Anders Johansson said the following on 03/20/2010 02:54 PM:
On Sat, 2010-03-20 at 12:43 -0400, Anton Aylward wrote:
Aye, and with that comes a whole new raft of hazards and problems, including many to do with the various aspects of security.-
Security aspects of SMP?
Apart from certain race condition exploits possibly being easier to achieve, I have no idea what that would be. Could you expand a little on what you mean?
Right now its open-ended. Security isn't *just* about keeping hackers out. There are issues of integrity and availability to consider, never mind the Parkerian Hexad. Per has already mentioned that programmers are unfamiliar with the kind of multi-threading required for effective and efficient use of multi-core - arbitrary numbers not just dual core - programming. We can expect error and we cant be sure what those errors will be. While multi-threading is not new, few programmers have been forced to use it for real in their own code. Very few programmers have experience with *true* multiprocessing until now. With this new programming paradigm the average programmer is confronted with the need to understand much more and write code that is cleaner to a much higher degree than ever before. Very likely there will be pressure to make more applications multi-threaded, lest they'll be too slow to be competitive. It's also *much* harder to test and debug multi-threaded code. The languages we use, most notably C and C++, don't provide for much in the way of error avoidance or detection of interlock, contention and race conditions, either. The bugs are also going to be much more dependent on machine environment, other software and so on, making reproduction of issues incredibly difficult. Due to the multi-cores, we're probably at the threshold of an era with an entirely new set of program bugs. Classic statistical testing and even execution path analysis will be less effective that ever. We will need new design and programming paradigms, tools and debugging tools. I don't see them yet. -- "Each new law makes only a single guarantee. It will create new criminals." -- John Tandervold -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org