It is currently Fri Jul 21, 2017 5:52 am

All times are UTC - 7 hours





Post new topic Reply to topic  [ 72 posts ]  Go to page Previous  1, 2, 3, 4, 5
Author Message
PostPosted: Thu Apr 13, 2017 1:54 am 
Offline
User avatar

Joined: Sun May 27, 2012 8:43 pm
Posts: 1280
calima wrote:
A regular NIC, sound card, etc does not have access to memory. Even a thoroughly malicious NIC is limited in what it can do.

A NIC has access to certain particularly important data - that which enters and exits the computer through it.

You have no idea how the Intel Management Engine in most intel CPUs from the last ten years interacts with any of these peripherals.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 2:12 am 
Offline
User avatar

Joined: Wed Feb 13, 2008 9:10 am
Posts: 550
Location: Estonia, Rapla city (50 and 60Hz compatible :P)
All PCI(-E) cards can be bus masters and they usually are. Typical NIC writes packets to main RAM itself without CPU involement, driver just tells where exactly (and if that NIC happens to have a boot ROM it can do stuff before OS and after BIOS). Same deal with sound cards when they are recording aswell as any USB3 devices (USB2 and 1.1 are polled only, they cannot dump data whereever they want on their own). If the hardware wants it can read or write any part of the system without any involvement of CPU or knowledge on OS side that something happened.

_________________
http://www.tmeeco.eu


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 11:08 am 
Offline

Joined: Tue Oct 06, 2015 10:16 am
Posts: 466
mikejmoffitt wrote:
You have no idea how the Intel Management Engine in most intel CPUs from the last ten years interacts with any of these peripherals.

No, I'm quite familiar with that. That's why I don't buy or recommend any such Intel CPUs.

The IOMMU prevents PCI cards reading arbitrary RAM, and I don't have USB 3 hardware.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 11:50 am 
Offline

Joined: Sun Sep 19, 2004 11:12 pm
Posts: 18651
Location: NE Indiana, USA (NTSC)
When were Intel Management Engine and VT-d (Intel's name for IOMMU functionality) introduced? Which was before the other?


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 12:06 pm 
Offline
User avatar

Joined: Sun May 27, 2012 8:43 pm
Posts: 1280
calima wrote:
mikejmoffitt wrote:
You have no idea how the Intel Management Engine in most intel CPUs from the last ten years interacts with any of these peripherals.

No, I'm quite familiar with that. That's why I don't buy or recommend any such Intel CPUs.

The IOMMU prevents PCI cards reading arbitrary RAM, and I don't have USB 3 hardware.

You can't be familiar with it because nobody is. I'm not questioning that you know about it, just what precisely it is up to.

I don't know which CPUs this leaves you with. AMD has had similar bits in their processors since 2013, and you have to go back quite far to get an Intel machine without it.

You can sidestep almost all of these issues with a computer isolated from any networking, allowing it to communicate only over thoroughly observable I/O at the user's request. But of course, that's absolutely silly when we're talking about developing NES games.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 1:09 pm 
Offline

Joined: Sun Sep 19, 2004 11:12 pm
Posts: 18651
Location: NE Indiana, USA (NTSC)
Until fairly recently, Nintendo used to require that authorized developers have a dedicated office not attached to a residence. I wonder if an air-gapped workstation used to be required. I know it's at least possible because I first tried NESdev back in 1999 with an air-gapped workstation, with an Iomega Zip drive as the only way to get files on and off the thing. I downloaded DJGPP, Allegro 3, x816, NESticle (yes, there was a time when it was the cutting-edge NES debugger), and other tools to a Zip disk on one dial-up-connected computer (a Mac), moved the drive to another computer (a 486 PC), and installed them on the other computer's HDD.

But the root of all this was unwillingness to install (free) Wine to run (free) FCEUX for Windows because of hundreds of MB of (free) i386 libraries it would pull in.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 1:13 pm 
Offline
User avatar

Joined: Sun Jan 22, 2012 12:03 pm
Posts: 5400
Location: Canada
tepples wrote:
I wonder if an air-gapped workstation used to be required.

It was not.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 6:19 pm 
Offline
User avatar

Joined: Sat Jul 12, 2014 3:04 pm
Posts: 890
TmEE wrote:
All PCI(-E) cards can be bus masters and they usually are. Typical NIC writes packets to main RAM itself without CPU involement, driver just tells where exactly (and if that NIC happens to have a boot ROM it can do stuff before OS and after BIOS). Same deal with sound cards when they are recording aswell as any USB3 devices (USB2 and 1.1 are polled only, they cannot dump data whereever they want on their own). If the hardware wants it can read or write any part of the system without any involvement of CPU or knowledge on OS side that something happened.

So, like what the NES expansion port (or SNES expansion port) could do.

Though, the NES lacks address bus and the SNES lacks full address bus, though one can still run code to modify anywhere.


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 7:54 pm 
Offline
User avatar

Joined: Wed Feb 13, 2008 9:10 am
Posts: 550
Location: Estonia, Rapla city (50 and 60Hz compatible :P)
Not quite, because you cannot do bus mastering on NES or SNES, the CPU or some part of hardware in the console must do the transaction, and that's fully under CPU control. A Bus master can do anything to the console whenever it wants. US/EU Master System (but not Mark III or JP Master System) have means to do bus mastering, technically you can make a game cart that takes bus from the CPU and runs the entire game off the cart with CPU perpetually frozen pretty much controlling all the hardware in the console as it pleases. That's partially what one game I'm working on does, it uses a small MCU to do DMAs and few other things to fully realize the VRAM bandwidth that the machine has (Z80 can only use up about 10% of what is available).

I'm not yet familiar enough with the IOMMU mechanisms that are present in x86 world to comment more deeply, but from first glance they're primarly for OS side of things to allow virtualisation with hardware assist, with some restrictions on hardware side of things to work, aka not universal. AMD spec seems to be superior to that of Intel's, but for now I will stop digging, I don't have time to read though 500 pages of material, especially since it doesn't benefit the work I'm supposed to be doing right now lol.

_________________
http://www.tmeeco.eu


Top
 Profile  
 
PostPosted: Thu Apr 13, 2017 9:20 pm 
Offline
User avatar

Joined: Sat Jul 12, 2014 3:04 pm
Posts: 890
You have access to the databus. Inject a converging-clockslide-jump to un-mapped addresses (as sort of in the linked example), and/or continue driving the lines over whatever else is trying to use them.


Top
 Profile  
 
PostPosted: Fri Apr 14, 2017 12:16 am 
Offline
User avatar

Joined: Wed Feb 13, 2008 9:10 am
Posts: 550
Location: Estonia, Rapla city (50 and 60Hz compatible :P)
Since you cannot tristate the host bus on will (I cannot see any such signal on the schematics), you only cause a bus fight which is harmful to both sides. To do it without harm you got to control the enable signal going to the cart so that you can disable cart on the relevant addresses and supply your own data...

_________________
http://www.tmeeco.eu


Top
 Profile  
 
PostPosted: Fri Apr 14, 2017 12:40 am 
Offline

Joined: Tue Oct 06, 2015 10:16 am
Posts: 466
mikejmoffitt wrote:
I don't know which CPUs this leaves you with. AMD has had similar bits in their processors since 2013, and you have to go back quite far to get an Intel machine without it.


Currently running a Phenom 2 from 2010. Considering getting the Pinebook when it ships, and would have gotten the Raptor if its price had been more in my budget.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 72 posts ]  Go to page Previous  1, 2, 3, 4, 5

All times are UTC - 7 hours


Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group