SlideShare uma empresa Scribd logo

Plan for Today's Class

Transferir como PPTX, PDF
David Evans
David Evans

The document discusses a plan for the day which includes topics on backdoors in Linux and Rust, a talk by Nishant, and the midterm exam. It then goes into details on the talk topics - discussing a past attempted Linux backdoor, whether a backdoor could be introduced in Rust, and Thompson's "Trusting Trust" speech. It also provides details on the midterm format and answers questions from students. Finally, it discusses the dining philosophers problem and shows an example implementation using a binary semaphore in Rust.

TecnologiaEducação
1 de 35
Plan for Today • Backdoors in Linux and Rust? • Nishant’s Talk Today • Midterm – Last chance to ask questions on anything we’ve covered so far (until after Midterm) • Dining Philosophers 10 October 2013 University of Virginia cs4414 1
Is there a backdoor in the Linux kernel? 10 October 2013 University of Virginia cs4414 2
Detected Nearly Successful Attempt (2003) 10 October 2013 University of Virginia cs4414 3 https://freedom-to-tinker.com/blog/felten/the-linux-backdoor-attempt-of-2003/ if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = -EINVAL; Code added to wait4 (kernel-level) program to “support new options for root-level user”:
10 October 2013 University of Virginia cs4414 4
10 October 2013 University of Virginia cs4414 5
Could this happen with Rust? 10 October 2013 University of Virginia cs4414 6 if ((options == (__WCLONE|__WALL)) && (current_uid = 0)) { retval = -EINVAL; } gash> rustc assign.rs assign.rs:9:42: 9:60 error: mismatched types: expected `bool` but found `()` (expected bool but found ()) assign.rs:9 if ((options == (__WCLONE|__WALL)) && (current_uid = 0)) { ^~~~~~~~~~~~~~~~~~ error: aborting due to previous error
How hard would it be to place a “backdoor” in Rust? 10 October 2013 University of Virginia cs4414 7 Constructing a backdoor in Rust: any Rust program that does not use unsafe, but for which the compiler outputs a binary that is not type safe.
10 October 2013 University of Virginia cs4414 8 Ken Thompson’s 1983 Turing Award Acceptance Speech
Thompson’s “Trusting Trust” 10 October 2013 University of Virginia cs4414 9 Introduce a compiler bug will recognize “login” and compile it to include a backdoor login Bootstrap compiler Remove evidence of bug – its baked into future compilers through the bootstrapped binary!
10 October 2013 University of Virginia cs4414 10 Possible project idea: verify or (more likely) disprove this!
Nishant’s Talk Today! 10 October 2013 University of Virginia cs4414 11 6pm, Olsson 120
Midterm Exam Out now: https://docs.google.com/forms/d/113q31QJ3X-56XGXrElH_BCZts31qzKFxRbN57Cuyt0k/ 10 October 2013 University of Virginia cs4414 12 (Easier to follow link will be available shortly after class today.) 6 short answer questions (taken or adapted from the class notes) 1 longer answer synthesis question 1 programming question
Efficient Grading Algorithm 10 October 2013 University of Virginia cs4414 13 use std::rand; fn grade_midterm(answers: [~str]) -> float { let numq = answers.length; let urand = rand::random::<uint>() % numq; if good_answer(answers[urand]) { 1.0 } else if good_answer(answers[(urand + 1) % numq]) && good_answer(answers[(urand + 2) % numq]) { 1.0 } else { … // grade all answers } }
Efficient Grading Algorithm + Don’t Miss Interesting Answers 10 October 2013 University of Virginia cs4414 14 use std::rand; fn grade_midterm(answers: [~str]) -> float { if (/* answered question 9 */) return great_answer(answers[9]) && possibly look at other answers let numq = answers.length; let urand = rand::random::<uint>() % numq; if good_answer(answers[urand]) { 1.0 } else if good_answer(answers[(urand + 1) % numq]) && good_answer(answers[(urand + 2) % numq]) { 1.0 } else { … // grade all answers } }
Questions about Midterm 10 October 2013 University of Virginia cs4414 15
10 October 2013 University of Virginia cs4414 16 Edsger Dijkstra (1930-2002) Sir Tony Hoare (born 1934)
10 October 2013 University of Virginia cs4414 17
10 October 2013 University of Virginia cs4414 18 Heraclitus Socrates Plato Aristotle Euclid 5 Dining Philosophers 5 Chopsticks (one between each pair) Need 2 chopsticks to eat
Djikstra’s (Hygenic) Version 10 October 2013 University of Virginia cs4414 19 In the canonical problem of the five dining philosophers, the philosophers, each of which alternatingly “thinks” and “eats”, are arranged cyclically, and no two neighbours may eat simultaneously. This constraint can be represented by placing the philosophers at the edges of a regular pentagon, each edge representing a pair- wise exclusion constraint between the two philosophers situated at its ends. Is this equivalent to the shared chopsticks?
Solution Desiderata • No communication required • No deadlock • No starvation: everyone gets to eat eventually • Fair: each philosopher has equal likelihood of getting to eat 10 October 2013 University of Virginia cs4414 20
10 October 2013 University of Virginia cs4414 21 Heraclitus Socrates Plato Aristotle Euclid Could all the philosophers starve?
10 October 2013 University of Virginia cs4414 22
Dijkstra’s Solution (Idea) Number the chopsticks, always grab lower- numbered stick first Does it matter how the chopsticks are numbered? 10 October 2013 University of Virginia cs4414 23
How does UVaCOLLAB solve this? 10 October 2013 University of Virginia cs4414 24 “UVaCollab is an advanced web-based course and collaboration environment”
10 October 2013 University of Virginia cs4414 25 “Best Practices for Working in UVaCollab” • Don't allow multiple graders to grade the same students at the same time, although it's fine to grade different sections of students. • Don't open multiple browser tabs and windows while engaged in grading activities. • Avoid double-clicking links and buttons in UVaCollab as doing so may slow down response times. A single-click is all it takes.
The Real Challenge was to “Invent the Chopstick” Binary Semaphore Lock that can be held by up to one process 10 October 2013 University of Virginia cs4414 26
10 October 2013 University of Virginia cs4414 27 type Semaphore = Option<uint> ; // either None (available) or owner static mut count: uint = 0; // protected by lock static mut lock: Semaphore = None; fn grab_lock(id: uint) { while (lock.is_some()) { ; } // wait for lock lock = Some(id); } fn release_lock() { lock = None; } fn update_count(id: uint) { grab_lock(id); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } fn main() { for num in range(0u, 10) { do spawn { for _ in range(0u, 1000) { update_count(num); } } } }
10 October 2013 University of Virginia cs4414 28 type Semaphore = Option<uint> ; // either None (available) or owner static mut count: uint = 0; // protected by lock static mut lock: Semaphore = None; fn grab_lock(id: uint) { while (lock.is_some()) { ; } // wait for lock lock = Some(id); } fn release_lock() { lock = None; } fn update_count(id: uint) { grab_lock(id); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } fn main() { for num in range(0u, 10) { do spawn { for _ in range(0u, 1000) { update_count(num); } } } } FAIL! This is unsafe: semaphore.rs:9:11: 9:15 error: use of mutable static requires unsafe function or block semaphore.rs:9 while (lock.is_some()) { …
10 October 2013 University of Virginia cs4414 29 type Semaphore = Option<uint> ; // either None (available) or owner static mut count: uint = 0; // protected by lock static mut lock: Semaphore = None; fn grab_lock(id: uint) { unsafe { while (lock.is_some()) { ; } lock = Some(id); } } fn release_lock() { unsafe { lock = None; } } fn update_count(id: uint) { unsafe { grab_lock(id); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } } fn main() { for num in range(0u, 10) { do spawn { for _ in range(0u, 1000) { update_count(num); } } } } What will the final count be?
10 October 2013 University of Virginia cs4414 30 gash> ./semaphore > run1.txt gash> ./semaphore > run2.txt gash> ./semaphore > run3.txt gash> tail -1 run1.txt Count updated by 8u: 9968u gash> tail -1 run2.txt Count updated by 9u: 9951u gash> tail -1 run3.txt Count updated by 9u: 9950u
10 October 2013 University of Virginia cs4414 31 type Semaphore = Option<uint> ; // either None (available) or owner static mut count: uint = 0; // protected by lock static mut lock: Semaphore = None; fn grab_lock(id: uint) { unsafe { while (lock.is_some()) { ; } lock = Some(id); } } fn release_lock() { unsafe { lock = None; } } fn update_count(id: uint) { unsafe { grab_lock(id); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } } fn main() { for num in range(0u, 10) { do spawn { for _ in range(0u, 1000) { update_count(num); } } } }
10 October 2013 University of Virginia cs4414 32 fn update_count(id: uint) { unsafe { grab_lock(id); assert!(match lock { None => false, Some(lockee) => lockee == id}); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } } Count updated by 1u: 710u Count updated by 2u: 710u Count updated by 1u: 711u Count updated by 2u: 713uCount updated by 1u: 713u Count updated by 2u: 714u Count updated by 2u: 715u task <unnamed> failed at 'assertion failed: match lock { None => false, Some(lockee) => lockee == id }', semaphore.rs:26 Count updated by 2u: 716u Count updated by 2u: 717u
http://rosettacode.org/wiki/Dining_ philosophers 10 October 2013 University of Virginia cs4414 33
Charge • If you don’t want to do the midterm, contribute a satisfactory Dining Philosophers in Rust to rosettacode.org • Otherwise (unless you are already exempt by solving a challenge), submit the midterm by 11:59pm Monday, October 14 10 October 2013 University of Virginia cs4414 34

Recomendados

How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in ParadiseDavid Evans
 
First Ride on Rust
First Ride on RustFirst Ride on Rust
First Ride on RustDavid Evans
 
Scheduling
SchedulingScheduling
SchedulingDavid Evans
 
Putting a Fork in Fork (Linux Process and Memory Management)
Putting a Fork in Fork (Linux Process and Memory Management)Putting a Fork in Fork (Linux Process and Memory Management)
Putting a Fork in Fork (Linux Process and Memory Management)David Evans
 
Access Control
Access ControlAccess Control
Access ControlDavid Evans
 
RootedCON 2015 - Deep inside the Java framework Apache Struts
RootedCON 2015 - Deep inside the Java framework Apache StrutsRootedCON 2015 - Deep inside the Java framework Apache Struts
RootedCON 2015 - Deep inside the Java framework Apache Strutstestpurposes
 
Masters bioinfo 2013-11-14-15
Masters bioinfo 2013-11-14-15Masters bioinfo 2013-11-14-15
Masters bioinfo 2013-11-14-15Yannick Wurm
 
Trick-or-Treat Protocols
Trick-or-Treat ProtocolsTrick-or-Treat Protocols
Trick-or-Treat ProtocolsDavid Evans
 

Recomendados

How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in ParadiseDavid Evans
 
First Ride on Rust
First Ride on RustFirst Ride on Rust
First Ride on RustDavid Evans
 
Scheduling
SchedulingScheduling
SchedulingDavid Evans
 
Putting a Fork in Fork (Linux Process and Memory Management)
Putting a Fork in Fork (Linux Process and Memory Management)Putting a Fork in Fork (Linux Process and Memory Management)
Putting a Fork in Fork (Linux Process and Memory Management)David Evans
 
Access Control
Access ControlAccess Control
Access ControlDavid Evans
 
RootedCON 2015 - Deep inside the Java framework Apache Struts
RootedCON 2015 - Deep inside the Java framework Apache StrutsRootedCON 2015 - Deep inside the Java framework Apache Struts
RootedCON 2015 - Deep inside the Java framework Apache Strutstestpurposes
 
Masters bioinfo 2013-11-14-15
Masters bioinfo 2013-11-14-15Masters bioinfo 2013-11-14-15
Masters bioinfo 2013-11-14-15Yannick Wurm
 
Trick-or-Treat Protocols
Trick-or-Treat ProtocolsTrick-or-Treat Protocols
Trick-or-Treat ProtocolsDavid Evans
 
Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...
Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...
Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...yaevents
 
Smarter Scheduling
Smarter SchedulingSmarter Scheduling
Smarter SchedulingDavid Evans
 
Autonomous agents with deep reinforcement learning - Oredev 2018
Autonomous agents with deep reinforcement learning - Oredev 2018Autonomous agents with deep reinforcement learning - Oredev 2018
Autonomous agents with deep reinforcement learning - Oredev 2018Ali Kheyrollahi
 
JavaScript Design Patterns
JavaScript Design PatternsJavaScript Design Patterns
JavaScript Design PatternsDerek Brown
 
Java Concurrency in Practice
Java Concurrency in PracticeJava Concurrency in Practice
Java Concurrency in Practiceericbeyeler
 
The Need for Async @ ScalaWorld
The Need for Async @ ScalaWorldThe Need for Async @ ScalaWorld
The Need for Async @ ScalaWorldKonrad Malawski
 
Ontologias
OntologiasOntologias
OntologiasSérgio Santos
 
55 new things in Java 7 - Devoxx France
55 new things in Java 7 - Devoxx France55 new things in Java 7 - Devoxx France
55 new things in Java 7 - Devoxx FranceDavid Delabassee
 
AOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on itAOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on itZubair Nabi
 
Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!David Evans
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksDavid Evans
 
Hidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeHidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeDavid Evans
 
Anonymity in Bitcoin
Anonymity in BitcoinAnonymity in Bitcoin
Anonymity in BitcoinDavid Evans
 
Midterm Confirmations
Midterm ConfirmationsMidterm Confirmations
Midterm ConfirmationsDavid Evans
 
Scripting Transactions
Scripting TransactionsScripting Transactions
Scripting TransactionsDavid Evans
 
How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in ParadiseDavid Evans
 
Bitcoin Script
Bitcoin ScriptBitcoin Script
Bitcoin ScriptDavid Evans
 
Mining Economics
Mining EconomicsMining Economics
Mining EconomicsDavid Evans
 
Mining
MiningMining
MiningDavid Evans
 
The Blockchain
The BlockchainThe Blockchain
The BlockchainDavid Evans
 
Becoming More Paranoid
Becoming More ParanoidBecoming More Paranoid
Becoming More ParanoidDavid Evans
 
Asymmetric Key Signatures
Asymmetric Key SignaturesAsymmetric Key Signatures
Asymmetric Key SignaturesDavid Evans
 

Mais conteúdo relacionado

Semelhante a Plan for Today's Class

Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...
Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...
Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...yaevents
 
Smarter Scheduling
Smarter SchedulingSmarter Scheduling
Smarter SchedulingDavid Evans
 
Autonomous agents with deep reinforcement learning - Oredev 2018
Autonomous agents with deep reinforcement learning - Oredev 2018Autonomous agents with deep reinforcement learning - Oredev 2018
Autonomous agents with deep reinforcement learning - Oredev 2018Ali Kheyrollahi
 
JavaScript Design Patterns
JavaScript Design PatternsJavaScript Design Patterns
JavaScript Design PatternsDerek Brown
 
Java Concurrency in Practice
Java Concurrency in PracticeJava Concurrency in Practice
Java Concurrency in Practiceericbeyeler
 
The Need for Async @ ScalaWorld
The Need for Async @ ScalaWorldThe Need for Async @ ScalaWorld
The Need for Async @ ScalaWorldKonrad Malawski
 
55 new things in Java 7 - Devoxx France
55 new things in Java 7 - Devoxx France55 new things in Java 7 - Devoxx France
55 new things in Java 7 - Devoxx FranceDavid Delabassee
 
AOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on itAOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on itZubair Nabi
 

Semelhante a Plan for Today's Class (9)

Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...
Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...
Как мы охотимся на гонки (data races) или «найди багу до того, как она нашла ...
 
Smarter Scheduling
Smarter SchedulingSmarter Scheduling
Smarter Scheduling
 
Autonomous agents with deep reinforcement learning - Oredev 2018
Autonomous agents with deep reinforcement learning - Oredev 2018Autonomous agents with deep reinforcement learning - Oredev 2018
Autonomous agents with deep reinforcement learning - Oredev 2018
 
JavaScript Design Patterns
JavaScript Design PatternsJavaScript Design Patterns
JavaScript Design Patterns
 
Java Concurrency in Practice
Java Concurrency in PracticeJava Concurrency in Practice
Java Concurrency in Practice
 
The Need for Async @ ScalaWorld
The Need for Async @ ScalaWorldThe Need for Async @ ScalaWorld
The Need for Async @ ScalaWorld
 
Ontologias
OntologiasOntologias
Ontologias
 
55 new things in Java 7 - Devoxx France
55 new things in Java 7 - Devoxx France55 new things in Java 7 - Devoxx France
55 new things in Java 7 - Devoxx France
 
AOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on itAOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on it
 

Mais de David Evans

Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!David Evans
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksDavid Evans
 
Hidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeHidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeDavid Evans
 
Anonymity in Bitcoin
Anonymity in BitcoinAnonymity in Bitcoin
Anonymity in BitcoinDavid Evans
 
Midterm Confirmations
Midterm ConfirmationsMidterm Confirmations
Midterm ConfirmationsDavid Evans
 
Scripting Transactions
Scripting TransactionsScripting Transactions
Scripting TransactionsDavid Evans
 
How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in ParadiseDavid Evans
 
Mining Economics
Mining EconomicsMining Economics
Mining EconomicsDavid Evans
 
Becoming More Paranoid
Becoming More ParanoidBecoming More Paranoid
Becoming More ParanoidDavid Evans
 
Asymmetric Key Signatures
Asymmetric Key SignaturesAsymmetric Key Signatures
Asymmetric Key SignaturesDavid Evans
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyDavid Evans
 
Class 1: What is Money?
Class 1: What is Money?Class 1: What is Money?
Class 1: What is Money?David Evans
 
Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the MassesDavid Evans
 
Proof of Reserve
Proof of ReserveProof of Reserve
Proof of ReserveDavid Evans
 
Blooming Sidechains!
Blooming Sidechains!Blooming Sidechains!
Blooming Sidechains!David Evans
 
Useful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinUseful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinDavid Evans
 

Mais de David Evans (20)

Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
 
Hidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeHidden Services, Zero Knowledge
Hidden Services, Zero Knowledge
 
Anonymity in Bitcoin
Anonymity in BitcoinAnonymity in Bitcoin
Anonymity in Bitcoin
 
Midterm Confirmations
Midterm ConfirmationsMidterm Confirmations
Midterm Confirmations
 
Scripting Transactions
Scripting TransactionsScripting Transactions
Scripting Transactions
 
How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in Paradise
 
Bitcoin Script
Bitcoin ScriptBitcoin Script
Bitcoin Script
 
Mining Economics
Mining EconomicsMining Economics
Mining Economics
 
Mining
MiningMining
Mining
 
The Blockchain
The BlockchainThe Blockchain
The Blockchain
 
Becoming More Paranoid
Becoming More ParanoidBecoming More Paranoid
Becoming More Paranoid
 
Asymmetric Key Signatures
Asymmetric Key SignaturesAsymmetric Key Signatures
Asymmetric Key Signatures
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Class 1: What is Money?
Class 1: What is Money?Class 1: What is Money?
Class 1: What is Money?
 
Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the Masses
 
Proof of Reserve
Proof of ReserveProof of Reserve
Proof of Reserve
 
Silk Road
Silk RoadSilk Road
Silk Road
 
Blooming Sidechains!
Blooming Sidechains!Blooming Sidechains!
Blooming Sidechains!
 
Useful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinUseful Proofs of Work, Permacoin
Useful Proofs of Work, Permacoin
 

Último

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 

Último (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

Plan for Today's Class

  • 1.
  • 2. Plan for Today • Backdoors in Linux and Rust? • Nishant’s Talk Today • Midterm – Last chance to ask questions on anything we’ve covered so far (until after Midterm) • Dining Philosophers 10 October 2013 University of Virginia cs4414 1
  • 3. Is there a backdoor in the Linux kernel? 10 October 2013 University of Virginia cs4414 2
  • 4. Detected Nearly Successful Attempt (2003) 10 October 2013 University of Virginia cs4414 3 https://freedom-to-tinker.com/blog/felten/the-linux-backdoor-attempt-of-2003/ if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = -EINVAL; Code added to wait4 (kernel-level) program to “support new options for root-level user”:
  • 5. 10 October 2013 University of Virginia cs4414 4
  • 6. 10 October 2013 University of Virginia cs4414 5
  • 7. Could this happen with Rust? 10 October 2013 University of Virginia cs4414 6 if ((options == (__WCLONE|__WALL)) && (current_uid = 0)) { retval = -EINVAL; } gash> rustc assign.rs assign.rs:9:42: 9:60 error: mismatched types: expected `bool` but found `()` (expected bool but found ()) assign.rs:9 if ((options == (__WCLONE|__WALL)) && (current_uid = 0)) { ^~~~~~~~~~~~~~~~~~ error: aborting due to previous error
  • 8. How hard would it be to place a “backdoor” in Rust? 10 October 2013 University of Virginia cs4414 7 Constructing a backdoor in Rust: any Rust program that does not use unsafe, but for which the compiler outputs a binary that is not type safe.
  • 9. 10 October 2013 University of Virginia cs4414 8 Ken Thompson’s 1983 Turing Award Acceptance Speech
  • 10. Thompson’s “Trusting Trust” 10 October 2013 University of Virginia cs4414 9 Introduce a compiler bug will recognize “login” and compile it to include a backdoor login Bootstrap compiler Remove evidence of bug – its baked into future compilers through the bootstrapped binary!
  • 11. 10 October 2013 University of Virginia cs4414 10 Possible project idea: verify or (more likely) disprove this!
  • 12. Nishant’s Talk Today! 10 October 2013 University of Virginia cs4414 11 6pm, Olsson 120
  • 13. Midterm Exam Out now: https://docs.google.com/forms/d/113q31QJ3X-56XGXrElH_BCZts31qzKFxRbN57Cuyt0k/ 10 October 2013 University of Virginia cs4414 12 (Easier to follow link will be available shortly after class today.) 6 short answer questions (taken or adapted from the class notes) 1 longer answer synthesis question 1 programming question
  • 14. Efficient Grading Algorithm 10 October 2013 University of Virginia cs4414 13 use std::rand; fn grade_midterm(answers: [~str]) -> float { let numq = answers.length; let urand = rand::random::<uint>() % numq; if good_answer(answers[urand]) { 1.0 } else if good_answer(answers[(urand + 1) % numq]) && good_answer(answers[(urand + 2) % numq]) { 1.0 } else { … // grade all answers } }
  • 15. Efficient Grading Algorithm + Don’t Miss Interesting Answers 10 October 2013 University of Virginia cs4414 14 use std::rand; fn grade_midterm(answers: [~str]) -> float { if (/* answered question 9 */) return great_answer(answers[9]) && possibly look at other answers let numq = answers.length; let urand = rand::random::<uint>() % numq; if good_answer(answers[urand]) { 1.0 } else if good_answer(answers[(urand + 1) % numq]) && good_answer(answers[(urand + 2) % numq]) { 1.0 } else { … // grade all answers } }
  • 16. Questions about Midterm 10 October 2013 University of Virginia cs4414 15
  • 17. 10 October 2013 University of Virginia cs4414 16 Edsger Dijkstra (1930-2002) Sir Tony Hoare (born 1934)
  • 18. 10 October 2013 University of Virginia cs4414 17
  • 19. 10 October 2013 University of Virginia cs4414 18 Heraclitus Socrates Plato Aristotle Euclid 5 Dining Philosophers 5 Chopsticks (one between each pair) Need 2 chopsticks to eat
  • 20. Djikstra’s (Hygenic) Version 10 October 2013 University of Virginia cs4414 19 In the canonical problem of the five dining philosophers, the philosophers, each of which alternatingly “thinks” and “eats”, are arranged cyclically, and no two neighbours may eat simultaneously. This constraint can be represented by placing the philosophers at the edges of a regular pentagon, each edge representing a pair- wise exclusion constraint between the two philosophers situated at its ends. Is this equivalent to the shared chopsticks?
  • 21. Solution Desiderata • No communication required • No deadlock • No starvation: everyone gets to eat eventually • Fair: each philosopher has equal likelihood of getting to eat 10 October 2013 University of Virginia cs4414 20
  • 22. 10 October 2013 University of Virginia cs4414 21 Heraclitus Socrates Plato Aristotle Euclid Could all the philosophers starve?
  • 23. 10 October 2013 University of Virginia cs4414 22
  • 24. Dijkstra’s Solution (Idea) Number the chopsticks, always grab lower- numbered stick first Does it matter how the chopsticks are numbered? 10 October 2013 University of Virginia cs4414 23
  • 25. How does UVaCOLLAB solve this? 10 October 2013 University of Virginia cs4414 24 “UVaCollab is an advanced web-based course and collaboration environment”
  • 26. 10 October 2013 University of Virginia cs4414 25 “Best Practices for Working in UVaCollab” • Don't allow multiple graders to grade the same students at the same time, although it's fine to grade different sections of students. • Don't open multiple browser tabs and windows while engaged in grading activities. • Avoid double-clicking links and buttons in UVaCollab as doing so may slow down response times. A single-click is all it takes.
  • 27. The Real Challenge was to “Invent the Chopstick” Binary Semaphore Lock that can be held by up to one process 10 October 2013 University of Virginia cs4414 26
  • 28. 10 October 2013 University of Virginia cs4414 27 type Semaphore = Option<uint> ; // either None (available) or owner static mut count: uint = 0; // protected by lock static mut lock: Semaphore = None; fn grab_lock(id: uint) { while (lock.is_some()) { ; } // wait for lock lock = Some(id); } fn release_lock() { lock = None; } fn update_count(id: uint) { grab_lock(id); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } fn main() { for num in range(0u, 10) { do spawn { for _ in range(0u, 1000) { update_count(num); } } } }
  • 29. 10 October 2013 University of Virginia cs4414 28 type Semaphore = Option<uint> ; // either None (available) or owner static mut count: uint = 0; // protected by lock static mut lock: Semaphore = None; fn grab_lock(id: uint) { while (lock.is_some()) { ; } // wait for lock lock = Some(id); } fn release_lock() { lock = None; } fn update_count(id: uint) { grab_lock(id); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } fn main() { for num in range(0u, 10) { do spawn { for _ in range(0u, 1000) { update_count(num); } } } } FAIL! This is unsafe: semaphore.rs:9:11: 9:15 error: use of mutable static requires unsafe function or block semaphore.rs:9 while (lock.is_some()) { …
  • 30. 10 October 2013 University of Virginia cs4414 29 type Semaphore = Option<uint> ; // either None (available) or owner static mut count: uint = 0; // protected by lock static mut lock: Semaphore = None; fn grab_lock(id: uint) { unsafe { while (lock.is_some()) { ; } lock = Some(id); } } fn release_lock() { unsafe { lock = None; } } fn update_count(id: uint) { unsafe { grab_lock(id); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } } fn main() { for num in range(0u, 10) { do spawn { for _ in range(0u, 1000) { update_count(num); } } } } What will the final count be?
  • 31. 10 October 2013 University of Virginia cs4414 30 gash> ./semaphore > run1.txt gash> ./semaphore > run2.txt gash> ./semaphore > run3.txt gash> tail -1 run1.txt Count updated by 8u: 9968u gash> tail -1 run2.txt Count updated by 9u: 9951u gash> tail -1 run3.txt Count updated by 9u: 9950u
  • 32. 10 October 2013 University of Virginia cs4414 31 type Semaphore = Option<uint> ; // either None (available) or owner static mut count: uint = 0; // protected by lock static mut lock: Semaphore = None; fn grab_lock(id: uint) { unsafe { while (lock.is_some()) { ; } lock = Some(id); } } fn release_lock() { unsafe { lock = None; } } fn update_count(id: uint) { unsafe { grab_lock(id); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } } fn main() { for num in range(0u, 10) { do spawn { for _ in range(0u, 1000) { update_count(num); } } } }
  • 33. 10 October 2013 University of Virginia cs4414 32 fn update_count(id: uint) { unsafe { grab_lock(id); assert!(match lock { None => false, Some(lockee) => lockee == id}); count += 1; println(fmt!("Count updated by %?: %?", id, count)); release_lock(); } } Count updated by 1u: 710u Count updated by 2u: 710u Count updated by 1u: 711u Count updated by 2u: 713uCount updated by 1u: 713u Count updated by 2u: 714u Count updated by 2u: 715u task <unnamed> failed at 'assertion failed: match lock { None => false, Some(lockee) => lockee == id }', semaphore.rs:26 Count updated by 2u: 716u Count updated by 2u: 717u
  • 35. Charge • If you don’t want to do the midterm, contribute a satisfactory Dining Philosophers in Rust to rosettacode.org • Otherwise (unless you are already exempt by solving a challenge), submit the midterm by 11:59pm Monday, October 14 10 October 2013 University of Virginia cs4414 34