In this talk we describe a new processor design which builds upon previous work on modifying microcode on several cores within a processor to obtain a “new” processor.
We take a 12-core processor, inject microcode to simulate a PowerPC (2 cores) and a MIPS processor (2 cores), restrict 2 cores to i386 and leave 4 cores to amd64.
The 11th & 12th cores are security supervisors. The cores all operate in lockstep so it turns into a 6-core processor running 4 different processor architectures (OK, three and a bit) plus a supervisor.
Now, what happens next is that we boot an OS on each of the architectures and then we present to the user only the 4 cores running amd64. When any program performs a syscall this is replicated by the security supervisor across all the architectures and control is not returned unless all the syscalls are in agreement.
There is not all and it can be extended further by running the actual binaries as fat binaries across all the architectures, etc. etc.
Arrigo is an independent security consultant based in Switzerland with a background in Pure Mathematics, Computer Algebra, Supercomputers, a long history of Unix, mainframes and weird systems plus an unhealthy interest in nuclear weapons and other esoteric technologies. He can be followed on Twitter as @cynicalsecurity.