Processors have pipelines, and can look ahead and accumulate checksums.
Consider a system in which call set ups were in encrypted numbers. The kernel in this mode can decode the call position and the microcode checksum. The called code has prior approval, in the kernels call map. The code compiler emits blocks on contract exit to insure checksum and a marketable exit. The compiler is Spectre compliant. The pipeline catches the trappable points and accumulate check sums to match the call map.
Now this seems way over kill to me, I would think it much easier to do compliance checks on object load into private memory, the kernel using protected code to prepare the object contracts so run time checking is unneeded. All of this means cutting the links between us and the secret processor core. Once done, the key network can handle the rest, code is on validated block chains, and processors have repeatable, irreversible key generators.
No comments:
Post a Comment