Enhancing container security by performing container vulnerability reduction based on static analysis of dynamically loaded symbols and system call blocking
US-2024220632-A1 · Jul 4, 2024 · US
Validating an untrusted native code module
US9361453B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9361453-B2 |
| Application number | US-201414463345-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 19, 2014 |
| Priority date | May 8, 2008 |
| Publication date | Jun 7, 2016 |
| Grant date | Jun 7, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method, comprising: receiving, at a computing device, a native code module having instructions that match a particular instruction set architecture of a processor of the computing device; validating, by the computing device, that the native code module meets a set of security requirements, wherein the validating includes determining that control flow instructions in the native code module have valid target addresses that align with a set of byte boundaries, the set of byte boundaries satisfying an alignment granularity condition; and executing the validated native code module in a secure runtime environment of the computing device, the secure runtime environment configured to moderate access by the native code module to particular resources on the computing device. 2. The computer-implemented method of claim 1 , wherein the alignment granularity condition defines a byte boundary at every nth byte in a memory of the computing device, wherein n is a power of two. 3. The computer-implemented method of claim 1 , wherein the particular instruction set architecture of the processor of the computing device is an x86 instruction set architecture. 4. The computer-implemented method of claim 1 , wherein validating that the native code module meets the set of security requirements comprises performing static binary analysis on the native code module before the native code module is executed. 5. The computer-implemented method of claim 1 , wherein validating that the native code module meets the set of security requirements further includes determining that the native code module does not include instructions that belong to a restricted set of instructions. 6. The computer-implemented method of claim 1 , wherein validating that the native code module meets the set of security requirements further includes determining that particular instructions cannot be inserted into the native code module at runtime as a result of dynamic code generation or self-modifying code. 7. The computer-implemented method of claim 1 , wherein validating that the native code module meets the set of security requirements further includes determining that the native code module is not configured to read or write data outside of a valid range of addresses in a memory of the computing device. 8. The computer-implemented method of claim 1 , wherein: the native code module is a web application that is configured to be executed within a web browsing application, and the validated native code module is executed within a web browsing application on the computing device by executing the native code module in a secure runtime environment of the web browsing application. 9. The computer-implemented method of claim 1 , wherein the computing device is configured to block execution of the native code module in response to a determination that the native code module cannot be validated. 10. The computer-implemented method of claim 1 , wherein the instructions in the native code module are padded with no-op instructions so that other instructions in the native code module are caused to be aligned at the set of byte boundaries that satisfy the alignment granularity condition. 11. A computing device, comprising: one or more processors; an interface configured to receive a native code module, the native code module comprising a plurality of executable instructions; a validation module configured to validate that the native code module meets a set of security requirements by determining that control flow instructions in the native code module have valid target addresses that align with a set of byte boundaries, the set of byte boundaries satisfying a defined alignment granularity condition; and a secure runtime environment configured to execute the native code module on the one or more processors and to moderate access by the native code module to particular resources on the computing device. 12. A non-transitory computer-readable storage medium having instructions stored thereon that, when executed by a processor of a computing device, cause the processor to perform operations comprising: receiving, at the computing device, a native code module having instructions that match a particular instruction set architecture of the processor of the computing device; validating, by the computing device, that the native code module meets a set of security requirements, wherein the validating includes determining that control flow instructions in the native code module have valid target addresses that align with a set of byte boundaries, the set of byte boundaries satisfying an alignment granularity condition; and executing the validated native code module in a secure runtime environment of the computing device, the secure runtime environment configured to moderate access by the native code module to particular resources on the computing device. 13. The non-transitory computer-readable storage medium of claim 12 , wherein the alignment granularity condition defines a byte boundary at every nth byte in a memory of the computing device, wherein n is a power of two. 14. The non-transitory computer-readable storage medium of claim 12 , wherein the particular instruction set architecture of the processor of the computing device is an x86 instruction set architecture. 15. The non-transitory computer-readable storage medium of claim 12 , wherein validating that the native code module meets the set of security requirements comprises performing static binary analysis on the native code module before the native code module is executed. 16. The non-transitory computer-readable storage medium of claim 12 , wherein validating that the native code module meets the set of security requirements further includes determining that the native code module does not include instructions that belong to a restricted set of instructions. 17. The non-transitory computer-readable storage medium of claim 12 , wherein validating that the native code module meets the set of security requirements further includes determining that particular instructions cannot be inserted into the native code module at runtime as a result of dynamic code generation or self-modifying code. 18. The non-transitory computer-readable storage medium of claim 12 , wherein validating that the native code module meets the set of security requirements further includes determining that the native code module is not configured to read or write data outside of a valid range of addresses in a memory of the computing device. 19. The non-transitory computer-readable storage medium of claim 12 , wherein: the native code module is a web application that is configured to be executed within a web browsing application, and the validated native code module is executed within a web browsing application on the computing device by executing the native code module in a secure runtime environment of the web browsing application. 20. The non-transitory computer-readable storage medium of claim 12 , wherein the computing device is configured to block execution of the native code module in response to a determination that the native code module cannot be validated.
Assignees
Inventors
Classifications
- G06F21/51Primary
at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability · CPC title
- G06F21/577Primary
Assessing vulnerabilities and evaluating computer system security · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9361453B2 cover?
- A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instruct…
- Who is the assignee on this patent?
- Google Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/51. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 07 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).