Re: Preventing Pentium Deaths

Michael Riepe (michael@stud.uni-hannover.de)
Tue, 11 Nov 1997 03:41:47 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Steven N. Hirsch: "SMB testing"
Previous message: Mordechai T. Abzug: "[2.0.31] Serial module irregularity"

On Mon, Nov 10, 1997 at 06:42:41PM -0500, John Wyszynski wrote:
[...]
> (1) if (euid == 0) then the page is valid
> (2) if (group #xxx is in the group set of the process) then the page is valid
> (3) scan the page for for the magic opcodes, including the edges of pages if
> instruction crosses passes it.
[...]

You're missing the point. Scanning for the F0 0F C7 C8 sequence will
not work - one can e.g. calculate it from other values:

movl $0x3738f00f,%eax
notl %eax
movl %eax,some_variable
...

is just one simple example where the "magic bytes" are not found by a
memory scan. So why waste time?

-- 
 Michael "Tired" Riepe <Michael.Riepe@stud.uni-hannover.de>
 "All I wanna do is have a little fun before I die"

Next message: Steven N. Hirsch: "SMB testing"
Previous message: Mordechai T. Abzug: "[2.0.31] Serial module irregularity"