Implementing and Breaking Load-Link / Store-Conditional on an ARM-Based System (2207.09341v1)

Abstract: Manufacturers of modern electronic devices are constantly attempting to implement additional features into ever-increasingly complex and performance demanding systems. This race has been historically driven by improvements in the processor's clock speed, but as power consumption and real estate concerns in the embedded space pose an growing challenge, multithreading approaches have become more prevalent and relied upon. Synchronization is essential to multithreading systems, as it ensures that threads do not interfere with each others' operations and produce reliable and consistent outputs whilst maximizing performance and efficiency. One of the primary mechanisms guaranteeing synchronization in RISC architectures is the load-link/store conditional routine, which implements an atomic operation that allows a thread to obtain a lock. In this study, we implement, test, and manipulate an LL/SC routine in a multithreading environment using GDB. After examining the routine mechanics, we propose a concise implementation in ARMv7l, as well as demonstrate the importance of register integrity and vulnerabilities that occur when integrity is violated under a limited threat model. This work sheds light on LL/SC operations and related lock routines used for multithreading.