CYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions
|
|
- Rosalyn Page
- 5 years ago
- Views:
Transcription
1 CYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions Instructor: Dr. Kun Sun 1
2 Secure Coding String management Pointer Subterfuge Dynamic memory management Integer security Formatted output Race conditions Web security 2
3 Concurrency Concurrency occurs when two or more separate execution flows are able to run simultaneously. Examples of independent execution flows include threads, processes, and tasks. Concurrent execution of multiple flows of execution is an essential part of a modern computing environment. 3
4 Race Conditions An unanticipated execution ordering of concurrent flows that results in undesired behavior is called a race condition a software defect and frequent source of vulnerabilities. Race conditions result from runtime environments, including operating systems, that must control access to shared resources, especially through process scheduling. 4
5 Conditions for Race Condition Race condition needs: Concurrency There must be at least two control flows executing concurrently. Shared Object A shared race object must be accessed by both of the concurrent flows. Change State At least one of the control flows must alter the state of the race object. 5
6 Example: Failure Sketch for Apache Bug #
7 Deadlock vs. Livelock Deadlock: Two processes are unable to proceed because each is waiting for the others to do something. System comes to a halt. Livelock: Two processes continuously change their states in response to changes in the other process without doing any useful work System continues to work. 7
8 Deadlock/Livelock Example digitizer() { image_type dig_image; int tail = 0; loop { /* begin loop */ grab(dig_image); Livelock thread_mutex_lock(buflock); while (bufavail == 0){} thread_mutex_unlock(buflock); frame_buf[tail mod MAX] = dig_image; tail = tail + 1; thread_mutex_lock(buflock); bufavail = bufavail - 1; thread_mutex_unlock(buflock); } /* end loop */ } tracker() { } image_type track_image; int head = 0; loop { /* begin loop */ thread_mutex_lock(buflock); while (bufavail == MAX){} thread_mutex_unlock(buflock); track_image = frame_buf[head mod MAX]; head = head + 1; thread_mutex_lock(buflock); bufavail = bufavail + 1; thread_mutex_unlock(buflock); analyze(track_image); } /* end loop */ Deadlock 8
9 Time of Check to Time of Use (TOCTTOU) 9
10 Definitions TOCTTOU Time of Check To Time of Use Check Establish some precondition (invariant), e.g., access permission Use Operate on the object assuming that the invariant is still valid Essentially a race condition Most famously in the file system, but can occur in any concurrent system 10
11 UNIX File System Security Access control: user should only be able to access a file if he has the permission to do so But what if user is running as setuid-root? E.g., a printing program is usually setuid-root in order to access the printer device Runs as if the user had root privileges But a root user can access any file! How does the printing program know that the user has the right to read (and print) any given file? UNIX has a special access() system call 11
12 Race Between Access Checking and File Open #include <stdio.h> #include <unistd.h> int main(int argc, char *argv[]) { FILE *fd; if (access("/some_file", W_OK) == 0) { printf("access granted.\n"); fd = fopen("/some_file", "wb+"); } /* write to the file */ fclose(fd); }... return 0; The access() function is called to check if the file exists and has write permission. 12
13 Race Between Access Checking and File Open #include <stdio.h> #include <unistd.h> int main(int argc, char *argv[]) { FILE *fd; if (access("/some_file", W_OK) == 0) { printf("access granted.\n"); fd = fopen("/some_file", "wb+"); /* write to the file */ fclose(fd); } }... return 0; the file is opened for writing 13
14 Race Between Access Checking and File Open #include <stdio.h> #include <unistd.h> int main(int argc, char *argv[]) { FILE *fd; if (access("/some_file", W_OK) == 0) { printf("access granted.\n"); fd = fopen("/some_file", "wb+"); /* write to the file */ fclose(fd); } }... return 0; Race window between checking for access and opening file. 14
15 access()/open() Vulnerability An external process can change or replace the ownership of some_file. If this program is running with an effective user ID (UID) of root, the replacement file is opened and written to. If an attacker can replace some_file with a link during the race window, this code can be exploited to write to any file of the attacker s choosing. E.g., #rm /some_file #ln /myfile /some_file 15
16 access()/open() Exploit Goal: trick setuid-root program into opening a normally inaccessible file Create a symbolic link to a harmless user file access() will say that file is Ok to read After access(), but before open() switch symbolic link to point to /etc/shadow /etc/shadow is a root-readable password file Attack program must run concurrently with the victim and switch the link at exactly the right time Interrupt victim between access() and open() 16
17 Run as root Sendmail Example Operate on files owned by normal users Check /home/abc/mailbox a symbolic link? Yes Error handling No Establishing the invariant: /home/abc/mailbox is NOT a symbolic link Use Append the new message to /home/abc/mailbox Assuming the invariant still holds 17
18 Sendmail Vulnerability: An Example Sendmail (root) Time Attacker (abc) Check Use /home/abc/mailbox a symbolic link? No Append the new message to /home/abc/mailbox (actually to /etc/passwd) Delete /home/abc/mailbox Create symbolic link mailbox, pointing to /etc/passwd Effect: The attacker may get unauthorized root access! 18
19 Evading System Call Interposition TOCTTOU and race conditions can be used to evade system call interposition by sharing state Example: when two Linux threads share file system information, they share their root directories and current working directory Thread A s current working directory is /tmp Thread A calls open( shadow ); B calls chdir( /etc ) Both look harmless; system monitor permits both calls open( shadow ) executes with /etc as working directory A s call now opens /etc/shadow oops! 19
20 How Hard Is It to Win a Race? Idea: force victim program to perform an expensive I/O operation While waiting for I/O to complete, victim will yield CPU to the concurrent attack program, giving it window of opportunity to switch the symlink, working dir, etc. How? Make sure that the file being accessed is not in the file system cache Force victim to traverse very deep directory structures 20
21 TOCTTOU Probabilistic Model Window of Vulnerability: the time interval between check and use (e.g., <open, chown>). Attack pattern: {detection}+ [attack] detection can be run 1 or more times attack can be run 0 or 1 time Three process states Suspended: unable to run (relinquishing CPU) Scheduled: able to run (using CPU) Finished: finished the attack actions (symbolic link replacement, etc) 21
22 22 A Probabilistic Model for Predicting TOCTTOU Attack Success Rate P (attack succeeds) = P (victim suspended) * P (attack scheduled victim suspended) * P (attack finished victim suspended) + P (victim not suspended) * P (attack scheduled victim not suspended) * P (attack finished victim not suspended) P (attack succeeds) on a multiprocessor is not less than that on a uniprocessor, because of the second part of the equation. Ø P (attack scheduled victim not suspended) = 0 on a uniprocessor Success gain due to the second part may become significant when P (victim suspended) is very small. But wait, can the attack finished?
23 P (attack finished victim not suspended) The answer = D = detection time, L = t2 - t1 (Laxity) t1 = the earliest start time for a successful detection t2 = the latest start time for a successful detection leading to a successful attack 23
24 How hard to prevent TOCTTOU? No portable, deterministic solution with current POSIX filesystem API Tactics: Static checks for dangerous pairs (compile time) Hacks to setuid programs (least privilege) Kernel detection and compensation (RaceGuard) User-mode dynamic detection Change the interface 24
25 Eliminating Race Conditions Identify race windows. A code segment accesses the race object in a way that opens a window of opportunity during which other concurrent flows could race in and alter the race object. Is a difficult problem Statically detecting race condition in a program using multiple semaphoresd is NP-complete. No efficient algorithm existing Partially relying on human debugging skills Virtually impossible to catch race conditions dynamically since it cannot examine every memory access Eliminate race conditions by making conflicting race windows mutually exclusive. 25
26 Mutual Exclusion Mutual Exclusion Only one competing thread is allowed to be in a critical section. C and C++ support several synchronization primitives: mutex variables, semaphores, pipes, named pipes, condition variables, CRITICAL_SECTION objects, lock variables. 26
3/7/18. Secure Coding. CYSE 411/AIT681 Secure Software Engineering. Race Conditions. Concurrency
Secure Coding CYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions Instructor: Dr. Kun Sun String management Pointer Subterfuge Dynamic memory management Integer security
More informationCS 380S. TOCTTOU Attacks. Don Porter. Some slides courtesy Vitaly Shmatikov and Emmett Witchel. slide 1
CS 380S TOCTTOU Attacks Don Porter Some slides courtesy Vitaly Shmatikov and Emmett Witchel slide 1 Definitions TOCTTOU Time of Check To Time of Use Check Establish some precondition (invariant), e.g.,
More informationTOCTTOU Vulnerabilities in UNIX-Style File Systems: An Anatomical Study
TOCTTOU Vulnerabilities in UNIX-Style File Systems: An Anatomical Study Jinpeng Wei and Calton Pu Georgia Institute of Technology 4th USENIX Conference on File and Storage Technologies December 15, 2005.
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Race Conditions Secure Software Programming 2 Overview Parallel execution
More informationExploiting Unix File-System Races via Algorithmic Complexity Attacks
Exploiting Unix File-System Races via Algorithmic Complexity Attacks Xiang Cai, Yuwei Gui, and Rob Johnson (Stony Brook University). IEEE Symposium on Security and Privacy, May 2009. Agenda Introduction
More informationSecure Coding in C and C++ Race conditions
Secure Coding in C and C++ Race conditions Lecture 6 Oct 1, 2014 Acknowledgement: These slides are based on author Seacord s original presentation Concurrency and Race condition Concurrency Execution of
More informationExecution of Multiple flows (threads, processes, tasks, etc) If not controlled can lead to nondeterministic behavior
Race Conditions March 27, 2006 March 27, 2006 Concurrency Concurrency and Race condition Execution of Multiple flows (threads, processes, tasks, etc) If not controlled can lead to nondeterministic behavior
More informationMS Windows Concurrency Mechanisms Prepared By SUFIAN MUSSQAA AL-MAJMAIE
MS Windows Concurrency Mechanisms Prepared By SUFIAN MUSSQAA AL-MAJMAIE 163103058 April 2017 Basic of Concurrency In multiple processor system, it is possible not only to interleave processes/threads but
More informationSymlink attacks. Do not assume that symlinks are trustworthy: Example 1
Symlink attacks Do not assume that symlinks are trustworthy: Example 1 Application A creates a file for writing in /tmp. It assumes that since the file name is unusual, or because it encodes A's name or
More informationRace Condition Vulnerability Lab
Concordia Institute for Information Systems Engineering - INSE 6130 1 Race Condition Vulnerability Lab Copyright c 2006-2012 Wenliang Du, Syracuse University. The development of this document is funded
More informationConcurrency: a crash course
Chair of Software Engineering Carlo A. Furia, Marco Piccioni, Bertrand Meyer Concurrency: a crash course Concurrent computing Applications designed as a collection of computational units that may execute
More informationPOSIX Threads: a first step toward parallel programming. George Bosilca
POSIX Threads: a first step toward parallel programming George Bosilca bosilca@icl.utk.edu Process vs. Thread A process is a collection of virtual memory space, code, data, and system resources. A thread
More informationCS 3305 Intro to Threads. Lecture 6
CS 3305 Intro to Threads Lecture 6 Introduction Multiple applications run concurrently! This means that there are multiple processes running on a computer Introduction Applications often need to perform
More informationCS420: Operating Systems
Threads James Moscola Department of Physical Sciences York College of Pennsylvania Based on Operating System Concepts, 9th Edition by Silberschatz, Galvin, Gagne Threads A thread is a basic unit of processing
More informationOperating System Architecture. CS3026 Operating Systems Lecture 03
Operating System Architecture CS3026 Operating Systems Lecture 03 The Role of an Operating System Service provider Provide a set of services to system users Resource allocator Exploit the hardware resources
More informationSecure Architecture Principles
Computer Security Course. Secure Architecture Principles Slides credit: Dan Boneh What Happens if you can t drop privilege? In what example scenarios does this happen? A service loop E.g., ssh Solution?
More informationSysSec. Aurélien Francillon
SysSec Aurélien Francillon francill@eurecom.fr https://www.krackattacks.com/ https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-ofhigh-security-keys-750k-estonian-ids/
More informationIT 540 Operating Systems ECE519 Advanced Operating Systems
IT 540 Operating Systems ECE519 Advanced Operating Systems Prof. Dr. Hasan Hüseyin BALIK (5 th Week) (Advanced) Operating Systems 5. Concurrency: Mutual Exclusion and Synchronization 5. Outline Principles
More informationSECURE PROGRAMMING TECHNIQUES. Race conditions. General terms. File access races. Network races. Multithreading. Signal handling races MEELIS ROOS 1
Race conditions General terms File access races Network races Multithreading Signal handling races MEELIS ROOS 1 General terms Race condition correctness of the program depends on timing (race with an
More informationCS533 Concepts of Operating Systems. Jonathan Walpole
CS533 Concepts of Operating Systems Jonathan Walpole Introduction to Threads and Concurrency Why is Concurrency Important? Why study threads and concurrent programming in an OS class? What is a thread?
More informationPortably Preventing File Race Attacks with User-Mode Path Resolution
Portably Preventing File Race Attacks with User-Mode Path Resolution Dan Tsafrir Tomer Hertz David Wagner Dilma Da Silva IBM Research Microsoft Research UC Berkeley IBM Research dilmasilva@us.ibm.com TOCTTOU
More informationCIS Operating Systems File Systems Security. Professor Qiang Zeng Fall 2017
CIS 5512 - Operating Systems File Systems Security Professor Qiang Zeng Fall 2017 Previous class File and directory Hard link and soft link Mount Layered structure File system design Naïve: linked list
More informationProcesses. Johan Montelius KTH
Processes Johan Montelius KTH 2017 1 / 47 A process What is a process?... a computation a program i.e. a sequence of operations a set of data structures a set of registers means to interact with other
More informationConcurrency, Mutual Exclusion and Synchronization C H A P T E R 5
Concurrency, Mutual Exclusion and Synchronization C H A P T E R 5 Multiple Processes OS design is concerned with the management of processes and threads: Multiprogramming Multiprocessing Distributed processing
More informationA process. the stack
A process Processes Johan Montelius What is a process?... a computation KTH 2017 a program i.e. a sequence of operations a set of data structures a set of registers means to interact with other processes
More informationCS140 Operating Systems Final December 12, 2007 OPEN BOOK, OPEN NOTES
CS140 Operating Systems Final December 12, 2007 OPEN BOOK, OPEN NOTES Your name: SUNet ID: In accordance with both the letter and the spirit of the Stanford Honor Code, I did not cheat on this exam. Furthermore,
More informationOperating Systems (2INC0) 2018/19. Introduction (01) Dr. Tanir Ozcelebi. Courtesy of Prof. Dr. Johan Lukkien. System Architecture and Networking Group
Operating Systems (2INC0) 20/19 Introduction (01) Dr. Courtesy of Prof. Dr. Johan Lukkien System Architecture and Networking Group Course Overview Introduction to operating systems Processes, threads and
More informationIntroduction to OS Synchronization MOS 2.3
Introduction to OS Synchronization MOS 2.3 Mahmoud El-Gayyar elgayyar@ci.suez.edu.eg Mahmoud El-Gayyar / Introduction to OS 1 Challenge How can we help processes synchronize with each other? E.g., how
More informationUNIX Input/Output Buffering
UNIX Input/Output Buffering When a C/C++ program begins execution, the operating system environment is responsible for opening three files and providing file pointers to them: stdout standard output stderr
More informationCS 5523 Operating Systems: Midterm II - reivew Instructor: Dr. Tongping Liu Department Computer Science The University of Texas at San Antonio
CS 5523 Operating Systems: Midterm II - reivew Instructor: Dr. Tongping Liu Department Computer Science The University of Texas at San Antonio Fall 2017 1 Outline Inter-Process Communication (20) Threads
More informationIS 2150 / TEL 2810 Information Security & Privacy
IS 2150 / TEL 2810 Information Security & Privacy James Joshi Associate Professor, SIS Lecture 10 Nov 6, 2013 Malicious Code Vulnerability related to String, Race Conditions 1 Objectives Understand/explain
More informationDynamic Detection and Prevention of Race Conditions in File Accesses
Dynamic Detection and Prevention of Race Conditions in File Accesses Eugene Tsyrklevich eugene@securityarchitects.com Outline What are race conditions? How can we prevent them? Implementation description
More informationComputer Architecture and Operating Systems Course: International University Bremen Date: Final Examination
Computer Architecture and Operating Systems Course: 320202 International University Bremen Date: 2006-05-22 Dr. Jürgen Schönwälder Type: open book Final Examination Problem F.1: operating systems (2+2+2+2+2=10
More informationOperating Systems Security
Operating Systems Security CS 166: Introduction to Computer Systems Security 1 Acknowledgements Materials from the CS167 lecture slides by Tom Doeppner included with permission Some slides 2016-2018 J.
More informationProcess Synchronisation (contd.) Operating Systems. Autumn CS4023
Operating Systems Autumn 2017-2018 Outline Process Synchronisation (contd.) 1 Process Synchronisation (contd.) Synchronization Hardware 6.4 (SGG) Many systems provide hardware support for critical section
More informationWhat is the Race Condition? And what is its solution? What is a critical section? And what is the critical section problem?
What is the Race Condition? And what is its solution? Race Condition: Where several processes access and manipulate the same data concurrently and the outcome of the execution depends on the particular
More informationMULTITHREADING AND SYNCHRONIZATION. CS124 Operating Systems Fall , Lecture 10
MULTITHREADING AND SYNCHRONIZATION CS124 Operating Systems Fall 2017-2018, Lecture 10 2 Critical Sections Race conditions can be avoided by preventing multiple control paths from accessing shared state
More informationOperating Systems. Lecture 4 - Concurrency and Synchronization. Master of Computer Science PUF - Hồ Chí Minh 2016/2017
Operating Systems Lecture 4 - Concurrency and Synchronization Adrien Krähenbühl Master of Computer Science PUF - Hồ Chí Minh 2016/2017 Mutual exclusion Hardware solutions Semaphores IPC: Message passing
More informationSystem Call System Program Linker/Loader with Examples Types of computing Environment
CS341: Operating System Lect06 : 13 th Aug 2014 System Program Linker/Loader with Examples Types of computing Environment Dr A Sahu Dept of Comp Sc & Engg Indian Institute of Technology Guwahati 1 2 OS
More informationCSE 333 SECTION 3. POSIX I/O Functions
CSE 333 SECTION 3 POSIX I/O Functions Administrivia Questions (?) HW1 Due Tonight Exercise 7 due Monday (out later today) POSIX Portable Operating System Interface Family of standards specified by the
More informationAdvanced Systems Security: Ordinary Operating Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationADVANCED OPERATING SYSTEMS
ADVANCED OPERATING SYSTEMS UNIT I INTRODUCTION TO UNIX/LINUX KERNEL BY MR.PRASAD SAWANT Prof.Prasad Sawant,Assitiant Professor,Dept. Of CS PCCCS PREREQUISITES: 1. Working knowledge of C programming. 2.
More informationComputer Security. 04r. Pre-exam 1 Concept Review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 04r. Pre-exam 1 Concept Review Paul Krzyzanowski Rutgers University Spring 2018 February 15, 2018 CS 419 2018 Paul Krzyzanowski 1 Key ideas from the past four lectures February 15, 2018
More informationOperating System Overview. Chapter 2
Operating System Overview Chapter 2 1 Operating System A program that controls the execution of application programs An interface between applications and hardware 2 Operating System Objectives Convenience
More informationIntroduction to Real-Time Operating Systems
Introduction to Real-Time Operating Systems GPOS vs RTOS General purpose operating systems Real-time operating systems GPOS vs RTOS: Similarities Multitasking Resource management OS services to applications
More informationConcept of a process
Concept of a process In the context of this course a process is a program whose execution is in progress States of a process: running, ready, blocked Submit Ready Running Completion Blocked Concurrent
More informationCSCE 313 Introduction to Computer Systems. Instructor: Dezhen Song Spring 2015
CSCE 313 Introduction to Computer Systems Instructor: Dezhen Song Spring 2015 Introduction to OSs What is an Operating System? Architectural Support for Operating Systems System Calls Basic Organization
More informationLecture #7: Implementing Mutual Exclusion
Lecture #7: Implementing Mutual Exclusion Review -- 1 min Solution #3 to too much milk works, but it is really unsatisfactory: 1) Really complicated even for this simple example, hard to convince yourself
More informationCS 333 Introduction to Operating Systems. Class 3 Threads & Concurrency. Jonathan Walpole Computer Science Portland State University
CS 333 Introduction to Operating Systems Class 3 Threads & Concurrency Jonathan Walpole Computer Science Portland State University 1 The Process Concept 2 The Process Concept Process a program in execution
More informationOPERATING SYSTEM TRANSACTIONS
OPERATING SYSTEM TRANSACTIONS Donald E. Porter, Owen S. Hofmann, Christopher J. Rossbach, Alexander Benn, and Emmett Witchel The University of Texas at Austin OS APIs don t handle concurrency 2 OS is weak
More informationCSCE-313 Introduction to Computer Systems
CSCE 313 to Computer Systems Instructor: Guofei Gu http://courses.cse.tamu.edu/guofei/csce313/ to OSs What is an Operating System? Architectural Support for Operating Systems System Calls Basic Organization
More informationSynchronization for Concurrent Tasks
Synchronization for Concurrent Tasks Minsoo Ryu Department of Computer Science and Engineering 2 1 Race Condition and Critical Section Page X 2 Algorithmic Approaches Page X 3 Hardware Support Page X 4
More informationNon-atomic check and use aka TOCTOU (Time of Check, Time of Use) or race conditions. Erik Poll Digital Security group Radboud University Nijmegen
Non-atomic check and use aka TOCTOU (Time of Check, Time of Use) or race conditions Erik Poll Digital Security group Radboud University Nijmegen A classic source of (security) problems race condition aka
More informationThread. Disclaimer: some slides are adopted from the book authors slides with permission 1
Thread Disclaimer: some slides are adopted from the book authors slides with permission 1 IPC Shared memory Recap share a memory region between processes read or write to the shared memory region fast
More informationOperating Systems Overview. Chapter 2
1 Operating Systems Overview 2 Chapter 2 3 An operating System: The interface between hardware and the user From the user s perspective: OS is a program that controls the execution of application programs
More informationMultithreaded Programming
Multithreaded Programming The slides do not contain all the information and cannot be treated as a study material for Operating System. Please refer the text book for exams. September 4, 2014 Topics Overview
More informationIntroduction to Security
IS 2150 / TEL 2810 Introduction to Security James Joshi Associate Professor, SIS Lecture 11 Nov 30, 2010 Vulnerability related to Integers. String, Race Conditions 1 Objectives Understand/explain issues
More informationCS342 - Spring 2019 Project #3 Synchronization and Deadlocks
CS342 - Spring 2019 Project #3 Synchronization and Deadlocks Assigned: April 2, 2019. Due date: April 21, 2019, 23:55. Objectives Practice multi-threaded programming. Practice synchronization: mutex and
More informationCSE Traditional Operating Systems deal with typical system software designed to be:
CSE 6431 Traditional Operating Systems deal with typical system software designed to be: general purpose running on single processor machines Advanced Operating Systems are designed for either a special
More information518 Lecture Notes Week 3
518 Lecture Notes Week 3 (Sept. 15, 2014) 1/8 518 Lecture Notes Week 3 1 Topics Process management Process creation with fork() Overlaying an existing process with exec Notes on Lab 3 2 Process management
More informationCapability and System Hardening
P a g e 1 Date Assigned: mm/dd/yyyy Date Due: mm/dd/yyyy by hh:mm Educational Objectives Capability and System Hardening This lab is designed to help you gain a better understanding of system hardening
More informationPre-lab #2 tutorial. ECE 254 Operating Systems and Systems Programming. May 24, 2012
Pre-lab #2 tutorial ECE 254 Operating Systems and Systems Programming May 24, 2012 Content Concurrency Concurrent Programming Thread vs. Process POSIX Threads Synchronization and Critical Sections Mutexes
More informationChapter 5 Concurrency: Mutual Exclusion. and. Synchronization. Operating Systems: Internals. and. Design Principles
Operating Systems: Internals and Design Principles Chapter 5 Concurrency: Mutual Exclusion and Synchronization Seventh Edition By William Stallings Designing correct routines for controlling concurrent
More informationCS 333 Introduction to Operating Systems. Class 3 Threads & Concurrency. Jonathan Walpole Computer Science Portland State University
CS 333 Introduction to Operating Systems Class 3 Threads & Concurrency Jonathan Walpole Computer Science Portland State University 1 Process creation in UNIX All processes have a unique process id getpid(),
More information10/17/2011. Cooperating Processes. Synchronization 1. Example: Producer Consumer (3) Example
Cooperating Processes Synchronization 1 Chapter 6.1 4 processes share something (devices such as terminal, keyboard, mouse, etc., or data structures) and can affect each other non deterministic Not exactly
More informationSystems software design. Processes, threads and operating system resources
Systems software design Processes, threads and operating system resources Who are we? Krzysztof Kąkol Software Developer Jarosław Świniarski Software Developer Presentation based on materials prepared
More informationAgenda. Threads. Single and Multi-threaded Processes. What is Thread. CSCI 444/544 Operating Systems Fall 2008
Agenda Threads CSCI 444/544 Operating Systems Fall 2008 Thread concept Thread vs process Thread implementation - user-level - kernel-level - hybrid Inter-process (inter-thread) communication What is Thread
More informationCS 5523: Operating Systems
CS 5523: Operating Systems Instructor: Dr. Tongping Liu Midterm Exam: Oct 6, 2015, Tuesday 7:15pm 8:30pm CS5523: Operating Systems @ UTSA 1 Lecture1: OS Overview Operating System: what is it?! Evolution
More informationCS 333 Introduction to Operating Systems. Class 4 Concurrent Programming and Synchronization Primitives
CS 333 Introduction to Operating Systems Class 4 Concurrent Programming and Synchronization Primitives Jonathan Walpole Computer Science Portland State University 1 Concurrent programming Assumptions:
More informationPROCESS CONTROL BLOCK TWO-STATE MODEL (CONT D)
MANAGEMENT OF APPLICATION EXECUTION PROCESS CONTROL BLOCK Resources (processor, I/O devices, etc.) are made available to multiple applications The processor in particular is switched among multiple applications
More informationCS 333 Introduction to Operating Systems Class 4 Concurrent Programming and Synchronization Primitives
CS 333 Introduction to Operating Systems Class 4 Concurrent Programming and Synchronization Primitives Jonathan Walpole Computer Science Portland State University 1 What does a typical thread API look
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Inter-process Communication (IPC) Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) Recall Process vs. Thread A process is
More informationCS510 Operating System Foundations. Jonathan Walpole
CS510 Operating System Foundations Jonathan Walpole Threads & Concurrency 2 Why Use Threads? Utilize multiple CPU s concurrently Low cost communication via shared memory Overlap computation and blocking
More informationWhat s An OS? Cyclic Executive. Interrupts. Advantages Simple implementation Low overhead Very predictable
What s An OS? Provides environment for executing programs Process abstraction for multitasking/concurrency scheduling Hardware abstraction layer (device drivers) File systems Communication Do we need an
More informationCPSC/ECE 3220 Fall 2017 Exam Give the definition (note: not the roles) for an operating system as stated in the textbook. (2 pts.
CPSC/ECE 3220 Fall 2017 Exam 1 Name: 1. Give the definition (note: not the roles) for an operating system as stated in the textbook. (2 pts.) Referee / Illusionist / Glue. Circle only one of R, I, or G.
More informationSYNCHRONIZATION M O D E R N O P E R A T I N G S Y S T E M S R E A D 2. 3 E X C E P T A N D S P R I N G 2018
SYNCHRONIZATION M O D E R N O P E R A T I N G S Y S T E M S R E A D 2. 3 E X C E P T 2. 3. 8 A N D 2. 3. 1 0 S P R I N G 2018 INTER-PROCESS COMMUNICATION 1. How a process pass information to another process
More informationMonitors; Software Transactional Memory
Monitors; Software Transactional Memory Parallel and Distributed Computing Department of Computer Science and Engineering (DEI) Instituto Superior Técnico October 18, 2012 CPD (DEI / IST) Parallel and
More informationFractal: A Software Toolchain for Mapping Applications to Diverse, Heterogeneous Architecures
Fractal: A Software Toolchain for Mapping Applications to Diverse, Heterogeneous Architecures University of Virginia Dept. of Computer Science Technical Report #CS-2011-09 Jeremy W. Sheaffer and Kevin
More informationOperating System Structure
Operating System Structure Heechul Yun Disclaimer: some slides are adopted from the book authors slides with permission Recap: Memory Hierarchy Fast, Expensive Slow, Inexpensive 2 Recap Architectural support
More informationWeek11: Race Conditions
Week11: Race Conditions Pascal Meunier, Ph.D., M.Sc., CISSP March 28, 2007 Developed thanks to the support of Symantec Corporation, NSF SFS Capacity Building Program (Award Number 0113725) and the Purdue
More informationMonitors; Software Transactional Memory
Monitors; Software Transactional Memory Parallel and Distributed Computing Department of Computer Science and Engineering (DEI) Instituto Superior Técnico March 17, 2016 CPD (DEI / IST) Parallel and Distributed
More informationC and C++ Secure Coding 4-day course. Syllabus
C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course
More informationCase Studies in Access Control
Joint software development Mail 1 / 38 Situations Roles Permissions Why Enforce Access Controls? Unix Setup Windows ACL Setup Reviewer/Tester Access Medium-Size Group Basic Structure Version Control Systems
More informationUNIT I Linux Utilities
UNIT I Linux Utilities 1. a) How does Linux differ from Unix? Discuss the features of Linux. 5M b) Explain various text processing utilities, with a suitable example for each. 5M 2. a) Explain briefly
More informationINF 212 ANALYSIS OF PROG. LANGS CONCURRENCY. Instructors: Crista Lopes Copyright Instructors.
INF 212 ANALYSIS OF PROG. LANGS CONCURRENCY Instructors: Crista Lopes Copyright Instructors. Basics Concurrent Programming More than one thing at a time Examples: Network server handling hundreds of clients
More informationConcurrency Race Conditions and Deadlocks
Concurrency Race Conditions and Deadlocks Kartik Gopalan Chapters 2 (2.3) and 6 Tanenbaum s Modern OS Sequential Loosely, doing many things, but one after another E.g. Finish one assignment, then another
More informationHardware. Ahmet Burak Can Hacettepe University. Operating system. Applications programs. Users
Operating System Security Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr Computer System Components Hardware Provides basic computing resources (CPU, memory, I/O devices). Operating system Controls
More informationCS 300 Leftovers. CS460 Pacific University 1
CS 300 Leftovers Pacific University 1 argc/argv The C Programming Language section 5.10, page 114 int main(int argc, char** argv) argc - number of entries in argv argv - array of character pointers containing
More informationDetermining the Fundamental Basis of Software Vulnerabilities. Larry Wagoner NSA
Determining the Fundamental Basis of Software Vulnerabilities Larry Wagoner NSA Agenda Background Analogous background Matt Bishop work CWEs Tool reporting of CWEs KDM Analytics Determining the fundamental
More informationCPSC 341 OS & Networks. Introduction. Dr. Yingwu Zhu
CPSC 341 OS & Networks Introduction Dr. Yingwu Zhu What to learn? Concepts Processes, threads, multi-processing, multithreading, synchronization, deadlocks, CPU scheduling, networks, security Practice:
More informationAdvanced Systems Security: Ordinary Operating Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationCSE 333 SECTION 3. POSIX I/O Functions
CSE 333 SECTION 3 POSIX I/O Functions Administrivia Questions (?) HW1 Due Tonight HW2 Due Thursday, July 19 th Midterm on Monday, July 23 th 10:50-11:50 in TBD (And regular exercises in between) POSIX
More informationEI 338: Computer Systems Engineering (Operating Systems & Computer Architecture)
EI 338: Computer Systems Engineering (Operating Systems & Computer Architecture) Dept. of Computer Science & Engineering Chentao Wu wuct@cs.sjtu.edu.cn Download lectures ftp://public.sjtu.edu.cn User:
More informationTHREADS AND CONCURRENCY
THREADS AND CONCURRENCY Lecture 22 CS2110 Spring 2013 Graphs summary 2 Dijkstra: given a vertex v, finds shortest path from v to x for each vertex x in the graph Key idea: maintain a 5-part invariant on
More informationCS5460: Operating Systems
CS5460: Operating Systems Lecture 5: Processes and Threads (Chapters 3-4) Context Switch Results lab2-15 gamow home 3.8 us 1.6 us 1.0 us VirtualBox on lab2-25 VirtualBox on gamow VirtualBox on home 170
More informationDeadlock. Concurrency: Deadlock and Starvation. Reusable Resources
Concurrency: Deadlock and Starvation Chapter 6 Deadlock Permanent blocking of a set of processes that either compete for system resources or communicate with each other No efficient solution Involve conflicting
More informationReview: Easy Piece 1
CS 537 Lecture 10 Threads Michael Swift 10/9/17 2004-2007 Ed Lazowska, Hank Levy, Andrea and Remzi Arpaci-Dussea, Michael Swift 1 Review: Easy Piece 1 Virtualization CPU Memory Context Switch Schedulers
More informationOperating System. Operating System Overview. Layers of Computer System. Operating System Objectives. Services Provided by the Operating System
Operating System Operating System Overview Chapter 2 A program that controls the execution of application programs An interface between applications and hardware 1 2 Operating System Objectives Layers
More informationOperating System Overview. Operating System
Operating System Overview Chapter 2 1 Operating System A program that controls the execution of application programs An interface between applications and hardware 2 1 Operating System Objectives Convenience
More informationDealing with Issues for Interprocess Communication
Dealing with Issues for Interprocess Communication Ref Section 2.3 Tanenbaum 7.1 Overview Processes frequently need to communicate with other processes. In a shell pipe the o/p of one process is passed
More information