There is no best data security, only stronger

jobszheng5

There is no best data security, only stronger [Copy link]

<div class='showpostmsg'># Data security is not the strongest, only stronger Vulnerability attacks were often heard in the early years. When I was in college, I only heard about stealing QQ numbers and personal information. With the promotion of real-name registration in recent years, some people no longer need to go to such great lengths to obtain personal information! Some text is omitted here to prevent the post from being deleted. After reading the chapter "Security Vulnerabilities", I was still shocked. From the original brute force cracking, it has been upgraded to side channel attacks. It feels that this side channel attack can solve all "problems", monitor physical radiation, power consumption, etc., especially radiation, how to avoid this? The high-speed cache added between the CPU and the memory in the computer composition principle in order to obtain instructions faster, but it has been exploited by some people. Simply put, when the program runs to the command judgment statement, since the attacker does not know the command, the command judgment fails and the program exits, but due to the CPU out-of-order execution, the confidential data called out after the command may be loaded into the memory or high-speed cache. This also gives the attacker an opportunity. ## KPTI technology In order to solve the above problems, the Linux kernel design uses KPTI technology. KPTI technology separates the page table used by each process into two pages - kernel page table and user page table. When the process runs in user space, the user page table is used. When the user program enters the kernel state, the user page table is switched to the kernel page table through a kernel springboard program. When the process jumps back to the user space from the kernel space, the page table is switched to the user page table again. From the working principle above, it can be seen that when the process runs in user state, the kernel page table only contains the springboard page table, and other kernel spaces are invalid mappings, so the process cannot access the data in the kernel space. For the ARM64 architecture, the kernel page table establishes a springboard, which stores information such as the exception vector table required to jump from user state to kernel state, and the mapping of other kernel spaces becomes invalid mapping. Therefore, when the user state accesses the kernel space address, the MMU can check that it is an invalid mapping, so the data in the kernel space cannot be pre-fetched in advance during out-of-order execution. Seeing this, I have awe of data security. It seems that I can't do anything in my own application project. In subsequent projects, strengthen data security precautions, encrypt encrypted data, and do not save plaintext data. The more I learn about the Linux kernel, the more I realize my shortcomings. I will continue to learn and practice in my future work. Come on!</div><script> var loginstr = '<div class="locked">To view all the contents of the post, please <a href="/bbs/member.php?mod=logging&action=login" style="color:#e60000" class="loginf">log in</a> or <a href="/bbs/member.php?mod=register_eeworld.php&action=wechat" style="color:#e60000" target="_blank">register</a></div>'; if(parseInt(discuz_uid)==0){ } </script><script type="text/javascript">(function(d,c){var a=d.createElement("script"),m=d.getElementsByTagName("script")[0],eewurl="//counter.eeworld.com.cn/pv/count/";a.src=eewurl+c;m.parentNode.insertBefore(a,m)})(document,523)</script>

秦天qintian0303

I feel like this side channel attack can solve all "problems", but it needs to be done by professionals.

hellokitty_bean

User state and kernel state are the contents of the operating system, right? Data security should be a concept at another level, right?

How come the host confused me?

jobszheng5

Qintianqintian0303 posted on 2024-5-2 19:42 I feel that this side channel attack can solve all "problems", but this also requires professionals to do it

I think so too. Equipment that can collect electromagnetic radiation is very professional.

It can also reduce noise, separate, and then match and restore these data. This technical strength is also national-level.

jobszheng5

hellokitty_bean posted on 2024-5-2 20:43 User state and kernel state are the contents of the operating system, right? Data security should be a different level of reference, right? How come the original poster is confused?

Understand it this way: Due to the protection of the kernel, your program cannot access the memory data of other programs, because under the management of MMU, the kernel does not allow you to access the content of programs other than yours. However, the kernel state can see the content of all user programs. If you use an attack to see the data content of other programs in the kernel state, then you can "control" other programs.

hellokitty_bean

jobszheng5 posted on 2024-5-5 10:17 Understand it this way: Due to the protection of the kernel, your program cannot access the memory data of other programs, because under the management of MMU, the kernel does not allow you to access non-...

Hmmmm... This one is a bargain...

Attacking from this level is really awesome.

jobszheng5

hellokitty_bean posted on 2024-5-5 21:22 Hmmmm... This is a bargain... Attacking from this level is really awesome

After looking at the KPTI technology, the kernel has now blocked this vulnerability.

But it sounds so high-end.

hellokitty_bean

I saw a new term again.
I quickly looked up KPTI, and it turns out to be: Kernel page table isolation

Ah, it may not be very useful to experienced security professionals, but it is very profound to newbies.