T239: Difference between revisions
Document existence of XOM |
m Memory Encryption caveat |
||
| Line 28: | Line 28: | ||
It is likely that encryption is tweaked on a per-physical-address basis. So, an attacker with control of the external memory bus cannot e.g. relocate data from one address to another. | It is likely that encryption is tweaked on a per-physical-address basis. So, an attacker with control of the external memory bus cannot e.g. relocate data from one address to another. | ||
There is no memory authentication, however. So in the event of external memory tampering, the CPU will read back garbled plaintext (effectively, random bytes). | There is no memory authentication, however. So in the event of external memory tampering, the CPU will read back garbled plaintext (effectively, random bytes). Although, it should in principle be possible to "replay" earlier values from a particular address. | ||
=== XOM (eXecute-Only-Memory) === | === XOM (eXecute-Only-Memory) === | ||
At present it is unknown if/where XOM is used, but the hardware does support it. | At present it is unknown if/where XOM is used, but the hardware does support it. | ||