Nintendo Switch Brew

Switch 2: Tegra T239: Difference between revisions

← Older edit
Moved to page Security_Mitigations.
 
(One intermediate revision by the same user not shown)
Line 36: Line 36:


There is no memory authentication, however. So in the event of external memory tampering, the CPU will read back garbled plaintext (effectively, random bytes). Although, it should in principle be possible to "replay" earlier values from a particular address.
There is no memory authentication, however. So in the event of external memory tampering, the CPU will read back garbled plaintext (effectively, random bytes). Although, it should in principle be possible to "replay" earlier values from a particular address.
=== XOM (eXecute-Only-Memory) ===
The hardware supports XOM.
Sysmodules appear to have --X .text.
=== CFI (Control-Flow-Integrity) ===
Besides the CFI used by [[Internet_Browser|web-applets]], sysmodules seem to use a version of CFI which validate vtable-ptrs (the value of the ptr, without accessing the data located there).
Retrieved from "https://switchbrew.org/wiki/Switch_2:_Tegra_T239"