Speaker
Description
Qt and by extension C++ is the technical pillar of the KDE community that has served us well since our inception. However, there is no such thing as a free lunch; the performance and expressive power of C++ comes at a hefty price - it is memory unsafe. In turn, users experience crashes, odd behaviour and often ample opportunity for attackers to turn memory unsafety into powerful exploits.
A variety of tools and techniques have been introduced to eliminate (but mostly to prevent and mitigate) the drawbacks of memory unsafe languages, but a lot of these tools are difficult to use and often have prohibitive overheads. The ARM Memory Tagging Extension (MTE) is a new hardware feature expected in ARMv8.5+ processors that allows metadata (i.e. tags) to be attributed to both memory and pointers. As will be seen in the talk, this can be used to prevent a wide variety of common memory related bugs with overheads low enough that one can use it as a security mitigation in production as well as a debugging tool.
In addition, this feature opens up the possibility of other non-conventional use cases, such as being able to set infinite watchpoints, which in addition can be enhanced to create a race detector. These will be briefly discussed as well and hopefully will inspire future interesting use cases for this new versatile extension.
Authors' Bio
Alex Saoutkin is co-maintainer of KIO FUSE and is currently in his final year at University College London (UCL), studying for a degree in MEng Mathematical Computation. Previously, Alex was a GSoC student working on KIO FUSE under the mentorship of Fabian Vogt and was subsequently employed by Blue Systems GmbH to continue his work on the project.
