AMD Could Profit from Buffer-Overflow Protection

spin2cool writes "New Scientist has an article about how AMD and Intel are planning on releasing new consumer chips with built-in buffer-overflow protection. Apparently AMD's chips will make it to market first, though, which some analysts think could give AMD an advantage as the next round of chips are released. The question will be whether their PR department can spin this into a big enough story to sell to the Average Joe."

They are NOT protecting against overflows

They are protecting the pages marked as code from the data pages. Code could still overflow, but not use that to execute arbitrary code in the pages marked as data(or non-executable).

Re:Linux support

[TheRealFoxFire]

It will likely be in their architecture manual. The summary of the protection is that it allows the OS to mark pages of virtual memory with a No Execute (NX) bit. Attempting to execute any instructions from such a page would cause a trap to the OS.

An OS would then use this to mark pure data page and areas like the stack as NX so that overflowing datastructures doesn't allow arbitrary malicious code to be run.

Re:AMD needs better marketing

[Vancorps]

AMD processors have both of those features. AMD has done well at matching Intel feature for feature. Take a look at Opteron for servers. It doesn't help right now that there are a lot of Intel boards that shipped defective. I was replacing backplanes for a solid month just before the New Year. The latest Xeon's really aren't that impressive either. There was a time the Xeon was an incredible processor worthy of running a NOC but now they are hot enough that Opteron and other players look real nice again.

Re:what a drag

[paranode]

Exactly. OpenBSD 3.3 already came with this feature in May 2003.

"W^X (pronounced: "W xor X") on architectures capable of pure execute-bit support in the MMU (sparc, sparc64, alpha, hppa). This is a fine-grained memory permissions layout, ensuring that memory which can be written to by application programs can not be executable at the same time and vice versa. This raises the bar on potential buffer overflows and other attacks: as a result, an attacker is unable to write code anywhere in memory where it can be executed. (NOTE: i386 and powerpc do not support W^X in 3.3; however, 3.3-current already supports it on i386, and both these processors are expected to support this change in 3.4). "

Re:AMD needs better marketing

[Vancorps]

Well just last night my AMD based laptop shut off on me because it got too hot, something stuck in the fan.

As for the other features you mention. You are comparing Desktop processors and server processors. You might note the lack of the Opteron processor in the third party tests you linked to.

Bout two months ago someone came to me with a motherboard and processor, Athlon XP 2600+. They couldn't get it to boot. I took one look at it and realized the heatsink was on backwards, it shut it self down as soon as it got hot enough. I put the heatsink on correctly and the thing booted right up.

As for the PCI locking its a bit harder to vouch for since I don't see a whole lot of information about it, but I sure do recall seeing tests involving the Opteron, if I could find it right now I would, except I'm on dialup now for the first time in six years and its annoying the hell out of me.

Re:AMD needs better marketing

[Loki_1929]

"I for one had trouble for a while remembering" ... remembering a lot of things.

Like the PIII Coppermine CPUs that wouldn't even boot sometimes.

Or the randomly rebooting PII Xeons.

Or the voltage problems with certain PIII Xeons.

Or the memory request system hang bug in the PIII/Xeon.

Or the PIII's SSE bug whose 'fix' killed i810 compatability.

Or the MTH bug in the PIII CPUs that forced Intel customers to replace boards and RAM.

Or the recalled, that's right, recalled PIII chips at 1.13GHz.

Or the recalled (there's that word again) Xeon SERVER chips at 800 and 900MHz.

Or the recalled (that word, AGAIN?!) cc820 "cape cod" Intel motherboards.

Or the data overwriting bug in the P4 CPUs.

Or the P4 chipset bug that killed video performance.

Or the Sun/Oracle P4 bug.

Or the Itanium bug that was severe enough to make Compaq halt Itanium shipments.

Or the Itanium 2 bug that "can cause systems to behave unpredictably or shut down".

Or the numerous other P4/Xeon/XeonMP bugs that have been hanging around.

Yes, I did consider the possibility that there might just be some basis for the belief that Intel's products are superior. Having considered that, in light of the mountains of evidence to the contrary, I shall now proceed to laugh at you.

Ha ha ha.

Now go away, or I shall mock you again.