DOCSLIB.ORG

The Cake Is a Lie: Privilege Rings As a Policy Resource

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
The Cake Is a Lie: Privilege Rings As a Policy Resource The Cake is a Lie: Privilege Rings as a Policy Resource Sergey Bratus Peter C. Johnson Michael E. Locasto [email protected] [email protected] [email protected] Ashwin Ramaswamy Sean W. Smith [email protected] [email protected] ABSTRACT Linux Vservers, Solaris Zones, and BSD jails take this a step Components of commodity OS kernels typically execute at further to separate groups of processes from one another. In the same privilege level. Consequently, the compromise of these systems, the kernel data structures that describe a even a single component undermines the trustworthiness of process (e.g., Linux’s task_struct or Solaris’ proc_t) and the entire kernel and its ability to enforce separation be- the various objects it creates are extended with a context tween user-level processes. Reliably containing the extent of label; the kernel consults rules governing these labels before a compromised kernel component is a problem to which few performing system calls. practical solutions exist. This approach to isolation appears to work well for user- While many approaches have been proposed to reduce the level process separation , but it does not provide any degree need to trust large portions of the kernel, most of these of kernel-level separation in case of a kernel compromise. approaches represent exotic reorganizations of the hardware Once malcode gains access to kernel privileges (such as the or OS kernel that are either not applicable to commodity ability to read and write raw kernel memory), the kernel can systems or are relatively complex and difficult to debug in no longer guarantee correct operation. Although kernels can their own right (e.g., microkernels). be hardened with various monitoring and protection mech- We propose simple, natural modifications to commodity— anisms, the problem of“protecting ring zero from ring zero” x86—hardware that enable vertical isolation down through is notoriously hard. the kernel without the use of virtualization or major OS A recently re-popularized approach to achieving kernel- rewrites; specifically, extending and reinterpreting the x86 level separation utilizes a hypervisor: a reference monitor segmentation mechanism, extending the existing Current executing beneath the OS kernel to intercept and govern I/O- Privilege Level and Descriptor Privilege Level fields. We be- related operations [8, 9]. Widely considered more trustwor- lieve our proposal is a compelling alternative to traditional thy than general-purpose OS kernels due to their smaller size virtualization because the hardware virtualizes permissions, and limited functionality, hypervisors arguably just push the not I/O. problem of separating data between compartments lower, albeit into a smaller TCB [14]. Unfortunately, hypervisors have grown into sizable beasts themselves, where security is Categories and Subject Descriptors less easy to verify. In addition, hypervisors introduce an- B.7.1 [Hardware]: Types and Design Styles-Gate Arrays; other layer of protection and policy that is less intuitive to C.5.0 [Computer Systems Organization]: Computer Sys- programmers. tem ImplementationGeneral Taking the idea of data protection and isolation a step further, neither hypervisors nor the traditional UNIX pro- General Terms tection model allow a process to protect user data from code executing within the same process context. Under the tradi- Security tional model, from the point of view of integrity protection, all user data is created equal: no user-level data structure 1. INTRODUCTION can be protected more than another. Unfortunately, there Commodity operating systems typically provide isolation is no generic mechanism for relegating the security of user between user-level processes by placing each into a separate data (e.g., for cryptographic keys, linker tables, etc.) to the virtual memory context, between which the kernel enforces kernel; those requiring such security are welcome to write IPC and file system access restrictions. Mechanisms such as their own kernel modules and define their own APIs. We see these two areas—intra- and inter-process isolation— as related, despite the fact that they do not appear to be treated as such by existing systems. In light of this obser- Permission to make digital or hard copies of all or part of this work for vation, we propose a simple hardware solution to maintain personal or classroom use is granted without fee provided that copies are separation between processes, kernel components, and even not made or distributed for profit or commercial advantage and that copies compartments within a single process, even if one of those bear this notice and the full citation on the first page. To copy otherwise, to compartments is compromised. Our design extends and rein- republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. terprets the Current Privilege Level (CPL) and Descriptor VMSec’09, November 9, 2009, Chicago, Illinois, USA. Privilege Level (DPL) bits in the x86 segmentation mecha- Copyright 2009 ACM 978-1-60558-780-6/09/11 ...$10.00. nism, which have long been part of 32-bit x86 architecture (since at least i386), and should therefore be familiar to pro- cessor designers and straightforward for them to implement. These extensions are a novel hardware feature we be- lieve would significantly improve isolation support in com- modity systems at a comparatively small OS software (re- )engineering cost. We stress that, in itself, this proposal does not suggest a new operating system design paradigm in the spirit of microkernels, capabilities, or hypervirtual- ization. Rather, it is an attempt to find a “hardware game- changer”that poses only reasonable OS software engineering Figure 1: Cake visualization of existing x86 segmen- challenges — that is to say, challenges which we know can tation mechanism: malware crossing the barrier into be solved in practice without sacrificing too much perfor- the kernel is able to affect other processes. mance or undertaking extensive changes in the kernel code base. Even though we cannot comprehensively review them within the scope of this paper, we acknowledge many recent advances in securing operating systems as a motivation, and We visualize the separation achieved by x86 segmenta- we review some of the most related work (e.g., Nooks) in tion as a two-layer cake sandwiching the system of call gates Section 6. (Figure 1). The top layer is the user level, with processes separated by (kernel-enforced) vertical cuts stopping at the 2. X86 SEGMENTATION layer boundary. Malware infecting a“slice”of this cake can- not access data or interact with code across cuts. If, how- Operating system security in UNIX is, historically, closely ever, the malware manages to cross from the top later to tied to the kernel’s ability to keep processes separate, and the bottom (the kernel), it is free to burrow as it pleases. the inability of processes to breach the user/kernel barrier We note that mechanisms like SELinux, Linux Vservers, and outside controlled and well-defined interfaces. The former Solaris Zones do not provide a game-changer in this respect, is achieved by placing process context structures under the either. kernel control and the latter is enforced by limiting ingress X86 segmentation provides a horizontal separation be- points to code running with kernel privileges (i.e., call gates). tween user processes and the kernel—traversed via closely- In an ideal world, these together ensure that no process can guarded call gates—and the kernel is depended upon to en- act on another process’ data except via mediation by trusted force separation between user processes and to provide data code. integrity guarantees. Unfortunately, this horizontal separa- The x86 architecture provides so-called privilege“rings”to tion is insufficient if a user process gains supervisor privi- achieve this protection model, the enforcement of which is leges (i.e., CPL=0), either through a direct kernel barrier at the level of memory“segments”. A description of the x86 breach or via other mechanisms such as by sending a mal- segmentation mechanism and associated protections follows. formed network frame that exploits a vulnerability in the In x86 protected mode, all memory references are subject kernel network stack, allowing it to modify both kernel and to a two-step conversion: from “logical” address within a user data willy-nilly. While we would like to believe that segment to “linear” address within the process’ virtual ad- the user-kernel barrier is solid, experience teaches us to not dress space, then from linear to physical address via the page depend on it. table system. Each segment is described by a segment de- scriptor, which includes a two-bit descriptor privilege level (DPL). On all memory references, the DPL is compared to 3. VERTICAL ISOLATION the two-bit current privilege level (CPL); if CPL > DPL, We begin by proposing that the CPL and DPL check-and- the reference causes a general protection fault, disallowing trap condition should verify equality, instead of the implied access. CPL and DPL values are directly analogous to the ordering of levels that exists currently. This reinterpretation four x86 rings. would create 4 sibling isolated security contexts rather than Segment descriptors are stored in two types of tables: the the 4 security levels that the current x86 measurement logic global descriptor table (GDT) or one of many local descrip- (i.e., total order on the 2-bit values) provides. In fact, by tor tables (LDTs), both of which have DPL=0, thereby pre- imposing partial orders we could create and enforce more venting user processes (CPL=3) from manipulating descrip- complex relationships between contexts (such as those of tor privilege levels. (Each local descriptor table has the dis- lattice-based Bell-Lapadula and Biba models). Of course, tinction of being described as a segment unto itself.) In- providing only 4 security contexts is limiting, therefore in structions generally run at a CPL matching the DPL of the addition to reinterpretation, we also propose extending the code segment; the CPL can only be changed when program width of these fields.
Load more

Recommended publications
  • Geekos Overview
    CMSC 412 GeekOS overview GeekOS Overview A. Udaya Shankar [email protected] Jeffrey K. Hollingsworth [email protected] 2/12/2014 Abstract This document gives an overview of the GeekOS distribution (for 412- Spring 2014) and related background on QEMU and x86. It describes some operations in GeekOS in more detail, in particular, initialization, low-level interrupt handling and context switching, thread creation, and user program spawning. Contents 1. Introduction ..................................................................................................................................................................... 2 2. Qemu ............................................................................................................................................................................... 3 3. Intel x86 real mode .......................................................................................................................................................... 4 4. Intel x86 protected mode ................................................................................................................................................. 5 5. Booting and kernel initialization ...................................................................................................................................... 8 6. Context switching .......................................................................................................................................................... 11 6.1. Context state .............................................................................................................................................................
    [Show full text]
  • Nessus 8.3 User Guide
    Nessus 8.3.x User Guide Last Updated: September 24, 2021 Table of Contents Welcome to Nessus 8.3.x 12 Get Started with Nessus 15 Navigate Nessus 16 System Requirements 17 Hardware Requirements 18 Software Requirements 22 Customize SELinux Enforcing Mode Policies 25 Licensing Requirements 26 Deployment Considerations 27 Host-Based Firewalls 28 IPv6 Support 29 Virtual Machines 30 Antivirus Software 31 Security Warnings 32 Certificates and Certificate Authorities 33 Custom SSL Server Certificates 35 Create a New Server Certificate and CA Certificate 37 Upload a Custom Server Certificate and CA Certificate 39 Trust a Custom CA 41 Create SSL Client Certificates for Login 43 Nessus Manager Certificates and Nessus Agent 46 Install Nessus 48 Copyright © 2021 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trade- marks of Tenable,Inc. Tenable.sc, Tenable.ot, Lumin, Indegy, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective Download Nessus 49 Install Nessus 51 Install Nessus on Linux 52 Install Nessus on Windows 54 Install Nessus on Mac OS X 56 Install Nessus Agents 58 Retrieve the Linking Key 59 Install a Nessus Agent on Linux 60 Install a Nessus Agent on Windows 64 Install a Nessus Agent on Mac OS X 70 Upgrade Nessus and Nessus Agents 74 Upgrade Nessus 75 Upgrade from Evaluation 76 Upgrade Nessus on Linux 77 Upgrade Nessus on Windows 78 Upgrade Nessus on Mac OS X 79 Upgrade a Nessus Agent 80 Configure Nessus 86 Install Nessus Home, Professional, or Manager 87 Link to Tenable.io 88 Link to Industrial Security 89 Link to Nessus Manager 90 Managed by Tenable.sc 92 Manage Activation Code 93 Copyright © 2021 Tenable, Inc.
    [Show full text]
  • SOS Internals
    Understanding a Simple Operating System SOS is a Simple Operating System designed for the 32-bit x86 architecture. Its purpose is to understand basic concepts of operating system design. These notes are meant to help you recall the class discussions. Chapter 1 : Starting Up SOS 3 Registers in the IA-32 x86 Architecture BIOS (Basic Input/Ouput System) Routines Real Mode Addressing Organization of SOS on Disk and Memory Master Boot Record SOS Startup A20 Line 32-bit Protected Mode Addressing Privilege Level Global Descriptor Table (GDT) More on Privilege Levels The GDT Setup Enabling Protected Mode Calling main() Chapter 2 : SOS Initializations 10 In main() Disk Initialization Display Initialization Setting Up Interrupt Handlers Interrupt Descriptor Table (IDT) A Default Interrupt Handler Load IDT The Programmable Interrupt Controller (PIC) The Keyboard Interrupt Handler Starting the Console Putting It All Together Chapter 3: SOS1 – Single-tasking SOS 16 Running User Programs GDT Entries Default Exception Handler User Programs Executable Format System Calls Creating User Programs The run Command Understanding a Simple Operating System The DUMB Memory Manager Program Address Space Process Control Block Switching to a User Program Kernel-Mode Stack Chapter 4 : SOS2 – Multi-tasking SOS 24 Running Multiple User Programs NAÏVE Memory Manager Programmable Interval Timer (PIT) Process States Timer Interrupt Handler Sleep System Call The run Command Process Queue The Scheduler The Complete Picture ps Command Chapter 5 : SOS3 – Paging in SOS 31
    [Show full text]
  • I386-Engine™ Technical Manual
    i386-Engine™ C/C++ Programmable, 32-bit Microprocessor Module Based on the Intel386EX Technical Manual 1950 5 th Street, Davis, CA 95616, USA Tel: 530-758-0180 Fax: 530-758-0181 Email: [email protected] http://www.tern.com Internet Email: [email protected] http://www.tern.com COPYRIGHT i386-Engine, VE232, A-Engine, A-Core, C-Engine, V25-Engine, MotionC, BirdBox, PowerDrive, SensorWatch, Pc-Co, LittleDrive, MemCard, ACTF, and NT-Kit are trademarks of TERN, Inc. Intel386EX and Intel386SX are trademarks of Intel Coporation. Borland C/C++ are trademarks of Borland International. Microsoft, MS-DOS, Windows, and Windows 95 are trademarks of Microsoft Corporation. IBM is a trademark of International Business Machines Corporation. Version 2.00 October 28, 2010 No part of this document may be copied or reproduced in any form or by any means without the prior written consent of TERN, Inc. © 1998-2010 1950 5 th Street, Davis, CA 95616, USA Tel: 530-758-0180 Fax: 530-758-0181 Email: [email protected] http://www.tern.com Important Notice TERN is developing complex, high technology integration systems. These systems are integrated with software and hardware that are not 100% defect free. TERN products are not designed, intended, authorized, or warranted to be suitable for use in life-support applications, devices, or systems, or in other critical applications. TERN and the Buyer agree that TERN will not be liable for incidental or consequential damages arising from the use of TERN products. It is the Buyer's responsibility to protect life and property against incidental failure. TERN reserves the right to make changes and improvements to its products without providing notice.
    [Show full text]
  • Assignment No. 6 Aim: Write X86/64 ALP To
    Assignment No. 6 Att Perm Oral Total Sign (2) (5) (3) (10) Aim: Write X86/64 ALP to switch from real mode to protected mode and display the values of GDTR, LDTR, IDTR, TR and MSW Registers. 6.1 Theory: Real Mode: Real mode, also called real address mode, is an operating mode of all x86-compatible CPUs. Real mode is characterized by a 20-bit segmented memory address space (giving exactly 1 MiB of addressable memory) and unlimited direct software access to all addressable memory, I/O addresses and peripheral hardware. Real mode provides no support for memory protection, multitasking, or code privilege levels. Protected Mode: In computing, protected mode, also called protected virtual address mode is an operational mode of x86-compatible central processing units (CPUs). It allows system software to use features such as virtual memory, paging and safe multi-tasking designed to increase an operating system's control over application software. When a processor that supports x86 protected mode is powered on, it begins executing instructions in real mode, in order to maintain backward compatibility with earlier x86 processors. Protected mode may only be entered after the system software sets up several descriptor tables and enables the Protection Enable (PE) bit in the control register 0 (CR0). Control Register : Global Descriptor Table Register This register holds the 32-bit base address and 16-bit segment limit for the global descriptor table (GDT). When a reference is made to data in memory, a segment selector is used to find a segment descriptor in the GDT or LDT.
    [Show full text]
  • Bringing Virtualization to the X86 Architecture with the Original Vmware Workstation
    12 Bringing Virtualization to the x86 Architecture with the Original VMware Workstation EDOUARD BUGNION, Stanford University SCOTT DEVINE, VMware Inc. MENDEL ROSENBLUM, Stanford University JEREMY SUGERMAN, Talaria Technologies, Inc. EDWARD Y. WANG, Cumulus Networks, Inc. This article describes the historical context, technical challenges, and main implementation techniques used by VMware Workstation to bring virtualization to the x86 architecture in 1999. Although virtual machine monitors (VMMs) had been around for decades, they were traditionally designed as part of monolithic, single-vendor architectures with explicit support for virtualization. In contrast, the x86 architecture lacked virtualization support, and the industry around it had disaggregated into an ecosystem, with different ven- dors controlling the computers, CPUs, peripherals, operating systems, and applications, none of them asking for virtualization. We chose to build our solution independently of these vendors. As a result, VMware Workstation had to deal with new challenges associated with (i) the lack of virtual- ization support in the x86 architecture, (ii) the daunting complexity of the architecture itself, (iii) the need to support a broad combination of peripherals, and (iv) the need to offer a simple user experience within existing environments. These new challenges led us to a novel combination of well-known virtualization techniques, techniques from other domains, and new techniques. VMware Workstation combined a hosted architecture with a VMM. The hosted architecture enabled a simple user experience and offered broad hardware compatibility. Rather than exposing I/O diversity to the virtual machines, VMware Workstation also relied on software emulation of I/O devices. The VMM combined a trap-and-emulate direct execution engine with a system-level dynamic binary translator to ef- ficiently virtualize the x86 architecture and support most commodity operating systems.
    [Show full text]
  • DOS Virtualized in the Linux Kernel
    DOS Virtualized in the Linux Kernel Robert T. Johnson, III Abstract Due to the heavy dominance of Microsoft Windows® in the desktop market, some members of the software industry believe that new operating systems must be able to run Windows® applications to compete in the marketplace. However, running applications not native to the operating system generally causes their performance to degrade significantly. When the application and the operating system were written to run on the same machine architecture, all of the instructions in the application can still be directly executed under the new operating system. Some will only need to be interpreted differently to provide the required functionality. This paper investigates the feasibility and potential to speed up the performance of such applications by including the support needed to run them directly in the kernel. In order to avoid the impact to the kernel when these applications are not running, the needed support was built as a loadable kernel module. 1 Introduction New operating systems face significant challenges in gaining consumer acceptance in the desktop marketplace. One of the first realizations that must be made is that the majority of this market consists of non-technical users who are unlikely to either understand or have the desire to understand various technical details about why the new operating system is “better” than a competitor’s. This means that such details are extremely unlikely to sway a large amount of users towards the operating system by themselves. The incentive for a consumer to continue using their existing operating system or only upgrade to one that is backwards compatible is also very strong due to the importance of application software.
    [Show full text]
  • Virtual Memory in X86
    Fall 2017 :: CSE 306 Virtual Memory in x86 Nima Honarmand Fall 2017 :: CSE 306 x86 Processor Modes • Real mode – walks and talks like a really old x86 chip • State at boot • 20-bit address space, direct physical memory access • 1 MB of usable memory • No paging • No user mode; processor has only one protection level • Protected mode – Standard 32-bit x86 mode • Combination of segmentation and paging • Privilege levels (separate user and kernel) • 32-bit virtual address • 32-bit physical address • 36-bit if Physical Address Extension (PAE) feature enabled Fall 2017 :: CSE 306 x86 Processor Modes • Long mode – 64-bit mode (aka amd64, x86_64, etc.) • Very similar to 32-bit mode (protected mode), but bigger address space • 48-bit virtual address space • 52-bit physical address space • Restricted segmentation use • Even more obscure modes we won’t discuss today xv6 uses protected mode w/o PAE (i.e., 32-bit virtual and physical addresses) Fall 2017 :: CSE 306 Virt. & Phys. Addr. Spaces in x86 Processor • Both RAM hand hardware devices (disk, Core NIC, etc.) connected to system bus • Mapped to different parts of the physical Virtual Addr address space by the BIOS MMU Data • You can talk to a device by performing Physical Addr read/write operations on its physical addresses Cache • Devices are free to interpret reads/writes in any way they want (driver knows) System Interconnect (Bus) : all addrs virtual DRAM Network … Disk (Memory) Card : all addrs physical Fall 2017 :: CSE 306 Virt-to-Phys Translation in x86 0xdeadbeef Segmentation 0x0eadbeef Paging 0x6eadbeef Virtual Address Linear Address Physical Address Protected/Long mode only • Segmentation cannot be disabled! • But can be made a no-op (a.k.a.
    [Show full text]
  • Enclave Security and Address-Based Side Channels
    Graz University of Technology Faculty of Computer Science Institute of Applied Information Processing and Communications IAIK Enclave Security and Address-based Side Channels Assessors: A PhD Thesis Presented to the Prof. Stefan Mangard Faculty of Computer Science in Prof. Thomas Eisenbarth Fulfillment of the Requirements for the PhD Degree by June 2020 Samuel Weiser Samuel Weiser Enclave Security and Address-based Side Channels DOCTORAL THESIS to achieve the university degree of Doctor of Technical Sciences; Dr. techn. submitted to Graz University of Technology Assessors Prof. Stefan Mangard Institute of Applied Information Processing and Communications Graz University of Technology Prof. Thomas Eisenbarth Institute for IT Security Universit¨atzu L¨ubeck Graz, June 2020 SSS AFFIDAVIT I declare that I have authored this thesis independently, that I have not used other than the declared sources/resources, and that I have explicitly indicated all material which has been quoted either literally or by content from the sources used. The text document uploaded to TUGRAZonline is identical to the present doctoral thesis. Date, Signature SSS Prologue Everyone has the right to life, liberty and security of person. Universal Declaration of Human Rights, Article 3 Our life turned digital, and so did we. Not long ago, the globalized commu- nication that we enjoy today on an everyday basis was the privilege of a few. Nowadays, artificial intelligence in the cloud, smartified handhelds, low-power Internet-of-Things gadgets, and self-maneuvering objects in the physical world are promising us unthinkable freedom in shaping our personal lives as well as society as a whole. Sadly, our collective excitement about the \new", the \better", the \more", the \instant", has overruled our sense of security and privacy.
    [Show full text]
  • Supervisor-Mode Virtualization for X86 in Vdebug
    Supervisor-Mode Virtualization for x86 in VDebug Prashanth P. Bungale, Swaroop Sridhar, and Jonathan S. Shapiro { prash, swaroop, shap } @ cs.jhu.edu Systems Research Laboratory The Johns Hopkins University Baltimore, MD 21218, U. S. A. March 10, 2004 Abstract Machine virtualization techniques offer many ways to improve both debugging and performance analysis facilities available to kernel developers. A minimal hardware interposition, exposing as much as possible of the underlying hardware device model, would enable high-level debugging of almost all parts of an operating system. Existing emulators either lack a debugging interface, impose excessive performance penalties, or obscure details of machine-specific hardware, all of which impede their value as debugging platforms. Because it is a paragon of complexity, techniques for emulating the protection state of today's most popular processor – the Pentium – have not been widely published. This paper presents the design of supervisor-mode virtualization in the VDebug kernel debugger system, which uses dynamic translation and dynamic shadowing to provide translucent CPU emulation. By running directly on the bare machine, VDebug is able to achieve an unusually low translation overhead and is able to exploit the hardware protection mechanisms to provide interposition and protection. We focus here on our design for supervisor-mode emulation. We also identify some of the fundamental challenges posed by dynamic translation of supervisor-mode code, and propose new ways of overcoming them. While the work described is not yet running fully, it is far enough along to have confidence in the design presented here, and several of the techniques used have not previously been published.
    [Show full text]
  • MILITARY I386tm SX MICROPROCESSOR
    MILITARY i386TM SX MICROPROCESSOR Y Full 32-Bit Internal Architecture Y Virtual M8086 Mode Allows Execution Ð 8-, 16-, 32-Bit Data Types of M8086 Software in a Protected and Ð 8 General Purpose 32-Bit Registers Paged System Y Runs Intel386TM Software in a Cost Y High Speed Numerics Support with the Effective 16-Bit Hardware Environment Military i387TM SX Coprocessor Ð Runs Same Applications and O.S.'s Y On-Chip Debugging Support Including TM as the Military i386 DX Processor Breakpoint Registers Ð Object Code Compatible with M8086, M80186, M80286, and i386 Y Complete System Development Processors Support Ð Runs MS-DOS*, OS/2* and UNIX** Ð Software: C, PL/M, Assembler Ð Debuggers: PMON-i386 DX, Y Very High Performance 16-Bit Data Bus ICETM-i386 SX Ð 20 MHz Clock Ð Extensive Third-Party Support: C, Ð Two-Clock Bus Cycles Pascal, FORTRAN, BASIC, Ada*** on Ð 20 Megabytes/Sec Bus Bandwidth VAX, UNIX**, MS-DOS*, and Other Ð Address Pipelining Allows Use of Hosts Slower/Cheaper Memories Y High Speed CHMOS IV Technology Y Integrated Memory Management Unit Ð Virtual Memory Support Y 88-Lead Pin Grid Array Package Ð Optional On-Chip Paging (See Packaging Specification, Order Ý 231369) Ð 4 Levels of Hardware Enforced Y 100-Lead Plastic Flat Pack Package Protection Y Available in Four Product Grades: Ð MMU Fully Compatible with Those of Ð MIL-STD-883 (PGA), b55§Cto the M80286 and i386 DX CPUs a125§C(TC) Y Large Uniform Address Space Ð Military Temperature Only (PGA), Ð 16 Megabyte Physical b55§Ctoa125§C(TC) Ð 64 Terabyte Virtual Ð Extended Temperature (PGA), Ð 4 Gigabyte Maximum Segment Size b40§Ctoa110§C(TC) Ð Extended Temperature (PQFP), b20§Ctoa100§C(TC) The Military i386 SX Microprocessor is a 32-bit CPU with a 16-bit external data bus and a 24-bit external address bus.
    [Show full text]
  • Computer Architectures an Overview
    Computer Architectures An Overview PDF generated using the open source mwlib toolkit. See http://code.pediapress.com/ for more information. PDF generated at: Sat, 25 Feb 2012 22:35:32 UTC Contents Articles Microarchitecture 1 x86 7 PowerPC 23 IBM POWER 33 MIPS architecture 39 SPARC 57 ARM architecture 65 DEC Alpha 80 AlphaStation 92 AlphaServer 95 Very long instruction word 103 Instruction-level parallelism 107 Explicitly parallel instruction computing 108 References Article Sources and Contributors 111 Image Sources, Licenses and Contributors 113 Article Licenses License 114 Microarchitecture 1 Microarchitecture In computer engineering, microarchitecture (sometimes abbreviated to µarch or uarch), also called computer organization, is the way a given instruction set architecture (ISA) is implemented on a processor. A given ISA may be implemented with different microarchitectures.[1] Implementations might vary due to different goals of a given design or due to shifts in technology.[2] Computer architecture is the combination of microarchitecture and instruction set design. Relation to instruction set architecture The ISA is roughly the same as the programming model of a processor as seen by an assembly language programmer or compiler writer. The ISA includes the execution model, processor registers, address and data formats among other things. The Intel Core microarchitecture microarchitecture includes the constituent parts of the processor and how these interconnect and interoperate to implement the ISA. The microarchitecture of a machine is usually represented as (more or less detailed) diagrams that describe the interconnections of the various microarchitectural elements of the machine, which may be everything from single gates and registers, to complete arithmetic logic units (ALU)s and even larger elements.
    [Show full text]