Method for accessing a portable data storage medium with auxiliary module and portable data storage medium
US-9104895-B2 · Aug 11, 2015 · US
Processor operable to ensure code integrity
US9798873B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9798873-B2 |
| Application number | US-201113136670-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 4, 2011 |
| Priority date | Aug 4, 2011 |
| Publication date | Oct 24, 2017 |
| Grant date | Oct 24, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A processor can be used to ensure that program code can only be used for a designed purpose and not exploited by malware. Embodiments of an illustrative processor can comprise logic operable to execute a program instruction and to distinguish whether the program instruction is a legitimate branch instruction or a non-legitimate branch instruction.
First claim
Opening claim text (preview).
The invention claimed is: 1. A processor comprising: execution logic configured for executing one or more instructions of an instruction set architecture that executes in-line wherein the one or more instructions have an instruction encoding that specifies at least one opcode bit defining whether an instruction is a legitimate branch target; and code integrity logic configured for detecting a branch in program execution, determining whether a next instruction following a branch is a legitimate branch target according to the at least one opcode bit defining whether the instruction is a legitimate branch target, and if the next instruction following the branch is not a legitimate branch target, initiating at least one enforcement response, wherein the code integrity logic includes at least code integrity logic configured for determining whether a next instruction following a branch is a legitimate branch target based at least partially on tagging including at least one metadata indexed by an Instruction Pointer (IP) that indicates execution of the one or more instructions wherein the at least one metadata includes one or more bits per instruction pointer, the tagging specifying whether the next instruction following the branch is a legitimate branch target; and enforcement logic configured for controlling legitimate branch target enforcement and configured for recognizing and executing one or more instructions that control at least one selectable operating mode that enables or disables legitimate branch target enforcement, wherein the at least one selectable operating mode includes at least (1) permitting only local branches to the next instruction following the branch, (2) permitting only local branches to the next instruction following the branch wherein locality is specified as an instruction pointer (IP)-relative branch within a predetermined offset, (3) permitting indirect branches to the next instruction following the branch, (4) prohibiting indirect branches to the next instruction following the branch, and (5) permitting only indirect branches to the next instruction following the branch, wherein a metadata structure accessible to the processor includes at least one list of permitted indirect branch instructions. 2. The processor according to claim 1 wherein the code integrity logic configured for detecting a branch in program execution, determining whether a next instruction following a branch is a legitimate branch target according to the at least one opcode bit defining whether the instruction is a legitimate branch target, and if the next instruction following the branch is not a legitimate branch target, initiating at least one enforcement response comprises: code integrity logic configured for determining whether a next instruction following a branch is a legitimate branch target based at least partially on tagging including at least one bit in the one or more instructions that specifies whether the next instruction following the branch is a legitimate branch target. 3. The processor according to claim 1 wherein the code integrity logic configured for detecting a branch in program execution, determining whether a next instruction following a branch is a legitimate branch target according to the at least one opcode bit defining whether the instruction is a legitimate branch target, and if the next instruction following the branch is not a legitimate branch target, initiating at least one enforcement response comprises: code integrity logic configured for determining whether a next instruction following a branch is a legitimate branch target based at least partially on tagging including at least a predetermined special instruction or inclusion in a predetermined special class of instructions designated a legitimate branch target instruction that specifies whether the next instruction following the branch is a legitimate branch target. 4. The processor according to claim 1 wherein the code integrity logic configured for detecting a branch in program execution, determining whether a next instruction following a branch is a legitimate branch target according to the at least one opcode bit defining whether the instruction is a legitimate branch target, and if the next instruction following the branch is not a legitimate branch target, initiating at least one enforcement response comprises: code integrity logic configured for determining whether a next instruction following a branch is a legitimate branch target based at least partially on tagging including at least an operation code specifying a No Operation (NOP) instruction of a legacy instruction set that specifies whether the next instruction following the branch is a legitimate branch target. 5. The processor according to claim 1 wherein the code integrity logic configured for detecting a branch in program execution, determining whether a next instruction following a branch is a legitimate branch target according to the at least one opcode bit defining whether the instruction is a legitimate branch target, and if the next instruction following the branch is not a legitimate branch target, initiating at least one enforcement response comprises: code integrity logic configured for determining whether a next instruction following a branch is a legitimate branch target based at least partially on tagging including at least a metadata structure indexed by an Instruction Pointer (IP) that indicates execution of the legitimate branch target, the tagging specifying whether the next instruction following the branch is a legitimate branch target. 6. The processor according to claim 1 wherein the code integrity logic configured for detecting a branch in program execution, determining whether a next instruction following a branch is a legitimate branch target according to the at least one opcode bit defining whether the instruction is a legitimate branch target, and if the next instruction following the branch is not a legitimate branch target, initiating at least one enforcement response comprises: code integrity logic configured for determining whether a next instruction following a branch is a legitimate branch target based at least partially on tagging including at least one or more single-bit legitimate branch target metadata designating that the one or more instructions is permitted to be a branch target, the tagging specifying whether the next instruction following the branch is a legitimate branch target. 7. The processor according to claim 1 wherein the code integrity logic configured for detecting a branch in program execution, determining whether a next instruction following a branch is a legitimate branch target according to the at least one opcode bit defining whether the instruction is a legitimate branch target, and if the next instruction following the branch is not a legitimate branch target, initiating at least one enforcement response comprises: code integrity logic configured for determining whether a next instruction following a branch is a legitimate branch target based at least partially on tagging including one or more metadata structures including at least one list of Instruction Pointers (IPs) that indicate execution of the one or more instructions and are indicative of Instruction Pointers (IPs) allowed to branch to a predetermined location, the at least one list including at least one of branch-from Instruction Pointers (IPs) or classes of Instruction Pointers (IPs), the tagging specifying whether the next instruction following the branch is a legitimate branch target. 8. The processor according to claim 1 wherein the code integrity logic configured for detecting a branch in program execution, determining whether a next instruction following a branch is a legitimate branch target
Assignees
Inventors
Classifications
to assure secure computing or processing of information · CPC title
- G06F21/52Primary
during program execution, e.g. stack integrity {; Preventing unwanted data erasure; Buffer overflow} · CPC title
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems · CPC title
Address formation of the next instruction, e.g. by incrementing the instruction counter (G06F9/38 takes precedence) · CPC title
for non-sequential address · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9798873B2 cover?
- A processor can be used to ensure that program code can only be used for a designed purpose and not exploited by malware. Embodiments of an illustrative processor can comprise logic operable to execute a program instruction and to distinguish whether the program instruction is a legitimate branch instruction or a non-legitimate branch instruction.
- Who is the assignee on this patent?
- Gerrity Daniel A, Tegreene Clarence T, Elwha Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/52. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Oct 24 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).