-
公开(公告)号:US20230393888A1
公开(公告)日:2023-12-07
申请号:US18327553
申请日:2023-06-01
Applicant: Apple Inc.
Inventor: David P. Remahl , Kyle C. Brogle , Robert J. Kendall-Kuppe , Pavlo Malynin , Geoffrey McCormack
Abstract: A kernel of an operating system receives a request from a parent process (e.g., an exec or spawn system call) to launch a child process that executes a binary. The kernel identifies a process-specific launch constraint, which is a precondition for launching the child process. The kernel evaluates the constraint, which can match against any type of system state or variable, including the process's location on disk, protection on disk, and how the process is to be launched. The kernel can then determine whether to launch the child process, thus permitting the child process to be scheduled for execution by the operating system. Launch constraints can be used both for a child process to impose preconditions on the parent process, and vice versa. Launch constraints can be included in the launch request, embedded in the binary, or located elsewhere, such as in a trust cache in kernel memory.
Search Results
1
records
(took 0.012 seconds)
