Are the DVM registers shared between threads?

[Pascal Wittmann]

Hi,

I'm currently working on a security type system that enforces a
noninterference-like property based on a static analysis of dalvik
bytecode. In the context of this analysis I need to know if DMV
registers are shared between threads.

I suspect they are not shared, but I could not find information on
developer.android.com or via Google about this. Can some give me a
pointer on this? (Or some information about how concurrency is handled
at that level in general?)

(I hope this is the right place to ask such a question)

Thanks

[Chris Stratton]

On Thursday, April 19, 2012 10:19:03 AM UTC-4, Pascal Wittmann wrote:

Hi,

I'm currently working on a security type system that enforces a
noninterference-like property based on a static analysis of dalvik
bytecode. In the context of this analysis I need to know if DMV
registers are shared between threads.

Bear in mind it's ultimately possible for an application to patch its own DVM to behave differently.

 

[andria]

Hi,

Maybe I'm wrong but I think they are not shared because applications run in different processes.

Regards

[Chris Stratton]

On Friday, April 27, 2012 2:08:45 AM UTC-4, andria wrote:

Maybe I'm wrong but I think they are not shared because applications run in different processes.

The question regarded threads rather than processes.  On Linux threads are implemented as lightweight processes, but part of what makes them lightweight is that they share the same view of and access rights to memory - there is no real privacy between them, at most a "choosing not to look" or "not being exactly sure where to look, without searching".  

My suspicion is that as a matter of convenience each thread would have it's own VM registers, but I am confident that any thread within a process can discover the values of the DVM registers, at least to the degree they exist in memory (vs. being optimized away by JIT), for any given build of the DVM which an exploit author has chosen to study in detail.  I'd expect an exploit author could also preclude the use of JIT in order to make the task simpler.

At any rate (and I missed this too when first replying) the question is off topic for the Kernel group, as Dalvik is not part of the kernel and does not run in kernel mode.  As far as the kernel is concerned, a DVM is just a random user-mode process.

 

 

[Pascal Wittmann]

On 04/27/2012 06:19 PM, Chris Stratton wrote:
> On Friday, April 27, 2012 2:08:45 AM UTC-4, andria wrote:
> My suspicion is that as a matter of convenience each thread would have it's
> own VM registers, but I am confident that any thread within a process can
> discover the values of the DVM registers, at least to the degree they exist
> in memory (vs. being optimized away by JIT), for any given build of the DVM
> which an exploit author has chosen to study in detail. I'd expect an
> exploit author could also preclude the use of JIT in order to make the task
> simpler.

Thanks, that clarifies things a bit.

> At any rate (and I missed this too when first replying) the question is off
> topic for the Kernel group, as Dalvik is not part of the kernel and does
> not run in kernel mode. As far as the kernel is concerned, a DVM is just a
> random user-mode process.

Ok. I suspect 'android-platform' would be a better place, right?