Bytecode Verification on Java Smart cards

1
Bytecode Verification on Java Smart cards

• Xavier Leroy
• Presentation(Day 2)
• - Nithya

2
JSR

• Subroutines -gt mostly used for compiling the
  try-finally construct
• Subroutines and Suns Verfn algorithm
• Subroutines and our Verfn Algorithm
• JSR instruction
• Ret instruction
• Role of local variable

3
Algorithm
4
JSR vs invoke

• Methods invokevirtual, invokenonvirtual,
  return, areturn, Ireturn
• JSR instruction and ret instruction

5
OffCard code Transformations

• Two methods to ensure that all correct applets
  pass verification
• Using special Java compiler
• Using a std Java Compiler and Java Card Converter
  (for Off-card code Transformation) and pass it to
  on card verifier

6
Applet Conversion
7
Applet Installation
8
Architecture of the System
9
Transformations

• Stack Normalisation
• Register Reallocation

10
Stack Normalisation

• For a branch with non-empty stack
• Insert stores to fresh registers before the
  branch
• Loads from the same registers at the branch target

11
Example C.m(b ? x y)
12
Second pass of SN

• Case 1 if i is a branch target with non-empty
  stack
• Case 2 if i is a branch to instruction j and
  the operand stack is not empty at j.

13
1) i -gtBranch Target

• Case a
• If instruction before i doesnt fall thru (uncndl
  branch/return/throw),
• Insert loads from l1ln before i
• Redirect the branches to the first load thus
  inserted

14
Case a
15
1)i -gtBranch Target

• Case b
• If the instruction before i falls thru
• Insert stores to ln..l1
• Load from l1..ln, before i

16
Case b
17
2) i -gtBranch to instruction j

• Case a
• If instruction i does not fall through
  (unconditional branch)
• Insert before i code to swap the top k words of
  the stack with the n words
• Insert stores lnl1

18
Case a
19
2)I -gtBranch to instruction j

• Case b
• If instruction I can fall thru (conditional
  branch)
• Insert after I, loads from l1ln

20
Case b
21
Worst case

• Example of combination of two transformations
• The instruction before i falls through
• i itself falls through

22
Worst case
23
Tunneling optimizations

• Idea reduce the number of branches
• Replace branches goto lbl by a direct branch to
  lbl
• Replace unconditional branches return or
  throw by a copy of the return or a throw
  instruction itself

24
Example
25
Tunneling optimization

• Conforms to Requirement R1
• No stack Normalisation needed for this code

26
Before Register reallocation
27
After Register reallocation
Number of registers stays constant
28
Chaitins graph coloring allocator

• Compute live ranges for every register
• Compute principal type for every live range
• Build the interference graph between live ranges
• Nodes -gt live ranges
• Add interference edges between live ranges that
  dont have same principal type
• Coalescing Detect reg-to-reg copies
• Color the interference graph
• Assign a new reg number to every live range that
  2 interfering live edges have distinct reg numbers

29
After compilation and stack normalisation -gtJCVM
code
30
After coalescing sload Rtmp, sstore Rs
Short s if (b) sx elsesy
31
Effect of offcard code transformation on code
size and register
32
Comments?