不可信的GPGPU代码(OpenCL等) - 是否安全?有什么风险? [英] Untrusted GPGPU code (OpenCL etc) - is it safe? What risks?
问题描述
当在典型的CPU上运行不受信任的代码时,有许多方法:沙箱,假根,虚拟化...
GPGPU的不可信代码OpenCL,cuda或已经编译过的)?
假设显卡上的内存在运行这样的第三方不可信代码之前被清除,
- 是否有任何安全风险?
- 有什么样的风险?
- 他们?
- 可以
吗? ?
- 可以
- 其他技巧?
< PS我对gpu二进制代码级安全更感兴趣,而不是高级gpgpu编程语言安全(但是这些解决方案也受欢迎)。我的意思是,欢迎参考gpu操作码(a.k.a机器码)。
GPU代码肯定是有风险的。当前GPU不提供存储器保护,因此本质上,每个GPU内核可以访问所有视频存储器。我不知道是否可以访问主机的内存(通过内存映射可能吗?)。它不可能抢占内核,他们可以猪的GPU,这会导致冻结,如果它用于图形输出,也。 (通常驱动程序会终止内核,在几秒钟后不退出)
据推测,AMD的新GPU系列确实有一些内存保护功能,但我怀疑他们目前使用。有可能将GPU多处理器拆分为多个段与当前gen硬件(GeForce 4xx +,Radeon 6xxx +),但这不是真正的时间切片,preempt多任务。 ;)
There are many approaches when it goes about running untrusted code on typical CPU : sandboxes, fake-roots, virtualization...
What about untrusted code for GPGPU (OpenCL,cuda or already compiled one) ?
Assuming that memory on graphics card is cleared before running such third-party untrusted code,
- are there any security risks?
- What kind of risks?
- Any way to prevent them ?
- Is sandboxing possible / available on gpgpu ?
- maybe binary instrumentation?
- other techniques?
P.S. I am more interested in gpu binary code level security rather than hight-level gpgpu programming language security (But those solutions are welcome as well). What I mean is that references to gpu opcodes (a.k.a machine code) are welcome.
GPU code can definitely be risky. Current GPUs do not provide memory protection, so essentially, every GPU kernel can access all video memory. I'm not sure if it is possible to access the host's memory as well (via memory mapping maybe?). It's not possible to preempt kernels, they can "hog" the GPU and this causes freezes if it is used for graphics output, too. (Usually the driver will terminate kernels that don't exit after a few seconds)
Supposedly, AMD's new GPU series do have some memory protection features, but I doubt they are used at the moment. It's possible to split up the GPU multiprocessors into multiple segments with current gen hardware (GeForce 4xx+, Radeon 6xxx+), but that's not really the same as real time-sliced, preempted multitasking. ;)
这篇关于不可信的GPGPU代码(OpenCL等) - 是否安全?有什么风险?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
