> The idea is not to create "custom CPUs" but to have our modification > picked up by major vendors. Er.. > Clearly there is interest in applying > hardware to solve security issues based on the latest press releases > from AMD that AMD chips include buffer-overflow protection (see > Computer World, January 15, 2004). Whoa, hold on. What these vendors are doing to their cpus is not on the same scale as what you are suggesting. In this regard, all AMD has added (to the amd64) is a per-page non-executable bit. In PAE mode, bit 63 of the PTE becomes a NX bit. This is not really all that new. sparc v8, sparc v9, alpha, and hppa have had this for a very long time. The motorola 88k is also capable of this, due to the split mmu handling. In general cpus like mips, vax, m68k, and powerpc cpus are not capable of it. Some cpus with split code & data tlb's are -- if they have software tlb load mechanisms -- and some arm cpus fall into this catagory. But performance can suffer significantly if the mechanims are poorly designed. Some operating systems make use of this. Such as OpenBSD, for .. what.. 2 years now.. Now why is this not the same as yours? Even though we have an entire operating system modified to operate with as many non-executable page as possible, we still consider this a weaker protection mechanism than gcc propolice. However these two very cheap mechanisms can work together to improve resistance; fewer bugs can be exploited to control flow. By the way, I am pleased to say that my research has shown that the AMD PAE NX bit will work in 32 bit mode. We are trying to make modifications that will permit OpenBSD to use it.
