ucode.asm

Contains microcode uploading, proving and relocating functionality.

Author

Marcel Sondaar

License

Educational Purposes

Summary
ucode.asmContains microcode uploading, proving and relocating functionality.
Functions
VerifyMicrocodeAttempts to proof that the microcode conforms to all invariants of the system.

Functions

VerifyMicrocode

Attempts to proof that the microcode conforms to all invariants of the system.

To achieve this, the microcode is disassembled and each instruction is checked against the following security conditions

Isolationthe microcode uses a fixed amount of global and local storage
Register invariantEnsures that the value of important registers hold valid values (xSP, segments, etc)
I/O securityEnsures that only owned ports and memory areas are accessed
TerminationVerifies that the microcode terminates within reasonable time.  Potentially valid uploads can be refused based on this constraint, since program flow instructions are required to be forward (conditional) jumps
CompatibilityVerifies that the microcode does not perform privileged or unsupported instructions

The algorithm should allow for high-level functions to pass validity to minimize the need of assembly.

in

ESIthe location of the microcode
EDIthe virutal address where storage is referenced
EDXthe size of local storage space
EBXthe size of the microcode

out

CFset if validity could not be established
  • clear when the program could be proven
ESIlocation of the instruction failing verification (valid when CF is set)
EAXan error code relevant to the invariant (valid when CF is set)
EAXthe registers that were clobbered (valid when CF is clear)

destroyed

  • EAX, ESI (if CF clear)
  • EBX, ECX, EDX, EBP

stackframe

+0..+3fmin/max values for GPRs
+40..+43ESP difference
+44..+47register usage
+48..+4Bmaximum code address