demandvista系统优化
vista系统优化 时间:2021-02-25 阅读:()
WindowsVistaHeapManagementEnhancementsAdrianMarinescuDevelopmentLeadadrmarin@microsoft.
com2AgendaWindowsNTHeapManagementbasicsandevolutionWindowsVistaheap–majormilestone–Developmentprinciplesandguidelines–Securityfeatures–PerformancefeaturesQ&A3IntroductionSecurity–industry-wideconcernTwCdrivingmultiplesecurityinitiativesTheNTHeap–Strategicpointindefense–Improvedtorespondtoindustrytrendsinusage4PartI–Basics5HeapEvolutionTimeNT4NT4/SP4Windows2000XP/SP2Windows2003WindowsVistaBasicsPerformanceOpt-inSMPScalabilityHeapMitigationsEnhancedsecurityPerformanceQualitytoolIndustryWorkloadExploitationParallelism6NTHeapOverviewTheNTMemoryManagerSegmentManagement(forblocks1KNon-dedicatedfreelist(1–512KBytes)Segment1Segment64Segmentarray>512KVirtualBlocksList816>512K8HeapSegmentsSeg.
HB1B2UncommitedspaceBn…ByUncommitedspaceReservedspace9BlockEntryinpriorWindowsNTVersions0:018>dc04392f8004392f8000040002000000010442da6000240e68SizePreviousblocksizetagunusedbytesflagssegmentF-LinkB-Link10RoleofLinkEntryinEarlyExploitsArbitrarypointerwritemovmoveaxeax,DWORDPTR[,DWORDPTR[ecxecx]]movmovecxecx,DWORDPTR[ecx+4],DWORDPTR[ecx+4]movmovDWORDPTR[DWORDPTR[ecxecx],],eaxeaxmovmovDWORDPTR[eax+4],DWORDPTR[eax+4],ecxecxFwdLinkBkLinkValuetowriteLocationtowrite11LookasideListsNon-blockingsingle-linkedlists0-89-16Lookasidelists1016-1024HeaderLinkunusedHeaderLinkunused12TheLowFragmentationHeapArchitectureSMPUnit10-89-16Allocationbuckets1025-108815873-16384AllocationgranularitySMPUnitNSMPUnit1SegmentspoolSegmentspoolSegmentspool13LowFragmentationHeapBlockEntrySub-SegmentFlags…RelativelinkSizeLFHBlockFrees-listSub-Segment…8bytesUserdata14EarlyHeapMitigationsSafeListRemovalEntry->FwdLink->BkLink==Entry->BkLink->FwdLink==Entry8-bitcookietestedonfreeLFHblockentryencodingF(randomnumber,Blockaddress,heap)15ChangeinLandscapeNewexploitingmethodssurfacedChangeinusageoutlook–Memoryusage–IncreaseavailabilityofSMP–Increaserelevanceof64bitcomputingCodequality–higherdemandinindustry16WindowsVistaHeapManagerKeyDevelopmentDirectionsPerformanceandreliabilitySecurityCodequality17WindowsNTHeapRequirements18SecurityCorrectness–like:–Guaranteesrequestedsizes–Lifetimeofallocations–Clearingcontentwhenrequestedetc.
Defenselineinheapbasedexploits:Defenselineinheapbasedexploits:––AttemptstomitigatetheeffectofanattackAttemptstomitigatetheeffectofanattack––MakesdifficulthidingheapMakesdifficulthidingheap--basedexploitsbasedexploits19PerformanceScalefromsmalldevicestolargeserversOptimizedforvariedusagepatternsFollowtheindustrytrend–Memoryusage–IncreaseinSMPavailability–H/Warchitectureadvances20CompatibilityApplicationsmayrelyonthingslike:–Reallocreturningsamepointer–Read/writeafterreleasingablock–Doublefree–Overrunsoverunusedstructuresetc.
Heapchangesmayhaveunintendedeffects,suchas:–Crashes,leaksorbrokenfunctionalityinpoorlywrittenapplications–Severeperformanceregressions21PartII-WindowsVistaHeap22WindowsVistaHeapSecurityFeaturesBlockmetadatarandomizationIntegritycheckonblockentryAlgorithmvariationinresponsetousagepatternRandomrebasingFunctionpointerrandomizationAbruptapplicationterminationonerror23BlockMetadataRandomizationApartoftheheaderisXORdwitharandomvalueLowperformanceimpactShouldmakeguessingtherightvalueimpracticalFlexibleandcontainedalgorithmandimplementationAgileinupdates24EntryIntegrityCheckPrevious8-bitcookiehasbeenrepurposedtovalidatealargerpartoftheheaderValuemayberandomizedalongwiththeotherfieldsValidatedduringinternaloperationstoo25Demo–HeapHeaderLayout26Automatictuning–ShifttoLFHallocationsatarbitrarypointsonruntime–Triggersonvariouspatterns–Involvesalsode-commit/commitpoliciesRuntimeAlgorithmVariation27MoreHeapRandomizationsHeapbaserandomization–thingstoconsider:–Fragmentationoftheapplicationaddressspaceaffectinglargeserverapplications–PossibleperformanceissuesifhigherrandomizationisusedHeapfunctionpointerrandomization–Takesawayaknownplacetofacilitatethecodeexecutionalongwithrebasing28Demo29AbruptTerminationonErrorAnydatainconsistencyorinvalidheapfunctionusagedetectedmaytriggeritThescopeisprocess-wide(anyheapintheprocesshasthesamebehavior)TheprocessisterminatedviaWindowsErrorReportingDetailedinfoisavailableinthedumpfileNofunctionprovidedtodisableitOnbydefaultfor64bitplatforms&apps30TerminationonErrors(cont.
)Programmaticopt-Inmethod(newHeapEnableTerminationOnCorruptionclassdefined)BOOLHeapSetInformation(HANDLEHeapHandle,HEAP_INFORMATION_CLASSHeapInformationClass,PVOIDHeapInformation,SIZE_THeapInformationLength);LargenumberofcomponentswithWindowsVistaareoptedinTheinformationisavailableinadebuggerextension31Demo32NTHeapManager–ImprovesCodeQualityBenefitstoappdevelopersEarlyerrordetectionImproveddebuggingaidtoreducecostofinvestigatingcorruptionsReducedtolerancetomisusageWindowsVistaappswillbemoreresilienttofutureheapchanges33KnownAttackVectors&WindowsVistaRemovedlookasidelistandarrayofliststargetedbypreviousexploitsIntegritycheckonblockmetadatasignificantobstacletobruteforceattacksMostWindowsprocessesterminateonmemoryerrorsDynamic(runtime)changeinheapalgorithmsobstacletoconsistentexploitsHeapstructuresandmemorymgmtchangeslimitportabilityofexploits34SecurityenhancementsareajourneyMitigationsarenotsubstituteforgooddevelopmentpracticesWindowsVistaisjustamilestoneincontinualheapimprovements35WindowsVistaHeapPerf&ReliabilityImprovedscenariosbydefaultfor:SMPscalabilityExternalfragmentationLargeheapsImprovedreferencelocalityon64bitplatformsReducedVirtualAddressexhaustionIncreasedresiliencetopatternsinvolvinglong-termallocations36KeyPerformanceEnhancementsAutomatictuningLowergranularityofcontrolpoliciestoswitchtotheLowFragmentationHeapUseoflazyinitializationRedesignedsegmentmanagementImprovedinternallookupalgorithmsAddressedfragmentationinproblematicscenariosLoweroverheadon64bit37RandomAllocationBenchmark(0-1K)05101520253012345678MillionThreadsOps.
/secWindowsServer2003RecentWindowsVistaRandomAllocationBenchmark(4-8k)0246810121416182012345678MillionThreadsOps.
/secWindowsServer2003RecentWindowsVista38FragmentationTest(512blocks/80bytes)VirtualaddressCost010002000300040005000600070008000Runtime(sec)BytesperleakedbloRecentWindowsVistaWindowsServer2003Committedmemorycost0100200300400500600700800Runtime(sec)BytesperleakedbloRecentWindowsVistaWindowsServer200339FragmentationTest(512blocks/80bytes)Heapperformanceonheapexpansionpattern1(512blocks)(70x)0100000200000300000400000500000600000700000800000Runtime(sec)Ops.
/secRecentWindowsVistaWindowsServer200340FragmentationScenarioIIPatternPatternOps/secOps/sec(Recent(RecentWindowsWindowsVista)Vista)Ops/secOps/sec(Windows(WindowsServerServer2003SP1)2003SP1)ImprovemeImprovementntxx2562576004388663951292770915161441024403774517917204819418025776740968253412687841Memoryfootprinton2GBytesheapexpansion0500100015002000250030003500400045003264128256512102420484096BlocksizeMbytesmemorReservedMemoryInRecentWindowsVistaCommitedMemoryInRecentWindowsVistaReservedMemoryInWindowsServer2003CommitedMemoryInWindowsServer200342SummaryAttacksgetmoresophisticated…Butsodoestheheapmanagement–andnotonlyforsecurityWelaidthefoundationforincreasedagilityinheapimprovementswithreducedcompatibilityrisksImprovedscenariosforSMPandlargememoryusageDesignedtoenhancethecodequalityforapplicationsWearenotyetdone…wearelookingforwardforfurtherenhancementsasneededComeseemewithyourideas!
43ResourcesFeedbackonHeap:heapext@microsoft.
comDebuggingtools:http://www.
microsoft.
com/whdc/devtools/debugging/debugstart.
mspxApplicationVerifier:http://www.
microsoft.
com/downloads/details.
aspxFamilyID=bd02c19c-1250-433c-8c1b-2619bd93b3a2&DisplayLang=en4444secure@microsoft.
comThispresentationisforinformationalpurposesonly.
Microsoftmakesnowarranties,expressorimplied,inthissummary.
com2AgendaWindowsNTHeapManagementbasicsandevolutionWindowsVistaheap–majormilestone–Developmentprinciplesandguidelines–Securityfeatures–PerformancefeaturesQ&A3IntroductionSecurity–industry-wideconcernTwCdrivingmultiplesecurityinitiativesTheNTHeap–Strategicpointindefense–Improvedtorespondtoindustrytrendsinusage4PartI–Basics5HeapEvolutionTimeNT4NT4/SP4Windows2000XP/SP2Windows2003WindowsVistaBasicsPerformanceOpt-inSMPScalabilityHeapMitigationsEnhancedsecurityPerformanceQualitytoolIndustryWorkloadExploitationParallelism6NTHeapOverviewTheNTMemoryManagerSegmentManagement(forblocks1KNon-dedicatedfreelist(1–512KBytes)Segment1Segment64Segmentarray>512KVirtualBlocksList816>512K8HeapSegmentsSeg.
HB1B2UncommitedspaceBn…ByUncommitedspaceReservedspace9BlockEntryinpriorWindowsNTVersions0:018>dc04392f8004392f8000040002000000010442da6000240e68SizePreviousblocksizetagunusedbytesflagssegmentF-LinkB-Link10RoleofLinkEntryinEarlyExploitsArbitrarypointerwritemovmoveaxeax,DWORDPTR[,DWORDPTR[ecxecx]]movmovecxecx,DWORDPTR[ecx+4],DWORDPTR[ecx+4]movmovDWORDPTR[DWORDPTR[ecxecx],],eaxeaxmovmovDWORDPTR[eax+4],DWORDPTR[eax+4],ecxecxFwdLinkBkLinkValuetowriteLocationtowrite11LookasideListsNon-blockingsingle-linkedlists0-89-16Lookasidelists1016-1024HeaderLinkunusedHeaderLinkunused12TheLowFragmentationHeapArchitectureSMPUnit10-89-16Allocationbuckets1025-108815873-16384AllocationgranularitySMPUnitNSMPUnit1SegmentspoolSegmentspoolSegmentspool13LowFragmentationHeapBlockEntrySub-SegmentFlags…RelativelinkSizeLFHBlockFrees-listSub-Segment…8bytesUserdata14EarlyHeapMitigationsSafeListRemovalEntry->FwdLink->BkLink==Entry->BkLink->FwdLink==Entry8-bitcookietestedonfreeLFHblockentryencodingF(randomnumber,Blockaddress,heap)15ChangeinLandscapeNewexploitingmethodssurfacedChangeinusageoutlook–Memoryusage–IncreaseavailabilityofSMP–Increaserelevanceof64bitcomputingCodequality–higherdemandinindustry16WindowsVistaHeapManagerKeyDevelopmentDirectionsPerformanceandreliabilitySecurityCodequality17WindowsNTHeapRequirements18SecurityCorrectness–like:–Guaranteesrequestedsizes–Lifetimeofallocations–Clearingcontentwhenrequestedetc.
Defenselineinheapbasedexploits:Defenselineinheapbasedexploits:––AttemptstomitigatetheeffectofanattackAttemptstomitigatetheeffectofanattack––MakesdifficulthidingheapMakesdifficulthidingheap--basedexploitsbasedexploits19PerformanceScalefromsmalldevicestolargeserversOptimizedforvariedusagepatternsFollowtheindustrytrend–Memoryusage–IncreaseinSMPavailability–H/Warchitectureadvances20CompatibilityApplicationsmayrelyonthingslike:–Reallocreturningsamepointer–Read/writeafterreleasingablock–Doublefree–Overrunsoverunusedstructuresetc.
Heapchangesmayhaveunintendedeffects,suchas:–Crashes,leaksorbrokenfunctionalityinpoorlywrittenapplications–Severeperformanceregressions21PartII-WindowsVistaHeap22WindowsVistaHeapSecurityFeaturesBlockmetadatarandomizationIntegritycheckonblockentryAlgorithmvariationinresponsetousagepatternRandomrebasingFunctionpointerrandomizationAbruptapplicationterminationonerror23BlockMetadataRandomizationApartoftheheaderisXORdwitharandomvalueLowperformanceimpactShouldmakeguessingtherightvalueimpracticalFlexibleandcontainedalgorithmandimplementationAgileinupdates24EntryIntegrityCheckPrevious8-bitcookiehasbeenrepurposedtovalidatealargerpartoftheheaderValuemayberandomizedalongwiththeotherfieldsValidatedduringinternaloperationstoo25Demo–HeapHeaderLayout26Automatictuning–ShifttoLFHallocationsatarbitrarypointsonruntime–Triggersonvariouspatterns–Involvesalsode-commit/commitpoliciesRuntimeAlgorithmVariation27MoreHeapRandomizationsHeapbaserandomization–thingstoconsider:–Fragmentationoftheapplicationaddressspaceaffectinglargeserverapplications–PossibleperformanceissuesifhigherrandomizationisusedHeapfunctionpointerrandomization–Takesawayaknownplacetofacilitatethecodeexecutionalongwithrebasing28Demo29AbruptTerminationonErrorAnydatainconsistencyorinvalidheapfunctionusagedetectedmaytriggeritThescopeisprocess-wide(anyheapintheprocesshasthesamebehavior)TheprocessisterminatedviaWindowsErrorReportingDetailedinfoisavailableinthedumpfileNofunctionprovidedtodisableitOnbydefaultfor64bitplatforms&apps30TerminationonErrors(cont.
)Programmaticopt-Inmethod(newHeapEnableTerminationOnCorruptionclassdefined)BOOLHeapSetInformation(HANDLEHeapHandle,HEAP_INFORMATION_CLASSHeapInformationClass,PVOIDHeapInformation,SIZE_THeapInformationLength);LargenumberofcomponentswithWindowsVistaareoptedinTheinformationisavailableinadebuggerextension31Demo32NTHeapManager–ImprovesCodeQualityBenefitstoappdevelopersEarlyerrordetectionImproveddebuggingaidtoreducecostofinvestigatingcorruptionsReducedtolerancetomisusageWindowsVistaappswillbemoreresilienttofutureheapchanges33KnownAttackVectors&WindowsVistaRemovedlookasidelistandarrayofliststargetedbypreviousexploitsIntegritycheckonblockmetadatasignificantobstacletobruteforceattacksMostWindowsprocessesterminateonmemoryerrorsDynamic(runtime)changeinheapalgorithmsobstacletoconsistentexploitsHeapstructuresandmemorymgmtchangeslimitportabilityofexploits34SecurityenhancementsareajourneyMitigationsarenotsubstituteforgooddevelopmentpracticesWindowsVistaisjustamilestoneincontinualheapimprovements35WindowsVistaHeapPerf&ReliabilityImprovedscenariosbydefaultfor:SMPscalabilityExternalfragmentationLargeheapsImprovedreferencelocalityon64bitplatformsReducedVirtualAddressexhaustionIncreasedresiliencetopatternsinvolvinglong-termallocations36KeyPerformanceEnhancementsAutomatictuningLowergranularityofcontrolpoliciestoswitchtotheLowFragmentationHeapUseoflazyinitializationRedesignedsegmentmanagementImprovedinternallookupalgorithmsAddressedfragmentationinproblematicscenariosLoweroverheadon64bit37RandomAllocationBenchmark(0-1K)05101520253012345678MillionThreadsOps.
/secWindowsServer2003RecentWindowsVistaRandomAllocationBenchmark(4-8k)0246810121416182012345678MillionThreadsOps.
/secWindowsServer2003RecentWindowsVista38FragmentationTest(512blocks/80bytes)VirtualaddressCost010002000300040005000600070008000Runtime(sec)BytesperleakedbloRecentWindowsVistaWindowsServer2003Committedmemorycost0100200300400500600700800Runtime(sec)BytesperleakedbloRecentWindowsVistaWindowsServer200339FragmentationTest(512blocks/80bytes)Heapperformanceonheapexpansionpattern1(512blocks)(70x)0100000200000300000400000500000600000700000800000Runtime(sec)Ops.
/secRecentWindowsVistaWindowsServer200340FragmentationScenarioIIPatternPatternOps/secOps/sec(Recent(RecentWindowsWindowsVista)Vista)Ops/secOps/sec(Windows(WindowsServerServer2003SP1)2003SP1)ImprovemeImprovementntxx2562576004388663951292770915161441024403774517917204819418025776740968253412687841Memoryfootprinton2GBytesheapexpansion0500100015002000250030003500400045003264128256512102420484096BlocksizeMbytesmemorReservedMemoryInRecentWindowsVistaCommitedMemoryInRecentWindowsVistaReservedMemoryInWindowsServer2003CommitedMemoryInWindowsServer200342SummaryAttacksgetmoresophisticated…Butsodoestheheapmanagement–andnotonlyforsecurityWelaidthefoundationforincreasedagilityinheapimprovementswithreducedcompatibilityrisksImprovedscenariosforSMPandlargememoryusageDesignedtoenhancethecodequalityforapplicationsWearenotyetdone…wearelookingforwardforfurtherenhancementsasneededComeseemewithyourideas!
43ResourcesFeedbackonHeap:heapext@microsoft.
comDebuggingtools:http://www.
microsoft.
com/whdc/devtools/debugging/debugstart.
mspxApplicationVerifier:http://www.
microsoft.
com/downloads/details.
aspxFamilyID=bd02c19c-1250-433c-8c1b-2619bd93b3a2&DisplayLang=en4444secure@microsoft.
comThispresentationisforinformationalpurposesonly.
Microsoftmakesnowarranties,expressorimplied,inthissummary.
- demandvista系统优化相关文档
- 阵列vista系统优化
- 成像vista系统优化
- 接口vista系统优化
- 设置vista系统优化
- designedvista系统优化
- 映像vista系统优化
ZJI:韩国BGP+CN2线路服务器,国内三网访问速度优秀,8折优惠码每月实付440元起
zji怎么样?zji最近新上韩国BGP+CN2线路服务器,国内三网访问速度优秀,适用8折优惠码zji,优惠后韩国服务器最低每月440元起。zji主机支持安装Linux或者Windows操作系统,会员中心集成电源管理功能,8折优惠码为终身折扣,续费同价,全场适用。ZJI是原Wordpress圈知名主机商:维翔主机,成立于2011年,2018年9月启用新域名ZJI,提供中国香港、台湾、日本、美国独立服...
wordpress投资主题模版 白银黄金贵金属金融投资网站主题
wordpress投资主题模版是一套适合白银、黄金、贵金属投资网站主题模板,绿色大气金融投资类网站主题,专业高级自适应多设备企业CMS建站主题 完善的外贸企业建站功能模块 + 高效通用的后台自定义设置,简洁大气的网站风格设计 + 更利于SEO搜索优化和站点收录排名!点击进入:wordpress投资主题模版安装环境:运行环境:PHP 7.0+, MYSQL 5.6 ( 最低主机需求 )最新兼容:完美...
spinservers($89/月),圣何塞10Gbps带宽服务器,达拉斯10Gbps服务器
spinservers是Majestic Hosting Solutions LLC旗下站点,主要提供国外服务器租用和Hybrid Dedicated等产品的商家,数据中心包括美国达拉斯和圣何塞机房,机器一般10Gbps端口带宽,高配置硬件,支持使用PayPal、信用卡、支付宝或者微信等付款方式。目前,商家针对部分服务器提供优惠码,优惠后达拉斯机房服务器最低每月89美元起,圣何塞机房服务器最低每月...
vista系统优化为你推荐
-
iphone5解锁苹果5手机怎么屏幕解锁伪静态如何设置伪静态规则伪静态伪静态和真静态哪种静态方式好开机滚动条电脑开机滚动条要走好几次开机滚动条开机滚动条要很长时间怎么解决?淘宝网页显示不正常淘宝网显示不正常宕机宕机是什么意思?ios系统ios是什么意思 ios系统是什么虚拟专用网安卓手机的虚拟专用网设置是什么东西?怎么用?云挂机快手极速版后台云挂机辅?助各位用了吗?在哪找的?