Vulnerability Development mailing list archives
Re: ppc asm
From: KF <dotslash () snosoft com>
Date: Thu, 29 Nov 2001 18:31:39 -0500
I have heard the the use of fork() can also help with a dirty instruction cache... does anyone else have any insight on this? -KF
One thing I've noticed on ppc is that when you write to the stack, you're really writing to the data cache. Then when execution begins, the instructions are fetched from the instruction cache -- which isn't always the same as what you put into the data cache. I'm not saying that a xor decoder won't work, but you'll probably need to include a series of cache sync instructions (dcbst,sync,icbi,isync?). There may also be issues when using a multiprocessor box or a 64bit box. More information on this can be found in the "PowerPC Microprocessor Family: The Programming Environment" chapter 5. This book is available in pdf form at: http://www-3.ibm.com/chips/techlib/techlib.nsf/techdocs/852569B20050FF778525699600719DF2/$file/6xx_pem.pdf -- Troy Bollinger <troy () austin ibm com> Network Security Analyst PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
Current thread:
- xor encoding / decoding of shellcode KF (Nov 28)
- Re: xor encoding / decoding of shellcode Ryan Permeh (Nov 28)
- Re: xor encoding / decoding of shellcode blitzkrieg (Nov 28)
- Message not available
- Message not available
- Re: ppc asm KF (Nov 29)
- Message not available