News AI
June 30th, 2024

Below MI – IBM I for Hackers

IBM i system offers full control over hardware and software, utilizing Machine Interface for abstract development and memory safety. It operates on POWER CPU with 64-bit big-endian architecture, featuring unique security levels and Single-Level Storage for memory management. Control flow is managed through register conventions and stack operations. The system lacks memory safety, allowing out-of-bounds memory access. Security levels range from no security to C2 level, with Security Level 40 recommended. The writeup delves into memory management, control flow, and security mechanisms for evaluating memory safety and exploitation.

Read original articleLink Icon
Below MI – IBM I for Hackers

IBM i is a system with full control over hardware and software, using the Machine Interface (MI) for abstract development and memory safety. The platform operates on the POWER CPU with 64-bit big-endian architecture and unique security levels. Single-Level Storage (SLS) treats memory as a single virtual address space, impacting memory safety violations. The system uses thick pointers and segment identifiers for memory management. Control flow between program functions is managed through register conventions and stack operations. The system lacks memory safety, allowing for out-of-bounds memory access. Program objects in SLS have fixed virtual addresses, changing only upon recompilation. The platform's security levels range from no security to C2 level security, with Security Level 40 being the recommended minimum. The writeup provides technical insights into IBM i's memory management, control flow, and security mechanisms, crucial for evaluating memory safety issues and exploitation on the platform.

Related

Safe Superintelligence Inc.

Safe Superintelligence Inc.

Safe Superintelligence Inc. prioritizes building safe superintelligence, establishing the first SSI lab. They focus on safety, recruit top talent, and emphasize revolutionary engineering to address critical technical challenges.

Memory sealing for the GNU C Library

Memory sealing for the GNU C Library

The GNU C Library introduces mseal() system call for enhanced security by preventing address space changes. Adhemerval Zanella's patch series adds support, improving memory manipulation protection in upcoming releases.

Exploring How Cache Memory Works

Exploring How Cache Memory Works

Cache memory, crucial for programmers, stores data inside the CPU for quick access, bridging the CPU-RAM speed gap. Different cache levels vary in speed and capacity, optimizing performance and efficiency.

CISA and Partners Guidance for Memory Safety in Critical Open Source Projects

CISA and Partners Guidance for Memory Safety in Critical Open Source Projects

CISA, FBI, and Australian Cyber Security Centre collaborate on memory safety guidance for open source projects. Emphasizes risk understanding, roadmap creation, and collaboration with the open source community for enhanced cybersecurity.

Libc++ Hardening Modes

Libc++ Hardening Modes

The libc++ documentation details hardening modes (Unchecked, Fast, Extensive, Debug) to prevent undefined behavior. Users adjust levels via compiler options. Vendors customize modes, assertion handling, and ABI configurations for enhanced safety.

Link Icon 6 comments
By @rbanffy - 4 months
It's a real shame there is no IBM i emulation the same way there is Hercules. The very alien nature of its OS, all the way back to the AS/400, can be extremely educational and mind-expanding for people who grew up on Windows and Unix.
By @rexreed - 4 months
IBM still wishes we were in the mainframe age where a single vendor had supreme authority and maintenance fees rule the day. You can say that many of today's SaaS vendors have similar sway in their more niche markets but none have the almost complete dominance of their market as did / does in some places IBM.
By @elzbardico - 4 months
IBM may have billions of issues, but I think that the fact the IBM I is still a supported product actively developed is commendable. I doubt that are that many active clients, and while I have no doubt the prices for new equipment, support and licenses are enterprise-level obscene, for enterprise customers running 30 years old critical code on this platform, I bet they are happy IBM is not trigger happy on discontinuing products like Google, or even Microsoft.
By @kragen - 4 months
i feel like this link would be more useful if the title said "as/400" somewhere in it; 'ibm i' is a cringey artifact of ibm pretending the as/400 is so well-known it can be identified by a single letter, like c

the as/400 design is pretty interesting, just because it's so different from currently popular systems. if you're familiar with unix and you study vms or windows 11, you won't learn that much, because vms and unix are almost identical. os/400 is a much weirder beast, and its design doesn't just have disadvantages relative to more widely used system architectures, but also advantages—even if, in the end, the disadvantages turned out to be more important

By @edelsohn - 4 months
Good start a description of IBM i. The article should explain more about capability based systems for it to make more sense.

The ABI described is the same as the AIX ABI. R1 is the stack pointer and R31 is the frame pointer, when needed.

By @cisrockandroll - 4 months
If anybody asks you to work on IBM i or AS400 turn and run.

The system is cool. But the majority of jobs are underpaid in comparison to the open source stacks. And they wonder why there is a lack of new blood.

There are many articles out there claiming COBOL/Mainframe/AS400/“ancient” programmers are retiring and the orgs want to pay you big bucks to replace them. For the most part they are just parlor tricks to try and get a cost savings on new grads.