Post Syndicated from corbet original http://lwn.net/Articles/686808/rss
Techniques for hardening the security of running systems often focus on
access to memory. An attacker who can write (or even read) arbitrary
memory regions will be able to take over the system in short order; even the
ability to access small regions of memory can often be exploited. One
possible defensive technique would be to encrypt the contents of memory so
that an attacker can do nothing useful with it, even if access is somehow
gained; this type of encryption clearly requires hardware support. Both Intel
and AMD are introducing such support in their processors, and patches to
enable that support have been posted for consideration; the two
manufacturers have taken somewhat different approaches to the problem,
though.
