Shattering Illusions in Lock-Free Worlds: Compiler/Hardware Behaviors in OSes and VMs

Presented at Black Hat USA 2013, Unknown date/time (Unknown duration).

Memory access operations in OSes, VMs or traditional applications from different threads and processes can lead to various security issues depending on the compiler/hardware - especially in non-blocking code. Compilers/hardware pretend to provide sequential order execution, and this illusion does hold for single-threaded code. However, they are not aware of which memory locations are shared and developers oftentimes make the wrong assumptions about memory models. It can be subtle to protect these memory sections from aggressive read/write re-ordering and various optimizations depending on the compiler on x86, x86-64 or the loosely ordered IA64, ARM CPUs as well as GPUs - and it can easily lead to "losing the illusion" of sequential consistency.

I will discuss common issues depending on the hardware and compiler used, mostly related to loosely ordered hardware and the C/C++11 memory models, but will also compare how they hold in higher level languages. Developers will better understand how these issues can be mitigated and researchers will be able to find them more easily.


Presenters:

  • Marc Blanchou - iSEC Partners
    Marc Blanchou is a Senior Security Consultant at iSEC Partners, an information security firm specializing in application, network, and mobile security. At iSEC, Marc specializes in mobile security and native client/server applications. Marc has recently presented at Black Hat, RSA Conference, Hack In The Box and OWASP. Prior to iSEC, Marc was a lead application developer on a wide variety of projects and worked on several products involving low-level legacy code for a financial and a game company. Marc graduated with a MS in Computer Science from EPITECH in Paris and a MS in Information Systems from Stevens Institute of Technology. For his master's thesis, Marc developed an open-source flash file system in C which resulted in several commits to the Linux kernel.

Links:

Similar Presentations: