专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20160180079A1 Execution Profiling Mechanism 有权
标题翻译：执行分析机制
公开(公告)号：US20160180079A1
公开(公告)日：2016-06-23
申请号：US14576665
申请日：2014-12-19
申请人： Ravi L. Sahita , Xiaoning Li , Barry E. Huntley , Ofer Levy , Vedvyas Shanbhogue , Yuriy Bulygin , Ido Ouziel , Michael Lemay , John M. Esper
发明人： Ravi L. Sahita , Xiaoning Li , Barry E. Huntley , Ofer Levy , Vedvyas Shanbhogue , Yuriy Bulygin , Ido Ouziel , Michael Lemay , John M. Esper
IPC分类号： G06F21/52
CPC分类号： G06F21/52 , G06F9/45558 , G06F11/30 , G06F21/554 , G06F2009/45591 , G06F2221/033
摘要： A method comprises filtering branch trap events at a branch event filter, monitoring a branch event filter to capture indirect branch trap events that cause a control flow trap exception, receiving the indirect branch trap events at a handler and the handler processing the indirect branch trap events
摘要翻译：一种方法包括在分支事件过滤器处过滤分支陷阱事件，监视分支事件过滤器以捕获导致控制流陷阱异常的间接分支陷阱事件，在处理器处接收间接分支陷阱事件，并处理处理间接分支陷阱事件

2. 发明授权

US10515023B2 System for address mapping and translation protection 有权
公开(公告)号：US10515023B2
公开(公告)日：2019-12-24
申请号：US15088739
申请日：2016-04-01
申请人： Ravi L. Sahita , Gilbert Neiger , Vedvyas Shanbhogue , David M. Durham , Andrew V. Anderson , David A. Koufaty , Asit K. Mallick , Arumugam Thiyagarajah , Barry E. Huntley , Deepak K. Gupta , Michael Lemay , Joseph F. Cihula , Baiju V. Patel
发明人： Ravi L. Sahita , Gilbert Neiger , Vedvyas Shanbhogue , David M. Durham , Andrew V. Anderson , David A. Koufaty , Asit K. Mallick , Arumugam Thiyagarajah , Barry E. Huntley , Deepak K. Gupta , Michael Lemay , Joseph F. Cihula , Baiju V. Patel
IPC分类号： G06F12/00 , G06F12/14 , G06F12/1009 , G06F9/455 , G06F12/1027 , G06F21/78
摘要： This disclosure is directed to a system for address mapping and translation protection. In one embodiment, processing circuitry may include a virtual machine manager (VMM) to control specific guest linear address (GLA) translations. Control may be implemented in a performance sensitive and secure manner, and may be capable of improving performance for critical linear address page walks over legacy operation by removing some or all of the cost of page walking extended page tables (EPTs) for critical mappings. Alone or in combination with the above, certain portions of a page table structure may be selectively made immutable by a VMM or early boot process using a sub-page policy (SPP). For example, SPP may enable non-volatile kernel and/or user space code and data virtual-to-physical memory mappings to be made immutable (e.g., non-writable) while allowing for modifications to non-protected portions of the OS paging structures and particularly the user space.

3. 发明申请

US20160179665A1 CONTROL OF ENTRY INTO PROTECTED MEMORY VIEWS 有权
标题翻译：进入受保护的存储器视图的控制
公开(公告)号：US20160179665A1
公开(公告)日：2016-06-23
申请号：US14581730
申请日：2014-12-23
申请人： Michael LeMay , Ravi L. Sahita , Barry E. Huntley , David M. Durham , Vedvyas Shanbhogue
发明人： Michael LeMay , Ravi L. Sahita , Barry E. Huntley , David M. Durham , Vedvyas Shanbhogue
IPC分类号： G06F12/08 , G06F9/455
CPC分类号： G06F12/08 , G06F9/45558 , G06F12/1009 , G06F12/1491 , G06F21/79 , G06F2009/45583 , G06F2009/45591 , G06F2212/151 , G06F2212/657
摘要： Generally, this disclosure provides systems, devices, methods and computer readable media for controlled memory view switching. The system may include a memory module comprising a shared address space between a first memory view and a second memory view. The system may also include a virtual machine monitor (VMM) to maintain a list of Controlled View Switch (CVS) descriptors. The system may further include a processor to receive a memory view switch request and to execute an instruction to save processor state information and switch from the first memory view to the second memory view, wherein the second memory view is specified by an extended page table pointer (EPTP) provided by one of the CVS descriptors.
摘要翻译：通常，本公开提供了用于受控存储器视图切换的系统，设备，方法和计算机可读介质。该系统可以包括存储器模块，该存储器模块包括第一存储器视图和第二存储器视图之间的共享地址空间。该系统还可以包括维护受控视图切换（CVS）描述符的列表的虚拟机监视器（VMM）。该系统还可以包括处理器，用于接收存储器视图切换请求并且执行用于保存处理器状态信息并从第一存储器视图切换到第二存储器视图的指令，其中第二存储器视图由扩展页表指针（EPTP）由其中一个CVS描述符提供。

4. 发明申请

US20210382987A1 PROCESSOR EXTENSIONS TO PROTECT STACKS DURING RING TRANSITIONS 有权
公开(公告)号：US20210382987A1
公开(公告)日：2021-12-09
申请号：US17407035
申请日：2021-08-19
申请人： Vedvyas Shanbhogue , Jason W. Brandt , Ravi L. Sahita , Barry E. Huntley , Baiju V. Patel , Deepak K. Gupta
发明人： Vedvyas Shanbhogue , Jason W. Brandt , Ravi L. Sahita , Barry E. Huntley , Baiju V. Patel , Deepak K. Gupta
IPC分类号： G06F21/52 , G06F3/06 , G06F12/14 , G06F9/30 , G06F9/46
摘要： A processor implementing techniques for processor extensions to protect stacks during ring transitions is provided. In one embodiment, the processor includes a plurality of registers and a processor core, operatively coupled to the plurality of registers. The plurality of registers is used to store data used in privilege level transitions. Each register of the plurality of registers is associated with a privilege level. An indicator to change a first privilege level of a currently active application to a second privilege level is received. In view of the second privilege level, a shadow stack pointer (SSP) stored in a register of the plurality of registers is selected. The register is associated with the second privilege level. By using the SSP, a shadow stack for use by the processor at the second privilege level is identified.

5. 发明申请

US20130117743A1 Instruction-Set Support for Invocation of VMM-Configured Services without VMM Intervention 有权
标题翻译：指令集支持调用VMM配置的服务而不进行VMM干预
公开(公告)号：US20130117743A1
公开(公告)日：2013-05-09
申请号：US13629395
申请日：2012-09-27
申请人： Gilbert Neiger , Barry E. Huntley , Ravi L. Sahita , Vedvyas Shanbhogue , Jason W. Brandt
发明人： Gilbert Neiger , Barry E. Huntley , Ravi L. Sahita , Vedvyas Shanbhogue , Jason W. Brandt
IPC分类号： G06F9/455
CPC分类号： G06F9/45545 , G06F9/455 , G06F9/45533 , G06F9/4555
摘要： A processing core comprising instruction execution logic circuitry and register space. The register space to be loaded from a VMCS, commensurate with a VM entry, with information indicating whether a service provided by the processing core on behalf of the VMM is enabled. The instruction execution logic to, in response to guest software invoking an instruction: refer to the register space to confirm that the service has been enabled, and, refer to second register space or memory space to fetch input parameters for said service written by said guest software.
摘要翻译：处理核心，包括指令执行逻辑电路和寄存器空间。要从VMCS加载的与VM条目相称的寄存器空间，其中指示是否启用了代表VMM的由处理核心提供的服务的信息。指令执行逻辑响应客户软件调用指令：参考寄存器空间以确认服务已经被使能，并且参考第二寄存器空间或存储器空间来获取由所述访客写入的所述服务的输入参数软件。

6. 发明申请

US20140013326A1 Instruction-Set Support for Invocation of VMM-Configured Services without VMM Intervention 有权
标题翻译：指令集支持调用VMM配置的服务而不进行VMM干预
公开(公告)号：US20140013326A1
公开(公告)日：2014-01-09
申请号：US13843337
申请日：2013-03-15
申请人： Gilbert Neiger , Barry E. Huntley , Ravi L. Sahita , Vedvyas Shanbhogue , Jason W. Brandt
发明人： Gilbert Neiger , Barry E. Huntley , Ravi L. Sahita , Vedvyas Shanbhogue , Jason W. Brandt
IPC分类号： G06F9/455
CPC分类号： G06F9/45545 , G06F9/455 , G06F9/45533 , G06F9/4555
摘要： A processing core comprising instruction execution logic circuitry and register space. The register space to be loaded from a VMCS, commensurate with a VM entry, with information indicating whether a service provided by the processing core on behalf of the VMM is enabled. The instruction execution logic to, in response to guest software invoking an instruction: refer to the register space to confirm that the service has been enabled, and, refer to second register space or memory space to fetch input parameters for said service written by said guest software.
摘要翻译：处理核心，包括指令执行逻辑电路和寄存器空间。要从VMCS加载的与VM条目相称的寄存器空间，其中指示是否启用了代表VMM的由处理核心提供的服务的信息。指令执行逻辑响应客户软件调用指令：参考寄存器空间以确认服务已经被使能，并且参考第二寄存器空间或存储器空间来获取由所述访客写入的所述服务的输入参数软件。

7. 发明申请

US20190095350A1 System, Apparatus And Method For Page Granular,Software Controlled Multiple Key Memory Encryption 审中-公开
公开(公告)号：US20190095350A1
公开(公告)日：2019-03-28
申请号：US15714217
申请日：2017-09-25
申请人： David M. Durham , Siddhartha Chhabra , Amy L. Santoni , Gilbert Neiger , Barry E. Huntley , Hormuzd M. Khosravi , Baiju V. Patel , Ravi L. Sahita , Gideon Gerzon , Ido Ouziel , Ioannis T. Schoinas , Rajesh M. Sankaran
发明人： David M. Durham , Siddhartha Chhabra , Amy L. Santoni , Gilbert Neiger , Barry E. Huntley , Hormuzd M. Khosravi , Baiju V. Patel , Ravi L. Sahita , Gideon Gerzon , Ido Ouziel , Ioannis T. Schoinas , Rajesh M. Sankaran
IPC分类号： G06F12/14 , G06F21/60 , G06F21/82 , G06F3/06
摘要： In one embodiment, a cryptographic circuit is adapted to receive a data line including at least an encrypted portion from a memory in response to a read request having a memory address from a first agent, obtain a key identifier for a key of the first agent from the data line, obtain the key using the key identifier, decrypt the at least encrypted portion of the data line using the key and send decrypted data of the at least encrypted portion of the data line to the first agent. Other embodiments are described and claimed.

8. 发明申请

US20160283714A1 TECHNOLOGIES FOR CONTROL FLOW EXPLOIT MITIGATION USING PROCESSOR TRACE 有权
标题翻译：使用处理器跟踪控制流量开采减少的技术
公开(公告)号：US20160283714A1
公开(公告)日：2016-09-29
申请号：US14670988
申请日：2015-03-27
申请人： Michael LeMay , Ravi L. Sahita , Beeman C. Strong , Thilo Schmitt , Yuriy Bulygin , Markus T. Metzger
发明人： Michael LeMay , Ravi L. Sahita , Beeman C. Strong , Thilo Schmitt , Yuriy Bulygin , Markus T. Metzger
IPC分类号： G06F21/56 , G06F21/44
CPC分类号： G06F21/56 , G06F21/44 , G06F21/52
摘要： Technologies for control flow exploit mitigation include a computing device having a processor with real-time instruction tracing support. During execution of a process, the processor generates trace data indicative of control flow of the process. The computing device analyzes the trace data to identify suspected control flow exploits. The computing device may use heuristic algorithms to identify return-oriented programming exploits. The computing device may maintain a shadow stack based on the trace data. The computing device may identify indirect branches to unauthorized addresses based on the trace data to identify jump-oriented programming exploits. The computing device may check the trace data whenever the process is preempted. The processor may detect mispredicted return instructions in real time and invoke a software handler in the process space of the process to verify and maintain the shadow stack. Other embodiments are described and claimed.
摘要翻译：用于控制流利用减轻的技术包括具有具有实时指令跟踪支持的处理器的计算设备。在处理过程中，处理器产生指示过程控制流的跟踪数据。计算设备分析跟踪数据以识别可疑的控制流攻击。计算设备可以使用启发式算法来识别返回导向的编程漏洞。计算设备可以基于跟踪数据来维护阴影栈。计算设备可以基于跟踪数据来识别对未授权地址的间接分支，以识别面向跳跃的编程漏洞。每当进程被抢占时，计算设备可以检查跟踪数据。处理器可以实时地检测错误的返回指令，并且在该过程的过程空间中调用软件处理程序以验证和维护该影子栈。描述和要求保护其他实施例。

9. 发明申请

US20090222792A1 AUTOMATIC MODIFICATION OF EXECUTABLE CODE 有权
标题翻译：自动修改可执行代码
公开(公告)号：US20090222792A1
公开(公告)日：2009-09-03
申请号：US12039486
申请日：2008-02-28
申请人： Vedvyas Shanbhogue , Ravi L. Sahita , Uday R. Savagaonkar
发明人： Vedvyas Shanbhogue , Ravi L. Sahita , Uday R. Savagaonkar
IPC分类号： G06F9/44
CPC分类号： G06F9/4484 , G06F2209/542
摘要： A method for automatically modifying an executable file for a software agent is provided. The method comprises detecting original static entry and exit points in the executable file and generating corresponding transformed points; modifying the executable file by linking the executable file to the integrity services environment and embedding a signed agent manifest; loading the modified executable file into memory and registering a target list with the software agent's hypervisor, wherein the target list provides mappings between protected and active page tables; detecting dynamic entry and exit points in the executable file and generating corresponding transformed points; switching to a protected context, in response to a transformed exit point being invoked, and switching to an active context, in response a transformed entry point being invoked; and de-registering the software agent with the memory protection module, in response to the software agent being unloaded.
摘要翻译：提供了一种用于自动修改软件代理的可执行文件的方法。该方法包括检测可执行文件中的原始静态入口点和出口点，并产生相应的变换点; 通过将可执行文件链接到完整性服务环境并嵌入签名的代理清单来修改可执行文件; 将修改的可执行文件加载到存储器中并且与所述软件代理的管理程序注册目标列表，其中所述目标列表提供受保护页面和活动页面表之间的映射; 检测可执行文件中的动态入口点和出口点，并生成相应的转换点; 响应于被转换的退出点被调用，切换到受保护的上下文，并且响应于被转换的入口点被切换到活动上下文; 以及响应于所述软件代理被卸载，将所述软件代理与所述存储器保护模块取消注册。

10. 发明申请

US20090323941A1 SOFTWARE COPY PROTECTION VIA PROTECTED EXECUTION OF APPLICATIONS 有权
标题翻译：通过受保护的应用程序执行软件复制保护
公开(公告)号：US20090323941A1
公开(公告)日：2009-12-31
申请号：US12165260
申请日：2008-06-30
申请人： Ravi L. Sahita , Uday R. Savagaonkar , Vedvyas Shanbhogue , Ernest F. Brickell
发明人： Ravi L. Sahita , Uday R. Savagaonkar , Vedvyas Shanbhogue , Ernest F. Brickell
IPC分类号： H04L9/00
CPC分类号： G06F21/53 , H04L9/0841 , H04L9/3263 , H04L2209/605
摘要： Methods and apparatus to provide a tamper-resistant environment for software are described. In some embodiments, procedures for verifying whether a software container is utilizing protected memory and is associated with a specific platform are described. Other embodiments are also described.
摘要翻译：描述了为软件提供防篡改环境的方法和设备。在一些实施例中，描述了用于验证软件容器是否正在利用受保护的存储器并且与特定平台相关联的过程。还描述了其它实施例。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式