Nintendo announce: Nintendo NX

Discussion in 'Console Industry' started by DSoup, Mar 17, 2015.

Thread Status:
Not open for further replies.
  1. Rikimaru

    Veteran Newcomer

    Joined:
    Mar 18, 2015
    Messages:
    1,023
    Likes Received:
    396
    I think Gateway 3DS is available for 2 years already.
    Wii U was hacked on launch but hackers did not share info. https://fail0verflow.com/blog/2014/console-hacking-2013-omake.html
     
  2. Cyan

    Cyan orange
    Legend Veteran

    Joined:
    Apr 24, 2007
    Messages:
    9,061
    Likes Received:
    2,670
    Still, I think Android would need a hypervisor OS, say Linux or Windows 10, though, for extra security.

    That's one of the things I don't like about Android, my phone has a lot of software that I can't uninstall but I don't use and don't want to have.
     
  3. Rikimaru

    Veteran Newcomer

    Joined:
    Mar 18, 2015
    Messages:
    1,023
    Likes Received:
    396
    What? Locked bootloader and encrypted image is sufficient.
    Biggest problem with Android that you need to distribute your source code. Easier to find bugs.
    Thats why Sony uses FreeBSD.

    You can disable most apps. Or delete them with root.
     
  4. Shifty Geezer

    Shifty Geezer uber-Troll!
    Moderator Legend

    Joined:
    Dec 7, 2004
    Messages:
    43,577
    Likes Received:
    16,028
    Location:
    Under my bridge
    Laughing at people for being wrong isn't insulting in your culture?

    I have absolutely no idea what this is supposed to mean.

    Again with the prejudice remarks.

    Apple have been writing complex OSes for decades. They have the experience and knohow. Nintendo have kept to very simple OSes for most of their consoles and lack experience. that doesn't mean they can't pull it off, but they're be facing a massive struggle to create a robust OS that's comparable to others, if they want the same sort of complexity. If they want to drop things like multitasking, they could do a lot better.

    What was wrong with PS3 at launch? It worked. Wii U had major issues. And importantly hadn't learned from any of the mistakes of PS3. So PS3's slow firmware updates, Wii U made worse. that's because Nintendo, as they've admitted, don't watch the rest of the industry and learn from their competition.

    Nope. Lord Demigod (Ubisoft gameplay programmer) in the comments discussing pCARS Wii U situation -

    And if you follow the trail on multithreading, there's more criticisms out there.

    Ah, so you're saying Nintendo can and have made console OSes before. Okay. No-one said they hadn't. The argument is Nintendo's experience with complex, computer-like OSes is weak.
     
    Shoujoboy likes this.
  5. Dominik D

    Regular

    Joined:
    Mar 23, 2007
    Messages:
    782
    Likes Received:
    22
    Location:
    Wroclaw, Poland
    I've worked with both. I'd take Windows source over Android any time of the day. :)

    What's your definition of "hacked" then? In order for homebrew to work on 3DS there's a chain of hacks used. Bug in Cubic Ninja is just a way to deliver payload which then exploits problems with software and hardware to circumvent security features. For example (and this is just an example of OS hacks ninjhax employs) NX bit is used to prevent executable pages from being modified (and RW pages from being executed). This is OS feature that takes advantage of certain HW capabilities. This is circumvented by the exploit. Does this mean OS was hacked? Yes it does. 3DS is in a completely different position than certain handhelds were before where you could only operate in user space on the already mapped memory. Here you have much more freedom (e.g. access to the GPU). In my book that's very much the definition of OS being hacked.
     
    Cyan likes this.
  6. DSoup

    DSoup meh
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    12,738
    Likes Received:
    8,124
    Location:
    London, UK
    I can't think of any implementations of Android that run on top of a hypervisor and in most cases you would really only want to introduce a hypervisor unless you have more than one main OS running or you have certain hardware resources need to be completely isolated from the main OS. Every software layer between game code and the hardware is acting as a barrier to theoretical maximum performance.

    You do realise that isn't a decision that is mandated by the stock Android OS? Your phone's UI and the control you have (or don't have) is entirely a result of the whims of the phone manufacturer and your carrier. If you want to lose all of the crap, unlock the phone and install a clean Android build but - this is where the misconcepted ideal of 'open' falls apart, stock Android without specific compatible device drivers for the particular hardware in your phone, can result in diminished performance. Android is 'open' for developers, users are still limited by practical realities of OS versions, driver and hardware compatibility - just like on PCs.
     
    Cyan and Grall like this.
  7. Rikimaru

    Veteran Newcomer

    Joined:
    Mar 18, 2015
    Messages:
    1,023
    Likes Received:
    396
    To be fare, PS4 and Wii U kinda have hardware hypervisor with ARM core. It restricts direct hardware access from OS.
     
  8. DSoup

    DSoup meh
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    12,738
    Likes Received:
    8,124
    Location:
    London, UK
    I don't know anything about Wii U but PS4 is nothing like that. It has a LP ARM microcore (probably TrustZone) in the South Bridge running an microOS from 256mb DDR3 which only has access to the I/O subsystem. This is why PS4 can download in Rest mode (or in the background) to disk but nothing gets installed until your turn the PS4 on. Ditto uploads. If you setup the PS4 to 'background install' firmware it actually turns on the PS4, installs the firmware, then shuts it down again.

    In real terms it's just a low powered I/O manager.
     
    Grall and FarticusMaximus like this.
  9. Rikimaru

    Veteran Newcomer

    Joined:
    Mar 18, 2015
    Messages:
    1,023
    Likes Received:
    396
    I think OS accesses HDD, USB, Wi-Fi, BD-ROM through this core.
     
  10. DSoup

    DSoup meh
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    12,738
    Likes Received:
    8,124
    Location:
    London, UK
    Yes, that's the I/O - this is the function of the South Bridge. This is also a good place to implement TrustZone as compromises are injected over I/O and TrustZone can screen these. It could also explain why the PS4 routes HDD I/O via the USB bus because I don't know of any TrustZone implementations that work well with SATA. It's possible, but tricky.
     
  11. Rikimaru

    Veteran Newcomer

    Joined:
    Mar 18, 2015
    Messages:
    1,023
    Likes Received:
    396
    That's what I'm saying. OS can not get to bare hardware, address space, registers, etc.
     
  12. DSoup

    DSoup meh
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    12,738
    Likes Received:
    8,124
    Location:
    London, UK
    Which OS?
     
  13. Grall

    Grall Invisible Member
    Legend

    Joined:
    Apr 14, 2002
    Messages:
    10,801
    Likes Received:
    2,175
    Location:
    La-la land
    Maybe it is because SATA supports busmaster DMA, while USB does not? Or, well, maybe USB3 does, this latest incarnation supposedly is more independent of the CPU, as overhead at 5Gbit/s would be huge otherwise I suppose. :p So... Hell if I know! Heh.

    It's still a bit weird they're doing HDD access over USB.

    PS4's main BSD OS is not limited by the southbridge ARM core as such; that core only affects I/O. Other OS functions, like those you mention, would remain unaffected.
     
  14. Rikimaru

    Veteran Newcomer

    Joined:
    Mar 18, 2015
    Messages:
    1,023
    Likes Received:
    396
    Why do you think so? Even on Wii initially you could not do that (before AHBPROT was found). Even read NAND from PPC.
     
  15. Grall

    Grall Invisible Member
    Legend

    Joined:
    Apr 14, 2002
    Messages:
    10,801
    Likes Received:
    2,175
    Location:
    La-la land
    Because every function call and memory access cannot go through the southbridge, and its weak-ass ARM core. It would be a tremendous bottleneck.
     
  16. Rikimaru

    Veteran Newcomer

    Joined:
    Mar 18, 2015
    Messages:
    1,023
    Likes Received:
    396
    Look at IOS on Wii (and Wii U).

    "IOS is the operating system that runs on the Starlet coprocessor inside the Hollywood package. It provides services that are used by Wii code to access many system devices: USB, networking, security, app management, NAND flash storage, SD card, optical disc, and also WiiConnect24 features.
    ...
    IOS is not a "hypervisor", as it runs on a dedicated, separate CPU. However, IOS does isolate its memory from access by the main Broadway CPU, has the ability to reboot (and hence bootstrap) it, and is designed to be secure if the PowerPC side is compromised (although in practice many exploits have been found). In that sense, IOS is higher in the security hierarchy than code running on the PowerPC."

    http://wiibrew.org/wiki/IOS

    Every hardware access and some services go through IOS on ARM926EJ-S.
     
  17. DSoup

    DSoup meh
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    12,738
    Likes Received:
    8,124
    Location:
    London, UK
    The ideal TrustZone implementation is for it to operate transparently from the host system so it can't introduce significant latency, particularly on a point-to-point bus architecture. There are ways around it by increasing the number and/or power and/or clocks of the TrustZone cores but this obviously adds cost.

    I agree, all evidence is that any security built into PS4's South Bridge is effectively invisible to the rest of the system and this is the ideal implementation. If an exploit manages to slip through, it should never be able to further compromise the security.

    The approach of many TrustZone solutions is that it operates as a gatekeeper, preventing exploits from being injected over any I/O source which is the only way data can get into RAM.

    I know nothing about Nintendo console's system architecture but having your security (Starlet) onboard the graphics chip (Hollywood) seems a very odd approach unless Hollywood is both the chip housing the GPU and South Bridge. Modern security is generally taking the gatekeeper approach, i.e. stopping exploits even getting to main RAM thereby eliminating any chance of the code being executed.
     
    Grall and Cyan like this.
  18. Rikimaru

    Veteran Newcomer

    Joined:
    Mar 18, 2015
    Messages:
    1,023
    Likes Received:
    396
  19. DSoup

    DSoup meh
    Legend Veteran Subscriber

    Joined:
    Nov 23, 2007
    Messages:
    12,738
    Likes Received:
    8,124
    Location:
    London, UK
    TrustZone is a set of capabilities and reference software, the implementation will vary depending on the target system architecture, budget and vectors of attack. I've worked on several systems with TrustZone protection and all were different.

    Can you share more about the Nintendo approach, particularly how the security solution in the GPU protects against attacks?
     
  20. MrFox

    MrFox Deludedly Fantastic
    Legend Veteran

    Joined:
    Jan 7, 2012
    Messages:
    6,487
    Likes Received:
    5,991
    I'm wondering... is there anything trustzone can do to prevent a piggyback probe directly on the external memory chips?
     
Loading...
Thread Status:
Not open for further replies.

Share This Page

  • About Us

    Beyond3D has been around for over a decade and prides itself on being the best place on the web for in-depth, technically-driven discussion and analysis of 3D graphics hardware. If you love pixels and transistors, you've come to the right place!

    Beyond3D is proudly published by GPU Tools Ltd.
Loading...