n:p�)LZ��{[�S?B�ւ%V02_DBn�(��}ƾnR�yQrZ':�j}$>JsO�Tgw-FRV�%~YI#'"ZAY_Mkɒ8�khs-p
B0_\Z]T�K0e�zI�MYIzQK CnK�-%./ ^�ذ2z�f�(t]��f1se}faI3N%�`
{iO$#��3�#nƽjCUNKZ^$t`��1۳�"��%1$tpL\'Li7�JղAk JZ8~O�a>&re&k���SHZ9 OYdY.���eժR+�8Ng$��,�$P+ Y�x]!6p�s���^ao`�pP5([xre, ,"z��дJ3y{D;}XTe�&# 111u?|ui`�zՕǩ�S(
L ��$q��!YUi�hj/nL0ƙ0:k^-䴔�Qsֿ8"%mcwys��0�#�ёntx01�vE?N�0+��Ї_YGrL`Q3sG�Q^��9g��o�,
I�Ť}viu?J�6zv>G��w�2SH#�U9+�us-d}ڽzsݖҽN7 �7*e�ˁBV��\b/H4��VB�0F�_Th�)4zu�3xv>8S��j7"EG7%'K;{+��:}kF�џ`
e܃�Ţ.WVz[k'u>�!9�/�ڗ�4rYA$��rF�1xc�`s�AZd~n��eԉ9%2�\ ��{-~=�p��rv��G�P2)B~(IZ;Ũˢ
ݖ2h�9�:)�Oz.ϕp��|Nik'i^VӲQ6T$��4%�44ALN�C]F+d#g�һi]oOpV�H�p.+Rsq綱�<:RpDD2��Csں&�B}XyKOv$Ť�b%h4eW:Bzc���?<-9G�s`:S<5�B@+G䢨��=�aMbݩc3�c�E�)v�R�6S漊�
e�FP'[gY.t0w쯁����8dcd=fcT1;��.`�Y �=w>����aLHM\g���h��o^PD(PQ�~4q4Yxje|S7��kͰ"�#�3��Cӝꖃ(.I߾%/�P
+=Ƃ���=>#��>n�2�}2J�$h��~QϜ�tGzfCY�F=n/ ~/ۻ��}Zؖ[q*ApGzQ%Fc?Y�+xϗiL@�4zG�YsS\QP(X%В>[g_t�CDHf�cTA#ʎSv|vU�s�}0Rio�0��evi/L
jٝ�WYI|�%`�:�A7_�L�LՑ-�=aIщ��5Ƙajݻɜ9)y!É�Xis�,g|=XoHv|Lb'i"9骊v�cbQ<ᨎ, %�='�}ݲ٨Cs���x
P":��ȲI`�|
a�Xc/E9,:i�3 N�eKZ
<:,�˰��Q-$A^�چ&01.�s�ope�� HP;�JG�l+�Vv\;Ē4�ƤS-v�˵d�\@S�o2U�ޮ8n*I�=USaA5Nz`s1Kj%4{\Lkү1"`y66\�9R&rByt֦} )r=�߬ij�_��Q4u�&.z8ɀXL\0iDkJB`G({��1Y� Y�D+^6o4j5U)`R2�n �)sgEl�)*5PG)шs֏vT91h�bV~F(G�'�RAΤ'P}X�;TΊˬ�Z~>�G$i�H�-a̔Z q��Y�Q�G)#i+i_�"R<͗BX%aUx~�
Z>ð�V[�Ƒ#q��u"�I<�_IVԫ�y*;�Q��XT$o �z��|+.|5"DoĴ좕eҫ뷋٘J7zhL3}.mK't��s�V$",�$qͯK+m2�
H57�i�n=ן�g"-;:m(3~�:�̖),�D� izR� �}e�֎DpnV~'FKJYR�ek1�U�Vzԑz�!>wb�\YO9 '�k�=}�|#E]UNYRkrJ�։��Ӭӗ0�suɘ"�-�y'ơ�~(Kh6v0J/�
I00�%f6+�a �;�$JMҶ_koΧ:tʈ?H`]��r|}}]�DV=TVfl�0$�?�I�ȯΚ}.IbOx7,�Qu�Gd�q_2�ץ8�Ewy1y1y1y1�/VQK/b&
-�[j_#Y\s/L�s��V%,UX*k:.��L;�9*?}%C
V9Ո4W?r|^{vڒz3+4>(�;bi�Ý5t6PDՈFxM6�ݛ0kn*X7gֽ��t�gAZM+k4NWO/ڱ6�=ͭn9W�x/��t{*BI5�O�I5�V#m7��l0kn*XV_w�'�h5�H"-1�*媲fd���8+!ћmn[r}+n�K77qCi�[g�Q`��h/rsQj^.qo3333_��$�Xg]jfH���_]�DžIgE=q�JH\$uOfA�_VnB7܄^ssۏ�ܠ�IW�h*�]5v\&� kJX5�Ualf�a�+<Փ%�oEX!XA~P*aUc�%
�FnƮ��BS<꘤&`6NGYѬpEuua�xY�2oY�~軞*h� L��@rGi]
I꒨.�ĺ��X+oF;i*}�0*�+OH��̋S8c4g &tݯP3oo7\;�aN�3uL P>�Ph.�t),�+'5}v`z�܅.�
z!(2@44kIY'd\ZIHg�cS8O�hƊ8eYXg�73_
��O5T�O�"�GK)z^ukפ��|:xڟϠ)8�eSU�xՂm^_V �$q�%y�0ZX�'��at�wk1DKb\�Gj�w�/Q5F�>d���Dt�fq�6y6G�f�A�'r�я"k@9�
es�^7>k_A'-g-jgϡ6
X ��Ϟ|D3*�I7!~^G%H�c�uw[�DF/*x�T��ݥ1eSNYl.p�ì?`�C?P'}fɷKFw1Vc�M2Q�ȏ�aƥJ^`M=�u'<~/� �&ТC>ybuI�ɤ�Q?̣O�x8�n
-r�=��Vq�4��Ib œGg�'6aU13ʉmOG8x�EMq`$^b+�\���VM!�AaD0���a��B6��Wy�}�'Dq�v�Jz@Yi��A#샒�=�%x�m#!,q#Dw��$�G?Ñ:(-~V��AX�E"b֪��Y�"�'"�KI㍯H *]Q|�`tl?��Q�X2`6K
ʹ<8?%ԣ<_Q8gFS�Y�h9e.�cjFWi5P]-O?�P/���]ZX,:Ȓ~Wx��q/=! c%TAN9=�S�5��_�RUBI�s3sCqɗ5&@
76L}YŠ�+@��B/k&R/k]��,s36Y<5�7SYz�Z<1xfE'j*�da0u~�G
1���1[TSvXƉ�KYX�k<<, LЭ%b�r!7z�bn@�H"aTb�(c�U��� o�I_�YP�,(Ϗpk2�ꥦH0^�eifp�xJOg��ךS��a|L�S8l��0u�9,2us�x\fH֎�:cRBG<_�D1�ka]M,#>0�x9�Z
�_W�VjMDO"ӁRsF|;IXU+3?�(^;
;Uea�=M镬B*�^���Ȉq~��w�@�0>6#&Dw�sFкBλEomt;;krҾ$lkEߢֳQwIiy}s۹cf�fbv>4m^+LJrY:2 6Sf�r?�sm.4�/"Ǹ́W.�}UX\�mԝ�_ϟE~Rv�}Y
Q��BoNi�11�s:;mzZ>R[�Ae�Y7'>;ȩkh��*&N^�^[�+�!(8iz47a\nq���4ħeOB32yT}Qu xgxs_/9o-L]�9ߟ�
9O@�|O�B}弇uru{'?
͟{9/_��05r
_�^
sC+*�+ϫ��O�?9/E缿W9a|s�:G~asƯ��_9�&?nMN[���{/�>_?\�ק��?�>�9~w.=]�Aw9�_zy�ru�S)�B$_*U�yk Oya u}�3tz/nvs
؛�:WK?r�z9^�}IAV&/Yz]!,.5P��[k+/YSݲ�I �6
r�i@Lwe<_[nNJ>K\ȜHdZc+mF�D�g}}Nk>��
#r
75ik�ŭxg?9/�ydֺ+�#B�AfПb
5y?&OtVf
��4;)���bi3q*��7ýEy�2�W8�0׀�[Nx�
j�g
>O?v_o�Ҿn]�nZ�36J쓭Æ>a#^*��B8D�#w_a�%1z�I<�0�vS]3tcBMb�WCդJ#��mLH|7v1�90l�cH�͆Rie�jR�ߓFn٭0q����z@�b�3jJMN��lժa\��,y����^9�Qx�`26UF`��Ԋ�z!O b&Gh8[閾h��=J�^>!O�^
]ʘH,$Nj�æJጽND�ʑ�$`
�f�A0Jb/�c{��z3�7qH{``��s~fͬf���fж!�a�%v[F8lS�.гAН' ?�3IDyA��İG�9�Юǣc7ˡ�B�~�22��VH'e�B��r&ߢ5zF���T2A�[hI)��_3˸�
[5lZ#jXMr3�X\vN$w/�a-yyD\`b���C�o���QQ�s�溼)t��9�DwMG�$0y."��że�@��N_8#�ş��L��VM�^x[s�I��JxLk�2�Shn3E ��~9��m
:��И�Y�CÂvs��O��FW7BItw�1ldA(we6L6���u�;ݙ)a,<�T#0�?���u+6�a`类Ɲ�ZFW%�O^�!��M�E:5x]$gV``5��v'tEu<,ųBLSr�2
����deF`%41���n/�K˙=IcJ]��cG��6{Nz�̄0Qtemr�H+l��x$Qd�I'�;=�y
�0t{'�sr��$Y��y`�_GFb��3+M�GVj�*u>w iᖇ�:4�W.o�){+*1¢�4�u;7eԦu"vnHϵg
=8��Y0D00�Y��~l'PU�E0P=CfBG!^F�AR$�~�hBX�[�-ɿع+˜2J1Д8v2#OA3r
�ϭ�e[� |kc'p�g�!-X�0��3�<ձw
�`7@#>&�rd{Go�^jSsL%^�HPWWݞO�,�/Xo}�8j��/�dzl�}�π!XsCQ�&w`
�}ݟEH�ˍt�d/�An�Kl�
6-�-��`ꚈmF�6M:mLepw���Sv�����K�?93_�(@P�W�9�c�X_EڵlA�t
��] D
oݍüжJ7�:" 7]!Kb� +C>b]R>ǔK�
]'[٧3�й?-Rt/���v�!�_�,/�{ �QIb�V,9N]]Tjãō
,Wd<=ԭ}>p9<Щ0TM.vjw�ܔ�uFD]�hT4X�%
*�7�
��k'oym/D]E>*�Ѝ5�&igNb�kc��b@xV��m{~k�#'>f
g~sxsv!}đ7,,�d[Z']ZEQhXr�=�E"O
�q~ ��f�$f��E1[�Rj8gIn�~ӧ�f<�4W�6IĶq��y�tc~ږ10#rzsjՀa]MvzU.\�Z-12eo,/`kV�"�N�y�'E��=�!a5>g~C�%�9��:q0>~0?�rX)>�ٔe7,s�ѷ`=�U`0�Z�.<'�,�xR
Y*-f�1%D$8ґCCԞB*>e3aC7Dn0Br�d[Hڅ�u�c�\j���೨b�//bA-xr&r*�_x�D4�Nb�b36Ҝ%!toY��B*K�+w:;\L�z�C%ȕ/g�5F#|�oU��AYfCժZ-�N��i|�܊�#iQg8&rYO�rս{��7
D^4�mJPU&s)c�M�Wf\(MCS929gv�?,MM.4a-d
|
Network Security & Hardware 
