-
公开(公告)号:US20220179947A1
公开(公告)日:2022-06-09
申请号:US17434643
申请日:2019-03-12
Applicant: Huawei Technologies Co., Ltd.
Inventor: Jan-Erik Ekberg
Abstract: An apparatus includes a processor coupled to a memory. The processor calls a second function from a first function by coloring with an inaccessible color value a first memory area associated with the first function, branching to the second function, coloring with a second color value a second memory area associated with the second function, operating on the second memory area, and coloring with the inaccessible color value the second memory area. The processor then returns control to the first function, and colors with a first color value the first memory area. The coloring step includes branching to a coloring routine that includes a basic block beginning with a single branch target instruction, identifying and authorizing the calling routine, coloring with a hardcoded color value a memory area associated with the calling routine, and returning to the calling routine.
-
公开(公告)号:US11868466B2
公开(公告)日:2024-01-09
申请号:US17434643
申请日:2019-03-12
Applicant: Huawei Technologies Co., Ltd. , Jan-Erik Ekberg
Inventor: Jan-Erik Ekberg
CPC classification number: G06F21/54 , G06F9/3004 , G06F9/30058 , G06F21/556 , G06F21/79
Abstract: An apparatus includes a processor coupled to a memory. The processor calls a second function from a first function by coloring with an inaccessible color value a first memory area associated with the first function, branching to the second function, coloring with a second color value a second memory area associated with the second function, operating on the second memory area, and coloring with the inaccessible color value the second memory area. The processor then returns control to the first function, and colors with a first color value the first memory area. The coloring step includes branching to a coloring routine that includes a basic block beginning with a single branch target instruction, identifying and authorizing the calling routine, coloring with a hardcoded color value a memory area associated with the calling routine, and returning to the calling routine.
-
公开(公告)号:US12099602B2
公开(公告)日:2024-09-24
申请号:US17728619
申请日:2022-04-25
Applicant: Huawei Technologies Co., Ltd.
Inventor: Igor Stoppa , Jan-Erik Ekberg , Santeri Salko
CPC classification number: G06F21/556 , G06F13/24 , G06F13/4068 , G06F21/554 , G06F21/85
Abstract: A device includes a non-maskable interrupt (NMI) signal path, a processor, and a peripheral component. The peripheral component may comprise secret data, such as a secret key. The processor may perform a preconfigured NMI interrupt service routine (ISR), in response to detecting a preconfigured signal in the NMI signal path. Access to at least a part of the peripheral component may be enabled in response to detecting the preconfigured signal in the NMI signal path. Thus, the processor may be able to access the secret data, for example, when the processor is running the NMI ISR.
-
公开(公告)号:US11777717B2
公开(公告)日:2023-10-03
申请号:US17425896
申请日:2019-01-25
Applicant: Huawei Technologies Co., Ltd.
Inventor: Sampo Sovio , Jan-Erik Ekberg
CPC classification number: H04L9/0825 , H04L9/302 , H04L9/3242 , H04L9/3252 , H04L9/3268
Abstract: A method for attestation of Control Flow Integrity (CFI) of an application running on an end entity whereby an asymmetric key pair is generated by a Key Management Module (KMM) comprising a private key and a public key, then the public key is signed with a device key unique to the end entity thereby generating a public key certificate which attests to the private key being in possession of the end entity. The asymmetric key pair is based on the executing code of the application and the device key. The attestation claims regarding CFI of the application are signed by the private key in a dedicated signature module.
-
-
-
Search Results
4
records
(took 0.014 seconds)
