Graphics processing units (GPUs) have become important for processing data-parallel graphics tasks. Both graphics and non-graphics data-parallel tasks can be handled by GPUs, taking advantage of their massive parallel capabilities. In certain instances, the address of graphics resources or even rendered graphics may be deterministic, meaning that by running the same software (e.g., at a high level, a process, or at a low level, a command buffer) the system predictably locates the same items (e.g., resources or rendered graphics) at the same virtual addresses. This predictability allows processes in the system to potentially both retrieve data and/or tamper with it. The embodiments of this disclosure seek to illustrate hardware and software arrangements to mitigate and/or eliminate deterministic addressing in the area of graphics, and/or the effects of such addressing.
In the non-graphics areas of computing arts, some memory architecture arrangements use a technique called address space layout randomization. For example, current versions of Mac OSX™ use address space layout randomization within certain of the kernel drivers in order to randomize the location of data in the kernel memory. For example, when a kernel driver is loaded, an address space offset may be randomly selected, which results in a different memory layout for each invocation of the kernel driver. By way of explanation, the use of the word “kernel” in this disclosure may refer to a “kernel” as the core layer of an operating system, typically associated with the highest security level and hardware interaction (e.g., the use of hardware drivers). However, this disclosure also uses the word “kernel” for a different meaning that is associated with a type of GPU program. In particular, a “compute kernel” or “kernel” may refer to a program for a GPU (or DSP or FPGA). In the context of GPU operations, most programs for the GPU are classified as a kernel or a shader—kernels refer to compute operations and shaders refer to graphics operations. Here forward, the word kernel will be used without an accompanying elongated explanation, but context of the usage will inform the skilled artisan regarding whether the word is being use in the context a compute kernel (program for the GPU) or operating system kernel (core part of an operating system).
The use of address space memory randomization in an operating system such as Mac OSX™ does not provide any benefit to any deterministic addressing related to GPU operations. Thus, undesirable deterministic addressing in the graphics area may occur in the case of GPU processing (either graphics or compute). In such a case, for example, a driver may allocate and map a resource for access by GPU, where the mapping address is predictable for every iteration of the command buffer execution. Furthermore, in the sample situation where the CPU and GPU share virtual memory space and page tables, resource addresses may be determined by the allocating user level process. The behavior of this one example may be exploited by undesirable software that may modify the GPU command buffer to execute user modified kernels or shaders to read or write a resource at an ‘arbitrary’ but deterministic address using a modified kernel.