SECURE PROGRAMMING TECHNIQUES. Race conditions. General terms. File access races. Network races. Multithreading. Signal handling races MEELIS ROOS 1
|
|
- Garry Sutton
- 5 years ago
- Views:
Transcription
1 Race conditions General terms File access races Network races Multithreading Signal handling races MEELIS ROOS 1
2 General terms Race condition correctness of the program depends on timing (race with an external entity) Process scheduling can switch context any time, for any amount of time Network is asynchronous by nature Attacker can change scheduling by causing load or just trying hard enough Happens on unsynchronized use of shared resources Race with untrusted processes Race with trusted processes (locking bugs) General solution: use atomic operations Locking tool for synchronization, usually between trusted processes MEELIS ROOS 2
3 File access races TOCTOU (Time Of Check, Time Of Use) pattern in races: 1. A program checks a property of a file, referencing the file by its name 2. An attacker alters the meaning of the filename so that it refers to a different filesystem object 3. The program later performs a filesystem operation using the same filename and assumes the previously checked property still holds Properties can be about metainfo (owner, permissions, being symbolic link etc) or about changing the file itself (new file with the same name) MEELIS ROOS 3
4 Example: access() vs open() lpr vulnerability in ancient Linux (1999) for (int i=1; i < argc; i++) { /* make sure that the user can read the file, * then open it */ if (!access(argv[i], O_RDONLY)) { fd = open(argv[i], O_RDONLY); } print(fd); } MEELIS ROOS 4
5 Timing Possible timing between lpr and attack code access("/tmp/attack") open("/tmp/attack") unlink("/tmp/attack") symlink("/etc/shadow", "/tmp/attack") MEELIS ROOS 5
6 Fix: switch UID-s, open only once for (int i=1; i < argc; i++) { int caller_uid = getuid(); int owner_uid = geteuid(); /* set effective user id before opening the file */ if (setresuid(-1, caller_uid, owner_uid)!= 0) { exit(-1); } if (fd = open(argv[i], O_RDONLY); /* reset the effective user id to its original value */ if (setresuid(-1, owner_uid, caller_uid)!= 0) { exit(-1); } if (fd!= -1) print(fd); } MEELIS ROOS 6
7 File access races Stealing a temporary file with loose permissions Predictability of filenames in shared directories Symlink attacks make the filename point somewhere else Between check and use Even before preparing symlinks with predictable names (either pointing somewhere or dangling) Using up resources (allocate and reserve resources before use?) MEELIS ROOS 7
8 Predictable filenames First, try to avoid creating files in publicly writable directories If you still need to do it: Avoid fixed names Avoid weak randomness process ID, current time, short random part of filename Common example: RESULT=/tmp/myresult.$$ do_cmd > $RESULT if! grep Success: $RESULT; then exit 1; fi; done... rm $RESULT Find all bugs in this snippet! MEELIS ROOS 8
9 Fixing file access races Avoid using publicly writable directories TMP, TMPDIR; TEMP environment variables Avoid temporary files at all when not needed use pipe with one producer and only one consumer Use any name only once Open file and keep fd open Perform further operations only on fd, not name fchown, fchmod, fchdir, fstat access() is usually bad Unlinking filename might be a good idea to shorten the windows others might open it Don t reuse temporary filenames MEELIS ROOS 9
10 Creating a temporary file securely Use strict file create to avoid existing files with same name you try open(filename, O_RDWR O_CREAT O_EXCL, 0600) O_TMPFILE (Linux-only) Avoid symlinks O_NOFOLLOW (good but not portable) or create a subdirectory, secure it and create your files there Check return values and repeat until you have got your file MEELIS ROOS 10
11 Temporary file library functions Good: mkstemp(char *template) creates file, opens it and returns filled in name mkdtemp(char *template) creates a directory and returns filled in name Weak: FILE *tmpfile(void) creates, opens and unlinks, misses O_EXCL tempnam(char *dir, char *pfx) TOCTOU possible; honours TMPDIR tmpnam(char *s) TOCTOU possible mktemp(char *template) TOCTOU again GetTempFileName() TOCTOU MEELIS ROOS 11
12 Multithreading Concurrent programs can share objects in memory by using multithreading by using explicitly shared memory between multiple processes Shared structures must be accessed with some synchronization protocol to avoid corrupting the data Bugs are frequent here because the model is hard for programmers ("locking bugs") Most synchronization bugs are not exploitable as security bugs, but Corruption of state may always lead to vulnerabilities Availability is hit hard (hangs, crashes) Language-agnostic (anywhere shared state is used) MEELIS ROOS 12
13 Networking Different streams and packets race with each other: Different routes, router queues Congestion control and retransmissions Process scheduling on end nodes Example: IRC channel takeovers Example: AJAX and parallel queries Synchronous and asynchronous XmlHttpRequest Several requests in parallel are possible, depending on user actions MEELIS ROOS 13
14 Signal handling Completely asynchronous Signal handler can do only a limited set of operations because of this Lots of signals coming in quickly can uncover additional problems MEELIS ROOS 14
15 Example: signal handling race #include <signal.h> #include <syslog.h> #include <string.h> #include <stdlib.h> void *global1, *global2; char *what; void sh(int dummy) { syslog(log_notice,"%s\n",what); free(global2); free(global1); sleep(10); exit(0); } MEELIS ROOS 15
16 Example: signal handling race (cont) int main(int argc,char* argv[]) { what=argv[1]; global1=strdup(argv[2]); global2=malloc(340); signal(sighup,sh); signal(sigterm,sh); sleep(10); free(global2); free(global1); exit(0); } MEELIS ROOS 16
Secure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Race Conditions Secure Software Programming 2 Overview Parallel execution
More informationExecution of Multiple flows (threads, processes, tasks, etc) If not controlled can lead to nondeterministic behavior
Race Conditions March 27, 2006 March 27, 2006 Concurrency Concurrency and Race condition Execution of Multiple flows (threads, processes, tasks, etc) If not controlled can lead to nondeterministic behavior
More informationSecure Coding in C and C++ Race conditions
Secure Coding in C and C++ Race conditions Lecture 6 Oct 1, 2014 Acknowledgement: These slides are based on author Seacord s original presentation Concurrency and Race condition Concurrency Execution of
More informationSecure Programming Lecture 16: Race Conditions
Secure Programming Lecture 16: Race Conditions David Aspinall 18th March 2016 Outline Overview Race Conditions Race conditions with Unix file handling Data Races Preventing Races Preventing race conditions
More informationExploiting Unix File-System Races via Algorithmic Complexity Attacks
Exploiting Unix File-System Races via Algorithmic Complexity Attacks Xiang Cai, Yuwei Gui, and Rob Johnson (Stony Brook University). IEEE Symposium on Security and Privacy, May 2009. Agenda Introduction
More informationNon-atomic check and use aka TOCTOU (Time of Check, Time of Use) or race conditions. Erik Poll Digital Security group Radboud University Nijmegen
Non-atomic check and use aka TOCTOU (Time of Check, Time of Use) or race conditions Erik Poll Digital Security group Radboud University Nijmegen A classic source of (security) problems race condition aka
More informationCYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions
CYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions Instructor: Dr. Kun Sun 1 Secure Coding String management Pointer Subterfuge Dynamic memory management Integer security
More informationSysSec. Aurélien Francillon
SysSec Aurélien Francillon francill@eurecom.fr https://www.krackattacks.com/ https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-ofhigh-security-keys-750k-estonian-ids/
More informationCptS 360 (System Programming) Unit 6: Files and Directories
CptS 360 (System Programming) Bob Lewis School of Engineering and Applied Sciences Washington State University Spring, 2019 Motivation Need to know your way around a filesystem. A properly organized filesystem
More informationAdvanced System Security: Vulnerabilities
Advanced System Security: Vulnerabilities Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department Pennsylvania State University CSE544 -Advanced
More informationAdvanced Systems Security: Symbolic Execution
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationCSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Software Vulnerabilities Professor Trent Jaeger 1 Programming Why do we write programs? Function What functions do we enable via our programs?
More informationDirty COW Attack Lab
SEED Labs Dirty COW Attack Lab 1 Dirty COW Attack Lab Copyright 2017 Wenliang Du, Syracuse University. The development of this document was partially funded by the National Science Foundation under Award
More informationBuilding blocks for Unix power tools
for Unix power tools Now that we have given a good overview of a lot of the better Unix tools, I want to take some time to talk about our toolset for building Unix programs. The most important of these
More information3/7/18. Secure Coding. CYSE 411/AIT681 Secure Software Engineering. Race Conditions. Concurrency
Secure Coding CYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions Instructor: Dr. Kun Sun String management Pointer Subterfuge Dynamic memory management Integer security
More informationCSE 333 SECTION 3. POSIX I/O Functions
CSE 333 SECTION 3 POSIX I/O Functions Administrivia Questions (?) HW1 Due Tonight Exercise 7 due Monday (out later today) POSIX Portable Operating System Interface Family of standards specified by the
More informationCSC 271 Software I: Utilities and Internals
CSC 271 Software I: Utilities and Internals Lecture 13 : An Introduction to File I/O in Linux File Descriptors All system calls for I/O operations refer to open files using a file descriptor (a nonnegative
More informationFiles and Directories
Files and Directories Stat functions Given pathname, stat function returns structure of information about file fstat function obtains information about the file that is already open lstat same as stat
More informationWeek11: Race Conditions
Week11: Race Conditions Pascal Meunier, Ph.D., M.Sc., CISSP March 28, 2007 Developed thanks to the support of Symantec Corporation, NSF SFS Capacity Building Program (Award Number 0113725) and the Purdue
More informationFall 2017 :: CSE 306. File Systems Basics. Nima Honarmand
File Systems Basics Nima Honarmand File and inode File: user-level abstraction of storage (and other) devices Sequence of bytes inode: internal OS data structure representing a file inode stands for index
More informationCSE 374 Midterm Exam Sample Solution 2/6/12
Question 1. (12 points) Suppose we have the following subdirectory structure inside the current directory: docs docs/friends docs/friends/birthdays.txt docs/friends/messages.txt docs/cse374 docs/cse374/notes.txt
More informationCSE 333 SECTION 3. POSIX I/O Functions
CSE 333 SECTION 3 POSIX I/O Functions Administrivia Questions (?) HW1 Due Tonight HW2 Due Thursday, July 19 th Midterm on Monday, July 23 th 10:50-11:50 in TBD (And regular exercises in between) POSIX
More informationSecure Architecture Principles
Computer Security Course. Secure Architecture Principles Slides credit: Dan Boneh What Happens if you can t drop privilege? In what example scenarios does this happen? A service loop E.g., ssh Solution?
More informationCoupling Thursday, October 21, :23 PM
Coupling Page 1 Coupling Thursday, October 21, 2004 3:23 PM Two kinds of multiple-processor systems Tightly-coupled Can share efficient semaphores. Usually involve some form of shared memory. Loosely-coupled
More informationPipes. Pipes Implement a FIFO. Pipes (cont d) SWE 545. Pipes. A FIFO (First In, First Out) buffer is like a. Pipes are uni-directional
Pipes SWE 545 Pipes Pipes are a way to allow processes to communicate with each other Pipes implement one form of IPC (Interprocess Communication) This allows synchronization of process execution There
More informationOperating System Structure
Operating System Structure Heechul Yun Disclaimer: some slides are adopted from the book authors slides with permission Recap: Memory Hierarchy Fast, Expensive Slow, Inexpensive 2 Recap Architectural support
More informationFile Descriptors and Piping
File Descriptors and Piping CSC209: Software Tools and Systems Programming Furkan Alaca & Paul Vrbik University of Toronto Mississauga https://mcs.utm.utoronto.ca/~209/ Week 8 Today s topics File Descriptors
More informationPortably Preventing File Race Attacks with User-Mode Path Resolution
Portably Preventing File Race Attacks with User-Mode Path Resolution Dan Tsafrir Tomer Hertz David Wagner Dilma Da Silva IBM Research Microsoft Research UC Berkeley IBM Research dilmasilva@us.ibm.com TOCTTOU
More informationComputer Systems Assignment 2: Fork and Threads Package
Autumn Term 2018 Distributed Computing Computer Systems Assignment 2: Fork and Threads Package Assigned on: October 5, 2018 Due by: October 12, 2018 1 Understanding fork() and exec() Creating new processes
More informationOverview. Over the next four weeks, we will look at these topics: Building Blocks. Advanced Authentication Issues.
Overview Over the next four weeks, we will look at these topics: Building Blocks Advanced Authentication Issues Security Overview Storage and its abstraction Virtualization and appliances Data Replication
More informationFile and Directories. Advanced Programming in the UNIX Environment
File and Directories Advanced Programming in the UNIX Environment stat Function #include int stat(const char *restrict pathname, struct stat *restrict buf ); int fstat(int fd, struct stat
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 15: Software Security II Department of Computer Science and Engineering University at Buffalo 1 Software Vulnerabilities Buffer overflow vulnerabilities account
More informationOperating System Structure
Operating System Structure Heechul Yun Disclaimer: some slides are adopted from the book authors slides with permission Recap OS needs to understand architecture Hardware (CPU, memory, disk) trends and
More informationSignal Example 1. Signal Example 2
Signal Example 1 #include #include void ctrl_c_handler(int tmp) { printf("you typed CTL-C, but I don't want to die!\n"); int main(int argc, char* argv[]) { long i; signal(sigint, ctrl_c_handler);
More informationOperating Systems CMPSCI 377 Spring Mark Corner University of Massachusetts Amherst
Operating Systems CMPSCI 377 Spring 2017 Mark Corner University of Massachusetts Amherst Clicker Question #1 For a sequential workload, the limiting factor for a disk system is likely: (A) The speed of
More informationRace Conditions. A race condition occurs when an assumption needs to hold true for a period of time, but actually may not Bob and Alice example.
Race Conditions A race condition occurs when an assumption needs to hold true for a period of time, but actually may not Bob and Alice example. Java Example Import java.io.* Import java.servlet.* Import
More informationRCU. ò Walk through two system calls in some detail. ò Open and read. ò Too much code to cover all FS system calls. ò 3 Cases for a dentry:
Logical Diagram VFS, Continued Don Porter CSE 506 Binary Formats RCU Memory Management File System Memory Allocators System Calls Device Drivers Networking Threads User Today s Lecture Kernel Sync CPU
More informationVFS, Continued. Don Porter CSE 506
VFS, Continued Don Porter CSE 506 Logical Diagram Binary Formats Memory Allocators System Calls Threads User Today s Lecture Kernel RCU File System Networking Sync Memory Management Device Drivers CPU
More informationI/O OPERATIONS. UNIX Programming 2014 Fall by Euiseong Seo
I/O OPERATIONS UNIX Programming 2014 Fall by Euiseong Seo Files Files that contain a stream of bytes are called regular files Regular files can be any of followings ASCII text Data Executable code Shell
More informationFiles and the Filesystems. Linux Files
Files and the Filesystems Linux Files The file is the most basic and fundamental abstraction in Linux. Linux follows the everything-is-a-file philosophy. Consequently, much interaction occurs via reading
More informationChapter 6. File Systems
Chapter 6 File Systems 6.1 Files 6.2 Directories 6.3 File system implementation 6.4 Example file systems 350 Long-term Information Storage 1. Must store large amounts of data 2. Information stored must
More informationI/O OPERATIONS. UNIX Programming 2014 Fall by Euiseong Seo
I/O OPERATIONS UNIX Programming 2014 Fall by Euiseong Seo Files Files that contain a stream of bytes are called regular files Regular files can be any of followings ASCII text Data Executable code Shell
More informationPrepared by Prof. Hui Jiang Process. Prof. Hui Jiang Dept of Electrical Engineering and Computer Science, York University
EECS3221.3 Operating System Fundamentals No.2 Process Prof. Hui Jiang Dept of Electrical Engineering and Computer Science, York University How OS manages CPU usage? How CPU is used? Users use CPU to run
More informationProcess. Prepared by Prof. Hui Jiang Dept. of EECS, York Univ. 1. Process in Memory (I) PROCESS. Process. How OS manages CPU usage? No.
EECS3221.3 Operating System Fundamentals No.2 Prof. Hui Jiang Dept of Electrical Engineering and Computer Science, York University How OS manages CPU usage? How CPU is used? Users use CPU to run programs
More informationOutline. Classic races: files in /tmp. Race conditions. TOCTTOU example. TOCTTOU gaps. Vulnerabilities in OS interaction
Outline CSci 5271 Introduction to Computer Security Day 3: Low-level vulnerabilities Stephen McCamant University of Minnesota, Computer Science & Engineering Race conditions Classic races: files in /tmp
More informationCIS Operating Systems File Systems Security. Professor Qiang Zeng Fall 2017
CIS 5512 - Operating Systems File Systems Security Professor Qiang Zeng Fall 2017 Previous class File and directory Hard link and soft link Mount Layered structure File system design Naïve: linked list
More informationSecure Coding in C and C++
Secure Coding in C and C++ Dynamic Memory Management Lecture 5 Sept 21, 2017 Acknowledgement: These slides are based on author Seacord s original presentation Issues Dynamic Memory Management Common Dynamic
More informationPre-lab #2 tutorial. ECE 254 Operating Systems and Systems Programming. May 24, 2012
Pre-lab #2 tutorial ECE 254 Operating Systems and Systems Programming May 24, 2012 Content Concurrency Concurrent Programming Thread vs. Process POSIX Threads Synchronization and Critical Sections Mutexes
More informationIntroduction to C. Sean Ogden. Cornell CS 4411, August 30, Geared toward programmers
Introduction to C Geared toward programmers Sean Ogden Slide heritage: Alin Dobra Niranjan Nagarajan Owen Arden Robert Escriva Zhiyuan Teo Ayush Dubey Cornell CS 4411, August 30, 2013 Administrative Information
More informationAdvanced Programming in the UNIX Environment W. Richard Stevens
Advanced Programming in the UNIX Environment W. Richard Stevens ADDISON-WESLEY PUBLISHING COMPANY Reading, Massachusetts Menlo Park, California New York Don Mills, Ontario Wokingham, England Amsterdam
More informationThe UNIX File System. File Systems and Directories UNIX inodes Accessing directories Understanding links in directories.
The UNIX File System File Systems and Directories UNIX s Accessing directories Understanding links in directories Reading: R&R, Ch 5 Directories Large amounts of data: Partition and structure for easier
More informationCSE 410: Systems Programming
CSE 410: Systems Programming Input and Output Ethan Blanton Department of Computer Science and Engineering University at Buffalo I/O Kernel Services We have seen some text I/O using the C Standard Library.
More informationLogical disks. Bach 2.2.1
Logical disks Bach 2.2.1 Physical disk is divided into partitions or logical disks Logical disk linear sequence of fixed size, randomly accessible, blocks disk device driver maps underlying physical storage
More informationpublic class MyThread extends Thread { try { private Shared theshared; threada.join(); threadb.join();
Race Conditions Consider the following Java code int localdata = theshared.getdata(); localdata++; theshared.setdata(localdata); After executing this code what value is stored in Shared.data? public class
More informationINTRODUCTION TO THE UNIX FILE SYSTEM 1)
INTRODUCTION TO THE UNIX FILE SYSTEM 1) 1 FILE SHARING Unix supports the sharing of open files between different processes. We'll examine the data structures used by the kernel for all I/0. Three data
More informationmalloc() is often used to allocate chunk of memory dynamically from the heap region. Each chunk contains a header and free space (the buffer in which
Heap Overflow malloc() is often used to allocate chunk of memory dynamically from the heap region. Each chunk contains a header and free space (the buffer in which data are placed). The header contains
More informationSecure Coding in C and C++ Dynamic Memory Management Lecture 5 Jan 29, 2013
Secure Coding in C and C++ Dynamic Memory Management Lecture 5 Jan 29, 2013 Acknowledgement: These slides are based on author Seacord s original presentation Issues Dynamic Memory Management Common Dynamic
More informationTCSS 422: OPERATING SYSTEMS
TCSS 422: OPERATING SYSTEMS fork() Process API, Limited Direct Execution Wes J. Lloyd Institute of Technology University of Washington - Tacoma Creates a new process - think of a fork in the road Parent
More informationContents. NOTICE & Programming Assignment #1. QnA about last exercise. File IO exercise
File I/O Examples Prof. Jin-Soo Kim(jinsookim@skku.edu) TA - Dong-Yun Lee(dylee@csl.skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Contents NOTICE & Programming Assignment
More informationThreads. What is a thread? Motivation. Single and Multithreaded Processes. Benefits
CS307 What is a thread? Threads A thread is a basic unit of CPU utilization contains a thread ID, a program counter, a register set, and a stack shares with other threads belonging to the same process
More informationCS 380S. TOCTTOU Attacks. Don Porter. Some slides courtesy Vitaly Shmatikov and Emmett Witchel. slide 1
CS 380S TOCTTOU Attacks Don Porter Some slides courtesy Vitaly Shmatikov and Emmett Witchel slide 1 Definitions TOCTTOU Time of Check To Time of Use Check Establish some precondition (invariant), e.g.,
More informationOperating Systems Lab
Operating Systems Lab Islamic University Gaza Engineering Faculty Department of Computer Engineering Fall 2012 ECOM 4010: Operating Systems Lab Eng: Ahmed M. Ayash Lab # 4 Paths, Links & File Permissions
More informationIntroduction to C. Robert Escriva. Cornell CS 4411, August 30, Geared toward programmers
Introduction to C Geared toward programmers Robert Escriva Slide heritage: Alin Dobra Niranjan Nagarajan Owen Arden Cornell CS 4411, August 30, 2010 1 Why C? 2 A Quick Example 3 Programmer s Responsibilities
More informationPreview. Process Control. What is process? Process identifier The fork() System Call File Sharing Race Condition. COSC350 System Software, Fall
Preview Process Control What is process? Process identifier The fork() System Call File Sharing Race Condition COSC350 System Software, Fall 2015 1 Von Neumann Computer Architecture: An integrated set
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Inter-process Communication (IPC) Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) Recall Process vs. Thread A process is
More informationCSE 303 Midterm Exam
CSE 303 Midterm Exam October 29, 2008 Name Sample Solution The exam is closed book, except that you may have a single page of hand written notes for reference. If you don t remember the details of how
More informationI m paranoid, but am I paranoid enough? Steven M. Bellovin February 20,
I m paranoid, but am I paranoid enough? Steven M. Bellovin February 20, 2007 1 Special Techniques for Secure Programs Buffer overflows are bad in any case Some problems are only a risk for secure programs
More informationOperating Systems Security
Operating Systems Security CS 166: Introduction to Computer Systems Security 1 Acknowledgements Materials from the CS167 lecture slides by Tom Doeppner included with permission Some slides 2016-2018 J.
More informationCSC209H Lecture 1. Dan Zingaro. January 7, 2015
CSC209H Lecture 1 Dan Zingaro January 7, 2015 Welcome! Welcome to CSC209 Comments or questions during class? Let me know! Topics: shell and Unix, pipes and filters, C programming, processes, system calls,
More informationMatt Ramsay CS 375 EXAM 2 Part 1
Matt Ramsay CS 375 EXAM 2 Part 1 Output: csserver:/home/mr56/cs375/exam2 > parent 1 75000 Multiples of 3 between 3 and 15000 add to 37507500 This total written to /home/mr56/tmp/file8771.out Multiples
More informationIntroduction to C. Ayush Dubey. Cornell CS 4411, August 31, Geared toward programmers
Introduction to C Geared toward programmers Ayush Dubey Slide heritage: Alin Dobra Niranjan Nagarajan Owen Arden Robert Escriva Zhiyuan Teo Cornell CS 4411, August 31, 2012 Administrative Information Outline
More informationOperating Systems. VI. Threads. Eurecom. Processes and Threads Multithreading Models
Operating Systems VI. Threads Ludovic Apvrille ludovic.apvrille@telecom-paristech.fr Eurecom, office 470 http://soc.eurecom.fr/os/ @OS Eurecom Outline 2/36 Fall 2017 Institut Mines-Telecom Operating Systems
More informationProcess Creation in UNIX
Process Creation in UNIX int fork() create a child process identical to parent Child process has a copy of the address space of the parent process On success: Both parent and child continue execution at
More informationHyo-bong Son Computer Systems Laboratory Sungkyunkwan University
File I/O Hyo-bong Son (proshb@csl.skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Unix Files A Unix file is a sequence of m bytes: B 0, B 1,..., B k,..., B m-1 All I/O
More informationProcesses. Johan Montelius KTH
Processes Johan Montelius KTH 2017 1 / 47 A process What is a process?... a computation a program i.e. a sequence of operations a set of data structures a set of registers means to interact with other
More informationVirtual File System. Don Porter CSE 306
Virtual File System Don Porter CSE 306 History Early OSes provided a single file system In general, system was pretty tailored to target hardware In the early 80s, people became interested in supporting
More informationINITIALISING POINTER VARIABLES; DYNAMIC VARIABLES; OPERATIONS ON POINTERS
INITIALISING POINTER VARIABLES; DYNAMIC VARIABLES; OPERATIONS ON POINTERS Pages 792 to 800 Anna Rakitianskaia, University of Pretoria INITIALISING POINTER VARIABLES Pointer variables are declared by putting
More informationCS 333 Introduction to Operating Systems. Class 3 Threads & Concurrency. Jonathan Walpole Computer Science Portland State University
CS 333 Introduction to Operating Systems Class 3 Threads & Concurrency Jonathan Walpole Computer Science Portland State University 1 Process creation in UNIX All processes have a unique process id getpid(),
More informationA process. the stack
A process Processes Johan Montelius What is a process?... a computation KTH 2017 a program i.e. a sequence of operations a set of data structures a set of registers means to interact with other processes
More informationCS342 - Spring 2019 Project #3 Synchronization and Deadlocks
CS342 - Spring 2019 Project #3 Synchronization and Deadlocks Assigned: April 2, 2019. Due date: April 21, 2019, 23:55. Objectives Practice multi-threaded programming. Practice synchronization: mutex and
More informationIntroduction to File Systems. CSE 120 Winter 2001
Introduction to File Systems CSE 120 Winter 2001 Files Files are an abstraction of memory that are stable and sharable. Typically implemented in three different layers of abstraction 3 I/O system: interrupt
More informationInterrupts, Fork, I/O Basics
Interrupts, Fork, I/O Basics 12 November 2017 Lecture 4 Slides adapted from John Kubiatowicz (UC Berkeley) 12 Nov 2017 SE 317: Operating Systems 1 Topics for Today Interrupts Native control of Process
More informationCSI 402 Lecture 11 (Unix Discussion on Files continued) 11 1 / 19
CSI 402 Lecture 11 (Unix Discussion on Files continued) 11 1 / 19 User and Group IDs Ref: Chapter 3 of [HGS]. Each user is given an ID (integer) called uid. (Most system programs use uid instead of the
More informationStudy of Race Condition: A Privilege Escalation Vulnerability
Study of Race Condition: A Privilege Escalation Vulnerability Tanjila Farah, Rashed Shelim Department of Electrical & Computer Engineering, North South University Dhaka, Bangladesh and Moniruz Zaman, Delwar
More informationPOSIX Shared Memory. Linux/UNIX IPC Programming. Outline. Michael Kerrisk, man7.org c 2017 November 2017
Linux/UNIX IPC Programming POSIX Shared Memory Michael Kerrisk, man7.org c 2017 mtk@man7.org November 2017 Outline 10 POSIX Shared Memory 10-1 10.1 Overview 10-3 10.2 Creating and opening shared memory
More informationDistributed Systems. Hajussüsteemid MTAT Distributed File Systems. (slides: adopted from Meelis Roos DS12 course) 1/15
Hajussüsteemid MTAT.08.024 Distributed Systems Distributed File Systems (slides: adopted from Meelis Roos DS12 course) 1/15 Distributed File Systems (DFS) Background Naming and transparency Remote file
More informationProcesses. Processes (cont d)
Processes UNIX process creation image-file arg1 arg2 Shell command line example ls -l Equivalent to /bin/ls -l Why? How do you find out where the image file is? Background processes ls -l & Execute a process
More informationWhat is a Process. Preview. What is a Process. What is a Process. Process Instruction Cycle. Process Instruction Cycle 3/14/2018.
Preview Process Control What is process? Process identifier A key concept in OS is the process Process a program in execution Once a process is created, OS not only reserve space (in Memory) for the process
More informationCOSC 6397 Big Data Analytics. Distributed File Systems (II) Edgar Gabriel Fall HDFS Basics
COSC 6397 Big Data Analytics Distributed File Systems (II) Edgar Gabriel Fall 2018 HDFS Basics An open-source implementation of Google File System Assume that node failure rate is high Assumes a small
More informationSTING: Finding Name Resolution Vulnerabilities in Programs
STING: Finding Name Resolution ulnerabilities in Programs Hayawardh ijayakumar, Joshua Schiffman, Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department
More informationLecture 23: System-Level I/O
CSCI-UA.0201-001/2 Computer Systems Organization Lecture 23: System-Level I/O Mohamed Zahran (aka Z) mzahran@cs.nyu.edu http://www.mzahran.com Some slides adapted (and slightly modified) from: Clark Barrett
More informationPlay with FILE Structure Yet Another Binary Exploitation Technique. Abstract
Play with FILE Structure Yet Another Binary Exploitation Technique An-Jie Yang (Angelboy) angelboy@chroot.org Abstract To fight against prevalent cyber threat, more mechanisms to protect operating systems
More informationCS 333 Introduction to Operating Systems. Class 3 Threads & Concurrency. Jonathan Walpole Computer Science Portland State University
CS 333 Introduction to Operating Systems Class 3 Threads & Concurrency Jonathan Walpole Computer Science Portland State University 1 The Process Concept 2 The Process Concept Process a program in execution
More informationExplicit Information Flow in the HiStar OS. Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, David Mazières
Explicit Information Flow in the HiStar OS Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, David Mazières Too much trusted software Untrustworthy code a huge problem Users willingly run malicious
More informationLecture files in /home/hwang/cs375/lecture05 on csserver.
Lecture 5 Lecture files in /home/hwang/cs375/lecture05 on csserver. cp -r /home/hwang/cs375/lecture05. scp -r user@csserver.evansville.edu:/home/hwang/cs375/lecture05. Project 1 posted, due next Thursday
More informationOutline. Security as an economic good. Risk budgeting with ALE. Failure: Risk compensation. Failure: Displacement activity
CSci 5271 Introduction to Computer Security Day 2: Intro to Software and OS Security Stephen McCamant University of Minnesota, Computer Science & Engineering Security as an economic good Security is a
More informationIntroduction to C. Zhiyuan Teo. Cornell CS 4411, August 26, Geared toward programmers
Introduction to C Geared toward programmers Zhiyuan Teo Slide heritage: Alin Dobra Niranjan Nagarajan Owen Arden Robert Escriva Cornell CS 4411, August 26, 2011 1 Administrative Information 2 Why C? 3
More informationSystems Programming. COSC Software Tools. Systems Programming. High-Level vs. Low-Level. High-Level vs. Low-Level.
Systems Programming COSC 2031 - Software Tools Systems Programming (K+R Ch. 7, G+A Ch. 12) The interfaces we use to work with the operating system In this case: Unix Programming at a lower-level Systems
More informationADVANCED OPERATING SYSTEMS
ADVANCED OPERATING SYSTEMS UNIT I INTRODUCTION TO UNIX/LINUX KERNEL BY MR.PRASAD SAWANT Prof.Prasad Sawant,Assitiant Professor,Dept. Of CS PCCCS PREREQUISITES: 1. Working knowledge of C programming. 2.
More informationReading Assignment 4. n Chapter 4 Threads, due 2/7. 1/31/13 CSE325 - Processes 1
Reading Assignment 4 Chapter 4 Threads, due 2/7 1/31/13 CSE325 - Processes 1 What s Next? 1. Process Concept 2. Process Manager Responsibilities 3. Operations on Processes 4. Process Scheduling 5. Cooperating
More information