Comment by mike_hearn
3 days ago
Oracle Labs has tech that does that:
https://youtu.be/T05FI93MBI8?si=EieFgujaGiW2gbO8&t=958
The trick is to do a cascading disassembly of all untrusted code you'll execute to prove it can't change the MPK register.
3 days ago
Oracle Labs has tech that does that:
https://youtu.be/T05FI93MBI8?si=EieFgujaGiW2gbO8&t=958
The trick is to do a cascading disassembly of all untrusted code you'll execute to prove it can't change the MPK register.
Wow. Neat trick and exactly the kind of thing I was looking for.
Thanks!
EDIT: Looks like this is the relevant paper from the Graal team: https://www.graalvm.org/resources/articles/binsweep.pdf