-
公开(公告)号:US20160092227A1
公开(公告)日:2016-03-31
申请号:US14962883
申请日:2015-12-08
Applicant: Intel Corporation
Inventor: Baiju V. Patel , James B. Crossland , Atul A. Khare , Toby Opferman
CPC classification number: G06F9/30145 , G06F9/30054 , G06F9/52 , G06F9/54 , G06F2209/521
Abstract: Robust system call and system return instructions are executed by a processor to transfer control between a requester and an operating system kernel. The processor includes execution circuitry and registers that store pointers to data structures in memory. The execution circuitry receives a system call instruction from a requester to transfer control from a first privilege level of the requester to a second privilege level of an operating system kernel. In response, the execution circuitry swaps the data structures that are pointed to by the registers between the requester and the operating system kernel in one atomic transition.
Abstract translation: 强大的系统调用和系统返回指令由处理器执行,以在请求者和操作系统内核之间传输控制。 处理器包括执行电路和寄存器,其存储指向存储器中的数据结构的指针。 执行电路从请求者接收系统调用指令,以将控制从请求者的第一特权级别转移到操作系统内核的第二特权级别。 作为响应,执行电路在一个原子转换中交换请求者和操作系统内核之间的寄存器所指向的数据结构。
-
公开(公告)号:US10572395B2
公开(公告)日:2020-02-25
申请号:US15258007
申请日:2016-09-07
Applicant: Intel Corporation
Inventor: Volodymyr Pikhur , Atul A. Khare
Abstract: A processing system includes an execution unit comprising a logic circuit to implement an architecturally-protected execution environment associated with a protected region in a memory, in which the execution unit is to execute application code stored in the protected region as a thread running in the architecturally-protected execution environment, determine that an access mode flag is set to a first value, detect an attempt by the thread to access data stored outside the protected region, and responsive to detecting the attempt and determining that the access mode flag is set to the first value, generate an exception.
-
公开(公告)号:US20180067873A1
公开(公告)日:2018-03-08
申请号:US15258007
申请日:2016-09-07
Applicant: Intel Corporation
Inventor: Volodymyr Pikhur , Atul A. Khare
IPC: G06F12/14 , G06F12/0877
CPC classification number: G06F12/1441 , G06F2212/1052 , G06F2212/402
Abstract: A processing system includes an execution unit comprising a logic circuit to implement an architecturally-protected execution environment associated with a protected region in a memory, in which the execution unit is to execute application code stored in the protected region as a thread running in the architecturally-protected execution environment, determine that an access mode flag is set to a first value, detect an attempt by the thread to access data stored outside the protected region, and responsive to detecting the attempt and determining that the access mode flag is set to the first value, generate an exception.
-
公开(公告)号:US09239801B2
公开(公告)日:2016-01-19
申请号:US13910333
申请日:2013-06-05
Applicant: Intel Corporation
Inventor: Baiju V. Patel , Xiaoning Li , H P. Anvin , Asit K. Mallick , Gilbert Neiger , James B. Crossland , Toby Opferman , Atul A. Khare , Jason W. Brandt , James S. Coke , Brian L. Vajda
CPC classification number: G06F12/145 , G06F8/434 , G06F9/30105 , G06F9/30134 , G06F21/52
Abstract: An example processing system may comprise: a lower stack bound register configured to store a first memory address, the first memory address identifying a lower bound of a memory addressable via a stack segment; an upper stack bound register configured to store a second memory address, the second memory address identifying an upper bound of the memory addressable via the stack segment; and a stack bounds checking logic configured to detect unauthorized stack pivoting, by comparing a memory address being accessed via the stack segment with at least one of the first memory address and the second memory address.
Abstract translation: 示例处理系统可以包括:下堆叠绑定寄存器,被配置为存储第一存储器地址,第一存储器地址标识经由堆栈段可寻址的存储器的下限; 上堆叠绑定寄存器,其被配置为存储第二存储器地址,所述第二存储器地址通过所述堆栈段识别所述存储器可寻址的上限; 并且通过将经由所述堆栈段访问的存储器地址与所述第一存储器地址和所述第二存储器地址中的至少一个进行比较来配置用于检测未授权堆栈枢转的堆栈边界检查逻辑。
-
-
-
Search Results
4
records
(took 0.027 seconds)
