Processor extensions and software verification to support type-safe language environments running with untrusted code
    7.
    发明授权
    Processor extensions and software verification to support type-safe language environments running with untrusted code 有权
    处理器扩展和软件验证,以支持使用不受信任代码运行的类型安全的语言环境

    公开(公告)号:US07380276B2

    公开(公告)日:2008-05-27

    申请号:US10851860

    申请日:2004-05-20

    IPC分类号: G06F17/30 G06F11/00

    CPC分类号: G06F21/53

    摘要: Processor extensions and software verification to support type-safe language environments running with untrusted code. Code and data spaces are partitioned into trusted and untrusted regions. Type-safe code is loaded into the trusted region of the code space, while non-type-safe code is loaded into the untrusted region of the code space. The trusted region of the data space is allocated to the type-safe code. The untrusted region of the data space is allocated to the non-type-safe code. Hardware-based truth tables are employed for defining allowable and disallowable code sequences and memory access operations. For code sequences, allowable operations are based on the location (i.e., region) of a code sequence including a current instruction and a prior instruction. For memory access, the location of the requesting instruction and data requested are considered. Disallowed code sequence or memory access operations cause the processor to generate a safe access protection trap. In response to the safe access protection trap, a software-based dynamic verifier applies a security policy to determine whether to allow the operation to proceed.

    摘要翻译: 处理器扩展和软件验证,以支持使用不受信任代码运行的类型安全的语言环境。 代码和数据空间被划分为可信任和不受信任的区域。 类型安全代码被加载到代码空间的可信区域中,而非类型安全的代码被加载到代码空间的不可信区域中。 数据空间的可信区域被分配给类型安全的代码。 数据空间的不可信区域被分配给非类型安全的代码。 采用基于硬件的真值表来定义允许和不允许的代码序列和存储器访问操作。 对于代码序列,允许的操作基于包括当前指令和先前指令的代码序列的位置(即,区域)。 对于存储器访问,考虑请求指令的位置和请求的数据。 不允许的代码序列或内存访问操作会导致处理器生成安全的访问保护陷阱。 响应于安全访问保护陷阱,基于软件的动态验证器应用安全策略来确定是否允许操作继续。