CppCon 2018: Kostya Serebryany “Memory Tagging and how it improves C/C++ memory safety”

Показать описание

—
—
Memory safety in C++ remains largely unresolved. A technique usually called "memory tagging" may dramatically improve the situation if implemented in hardware with reasonable overhead.

In this talk we will discuss three implementations of memory tagging. One is SPARC ADI, a full hardware implementation. Another is HWASAN, a partially hardware-assisted compiler-based tool for AArch64. Last but not least, ARM MTE, a recently announced hardware extension for AArch64. We describe the basic idea, evaluate the three implementations, and explain how they improve memory safety. We'll pay extra attention to memory tagging as a security mitigation.

If you know what AddressSanitizer (ASAN) is, think of Memory Tagging as of "Low-overhead ASAN on steroids in hardware".

This talk is based on the paper "Memory Tagging and how it improves C/C++ memory safety".
—
Kostya Serebryany, Google
Software Engineer

—
*-----*

Рекомендации по теме

Комментарии

One group of Google programmers writes crappy buggy software, and another one develops methods to catch those bugs...

eugnsp

I wonder if everyone's favourite vendors Intel and AMD are going to provide hardware memory tagging.

maxxba

12:35 - I don't think this is an intuitive way to explain the probability of bugs (I'm not sure if it's correct either).

Can someone clarify this bit ? Why would the possibility of catching a bug be 15/16 (for 4 bit tag case) or 255/256 (for 8 bit tag case) ?

For example:
Let the pointer have green tag. Let the corresponding memory have green tag. Now,
if there can be a lot of memory chunks, you could easily and incorrectly access the same (green here) coloured chunk
somewhere else in the memory.

I don't see how you can quantify the possibility of catching a bug if the memory has a lot of coloured chunks.

malharjajoo

I haven't had any of these bugs in the last 15 years, because they are very easy to avoid. Do they teach anything in college?

tikabass

CppCon 2018: Kostya Serebryany “Memory Tagging and how it improves C/C++ memory safety”

CppCon 2018: Kostya Serebryany “Memory Tagging and how it improves C/C++ memory safety”

2018 LLVM Developers’ Meeting: K. Serebryany “Memory Tagging, how it improves C++ memory safety...”...

CppCon 2017: Kostya Serebryany “Fuzz or lose...”

CppCon 2018: Jon Cohen “Ensuring Exception Safety Through Testing'

CppCon 2018: James Bennett “Refactoring Legacy Codebases with LibTooling”

CppCon 2018: Rishi Wani “Datum: A Compact Bitwise Copyable Variant Type”

CppCon 2015: Kostya Serebryany “Beyond Sanitizers...”

Talks and Highlights From CppCon 2018!

CppCon 2018: Robert Ramey “Safe Numerics”

CppCon 2018: Michael Price “Concepts and Contracts: When, What, and How”

Funqual: user-defined statically-checked call graph constraints in C++ - Andrew Nelson [CppCon 2018]

CppCon 2018: Walter E. Brown “C++ Function Templates: How Do They Really Work?”

CppCon 2018: Patricia Aas “Software Vulnerabilities in C and C++”

CppCon 2018: Tom Poole “Why and How to Roll Your Own std::function Implementation”

CppCon 2018: Richard Powell “How to Argue(ment)'

Smart References: There and Back Again - Erik Valkering [ CppCon 2018 ]

CppCon 2018: Anna Gringauze “Static analysis for concurrent C++ in Visual Studio”

CppCon 2018: Borislav Stanimirov “DynaMix: A New Take on Polymorphism”

CppCon 2018: Jean-Louis Leroy “Open is Good - yomm2: Fast, Orthogonal Open Methods”

CppCon 2018: Matthew von Arx “Set it and forget it!”

Using Template Magic to Automatically Generate Hybrid CPU/GPU-Code - Elmar Westphal [ CppCon 2018 ]

CppCon 2018: Richard Powell “Named Arguments from Scratch”

C++ Cryptozoology - A Compendium of Cryptic Characters :: #2 - Adi Shavit [ CppCon 2018 ]

Make It Fixable: Preparing for Security Vulnerability Reports - Patricia Aas [ CppCon 2018 ]