We have recently found serious security breach in CUDA Linux drivers.
The problem is related to cudaHostAlloc/cuMemHostAlloc API calls. In brief,
driver maps pinned memory to user space but does not initialize it to zero.
As an example, our simplest “proof of concept” program was able to read large
fragments of files being written or read by other users.
I find it surprising that Linux does not automatically clear new memory pages…
Besides how many people might assume the memory returned from cudaHostMalloc is zeroed? When you memcpy a new device buffer to host memory you can see device memory is always zeroed…
Considering that people consider Linux’s kernel to be more secure than Windows, this shows in some cases the opposite is true.