公开(公告)号：US08959632B2

公开(公告)日：2015-02-17

申请号：US13787616

申请日：2013-03-06

Applicant: Google Inc.

Inventor： J. Bradley Chen ,  Matthew T. Harren ,  Matthew Papakipos ,  David C. Sehr ,  Bennet S. Yee ,  Gregory Dardyk

IPC: G06F21/00 ,  G06F9/445 ,  H04L29/06 ,  G06F9/30 ,  G06F21/53 ,  G06F21/57

CPC classification number: G06F21/51 ,  G06F9/30174 ,  G06F9/44589 ,  G06F21/53 ,  G06F21/57 ,  G06F2221/033 ,  G06F2221/2113 ,  G06F2221/2119 ,  H04L29/06884

Abstract: A system that safely executes a native code module on a computing device. During operation, the system receives the native code module, which is comprised of untrusted native program code expressed using native instructions in the instruction set architecture associated with the computing device. The system then loads the native code module into a secure runtime environment, and proceeds to execute a set of instructions from the native code module in the secure runtime environment. The secure runtime environment enforces code integrity, control flow integrity, and data integrity for the native code module. Furthermore, the secure runtime environment moderates which resources can be accessed by the native code module on the computing device and/or how these resources can be accessed. By executing the native code module in the secure runtime environment, the system facilitates achieving native code performance for untrusted program code without a significant risk of unwanted side effects.

Abstract translation: 一种在计算设备上安全执行本机代码模块的系统。 在操作期间，系统接收本地代码模块，其由使用与计算设备相关联的指令集架构中的本地指令表示的不可信的本机程序代码组成。 然后，系统将本机代码模块加载到安全运行时环境中，并继续在安全运行时环境中从本机代码模块执行一组指令。 安全运行时环境强制本机代码模块的代码完整性，控制流完整性和数据完整性。 此外，安全运行时环境调节哪些资源可以由计算设备上的本地代码模块访问和/或如何访问这些资源。 通过在安全运行时环境中执行本地代码模块，系统便于实现不可信程序代码的本地代码性能，而不会产生不必要的副作用的重大风险。

公开(公告)号：US20140359765A1

公开(公告)日：2014-12-04

申请号：US14463345

申请日：2014-08-19

Applicant: Google Inc.

Inventor： J. Bradley Chen ,  Matthew T. Harren ,  Matthew Papakipos ,  David C. Sehr ,  Bennet S. Yee

IPC: G06F21/51

CPC classification number: G06F21/577 ,  G06F21/51

Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.

Abstract translation: 验证本机代码模块的系统。 在操作期间，系统接收由不可信的本地程序代码组成的本地代码模块。 该系统通过以下方式来验证本地代码模块：（1）确定本地代码模块中的代码不包括任何受限制的指令和/或不访问计算设备的受限特征; 和（2）确定本地代码模块中的指令沿着字节边界排列，使得指定的字节边界集合总是包含有效指令，并且控制流指令具有有效目标。 系统允许成功验证的本地代码模块执行，并拒绝验证失败的本机代码模块。 通过验证本地代码模块，系统便于在计算设备上的安全运行时环境中安全执行本地代码模块，从而为不受信任的程序二进制代码执行本机代码性能，而不会产生不必要的副作用。

公开(公告)号：US08797339B2

公开(公告)日：2014-08-05

申请号：US13626696

申请日：2012-09-25

Applicant: Google Inc.

Inventor： Antoine Labour ,  Matthew Papakipos

IPC: G06F15/00 ,  G06F15/167 ,  G09G5/36

CPC classification number: G06T15/005 ,  G06F9/451 ,  G06F21/53 ,  G06T1/60

Abstract: Some embodiments provide a system that executes a web application. During operation, the system loads the web application in a web browser and loads a native code module associated with the web application into a secure runtime environment. Next, the system writes a set of rendering commands to a command buffer using the native code module and concurrently reads the rendering commands from the command buffer. Finally, the system renders an image for use by the web application by executing the rendering commands using a graphics-processing unit (GPU).

Abstract translation: 一些实施例提供执行web应用的系统。 在操作期间，系统将Web应用程序加载到Web浏览器中，并将与Web应用程序相关联的本地代码模块加载到安全的运行时环境中。 接下来，系统使用本地代码模块将一组呈现命令写入命令​​缓冲区，并从命令缓冲区中同时读取渲染命令。 最后，系统通过使用图形处理单元（GPU）执行渲染命令来呈现由web应用程序使用的图像。

公开(公告)号：US20130275471A1

公开(公告)日：2013-10-17

申请号：US13916427

申请日：2013-06-12

Applicant: Google Inc.

Inventor： Eric Uhrhane ,  Matthew Papakipos

IPC: G06F21/62

CPC classification number: G06F21/6218 ,  G06F21/53

Abstract: One embodiment provides a system that facilitates the execution of a web application. During operation, the system allocates a storage space on one or more storage devices for use by the web application. Next, the system creates, for the web application, a private filesystem comprising a private root directory within the storage space. Finally, the system enables access to the private filesystem for the web application through the private root directory in a manner that does not allow access to a host filesystem associated with the one or more storage devices from the web application.

Abstract translation: 一个实施例提供了有助于web应用的执行的系统。 在操作期间，系统在一个或多个存储设备上分配存储空间以供Web应用程序使用。 接下来，系统为web应用创建包括存储空间内的私有根目录的私有文件系统。 最后，该系统允许以不允许从web应用程序访问与一个或多个存储设备相关联的主机文件系统的方式通过专用根目录访问web应用的专用文件系统。