公开(公告)号：US11656924B2

公开(公告)日：2023-05-23

申请号：US16524771

申请日：2019-07-29

Applicant: Samsung Electronics Co., Ltd.

Inventor： Guruprasad Ganesh ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Haining Chen ,  Ruowen Wang ,  Xun Chen ,  Donguk Seo ,  Kyoung-Joong Shin

IPC: G06F15/02 ,  G06F9/54 ,  G06F21/62 ,  H04L67/00 ,  G06F9/455

CPC classification number: G06F9/545 ,  G06F9/45545 ,  G06F21/6218 ,  H04L67/34

Abstract: An electronic device includes a memory and at least one processor coupled to the memory. The at least one processor is configured to identify a device change event in a host operating system, wherein the host operating system includes a host namespace, switch from the host namespace to a container namespace of a container, and update the container with information based on the device change event.

公开(公告)号：US20200014741A1

公开(公告)日：2020-01-09

申请号：US16503230

申请日：2019-07-03

Applicant: Samsung Electronics Co., Ltd.

Inventor： Khaled ElWazeer ,  Ivan Getta ,  Myungsu Cha ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Guruprasad Ganesh ,  Wenbo Shen ,  Ruowen Wang ,  Junyong Choi

IPC: H04L29/06 ,  G06F9/54 ,  G06F9/48 ,  G06F9/38

Abstract: This disclosure relates to an electronic device including a memory and at least one processor coupled to the memory. The at least one processor is configured to execute a daemon process in one of a container or a host operating system, wherein the daemon process is configured to manage data transfer between the container and the host operating system, create, via the daemon process, an inter-process communication (IPC) channel between the container and the host operating system, receive incoming audio data, and buffer the incoming audio data to the IPC channel.

公开(公告)号：US20190155727A1

公开(公告)日：2019-05-23

申请号：US16107652

申请日：2018-08-21

Applicant: Samsung Electronics Co., Ltd

Inventor： Ivan Getta ,  Sudhi Herle ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Guruprasad Ganesh ,  Wenbo Shen

IPC: G06F12/02 ,  G06F9/455 ,  G06F9/54

Abstract: A method for implementing a shared memory buffer includes at an apparatus comprising a processor and a physical memory, running a host environment with a host virtual memory. The method further includes running a guest environment with a guest virtual memory, performing, by the host environment, an allocation of a frame buffer in the physical memory, and mapping the allocated frame buffer into the host virtual memory. Additionally, the method includes passing a handle of the allocated frame buffer to the guest environment and performing a mapping of the allocated frame buffer into the guest virtual memory, the mapping based on the handle of the allocated frame buffer.

公开(公告)号：US11120130B2

公开(公告)日：2021-09-14

申请号：US16367530

申请日：2019-03-28

Applicant: Samsung Electronics Co., Ltd.

Inventor： James Gleeson ,  Ahmed Azab ,  Wenbo Shen ,  Rohan Bhutkar

IPC: G06F21/00 ,  G06F21/55 ,  G06F21/12 ,  G06F21/57 ,  G06F8/41

Abstract: An apparatus and a method for protecting kernel control-flow integrity using static binary instrumentation are provided. The method includes configuring a compiler to reserve a register in a processor, compiling source code into a binary based on the configured compiler, and modifying the binary to prevent exploits using the reserved register, wherein the reserved register stores a first encryption key for encrypting and decrypting return addresses. The reserved register stores an encryption key that is used to encrypt and decrypt return addresses to prevent control flow exploits.

公开(公告)号：US20200012511A1

公开(公告)日：2020-01-09

申请号：US16504075

申请日：2019-07-05

Applicant: Samsung Electronics Co., Ltd.

Inventor： Guruprasad Ganesh ,  Sudhi Herle ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Ivan Getta ,  Xun Chen ,  Wenbo Shen ,  Ruowen Wang ,  Haining Chen ,  Khaled Elwazeer ,  Mengmeng Li ,  Peng Ning ,  Hyungseok Yu ,  Myungsu Cha ,  Kyungsun Lee ,  Se Young Choi ,  Yurak Choe ,  Yong Shin ,  Kyoung-Joong Shin ,  Donguk Seo ,  Junyong Choi

IPC: G06F9/455 ,  G06F9/48 ,  G06F9/54 ,  G06F9/445

Abstract: A method for operating an electronic device, the method including spawning a name space tool (NST) as part of a boot process of a host OS, wherein the NST is a process with a plurality of root privileges of the host OS. The method further includes spawning, by the NST, a container for a guest OS, wherein the container for the guest OS is mapped to a dedicated domain in the host OS, and dropping, by the NST, a root privilege of the host OS in response to spawning the container for the guest OS.

公开(公告)号：US11032342B2

公开(公告)日：2021-06-08

申请号：US16503230

申请日：2019-07-03

Applicant: Samsung Electronics Co., Ltd.

Inventor： Khaled ElWazeer ,  Ivan Getta ,  Myungsu Cha ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Guruprasad Ganesh ,  Wenbo Shen ,  Ruowen Wang ,  Junyong Choi

IPC: H04L29/06 ,  G06F9/38 ,  G06F9/48 ,  G06F9/54

Abstract: This disclosure relates to an electronic device including a memory and at least one processor coupled to the memory. The at least one processor is configured to execute a daemon process in one of a container or a host operating system, wherein the daemon process is configured to manage data transfer between the container and the host operating system, create, via the daemon process, an inter-process communication (IPC) channel between the container and the host operating system, receive incoming audio data, and buffer the incoming audio data to the IPC channel.

公开(公告)号：US10733096B2

公开(公告)日：2020-08-04

申请号：US16107652

申请日：2018-08-21

Applicant: Samsung Electronics Co., Ltd

Inventor： Ivan Getta ,  Sudhi Herle ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Guruprasad Ganesh ,  Wenbo Shen

IPC: G06F12/02 ,  G06F9/455 ,  G06F9/54

Abstract: A method for implementing a shared memory buffer includes at an apparatus comprising a processor and a physical memory, running a host environment with a host virtual memory. The method further includes running a guest environment with a guest virtual memory, performing, by the host environment, an allocation of a frame buffer in the physical memory, and mapping the allocated frame buffer into the host virtual memory. Additionally, the method includes passing a handle of the allocated frame buffer to the guest environment and performing a mapping of the allocated frame buffer into the guest virtual memory, the mapping based on the handle of the allocated frame buffer.

公开(公告)号：US10402561B2

公开(公告)日：2019-09-03

申请号：US15048534

申请日：2016-02-19

Applicant: Samsung Electronics Co., Ltd.

Inventor： Peng Ning ,  Stephen E. McLaughlin ,  Michael C Grace ,  Ahmed M Azab ,  Rohan Bhutkar ,  Wenbo Shen ,  Xun Chen ,  Yong Choi ,  Ken Chen

IPC: G06F21/57 ,  G06F21/51 ,  G06F21/60 ,  G06F21/85 ,  G07C5/08 ,  G06F21/64

Abstract: An apparatus and method of a hardware isolated secure element protecting a plurality of mission critical subsystems are provided. The method includes performing an actuation operation received across an unsecure path that modifies the state of a mission critical subsystem, performing a diagnostic operation received across the unsecure path that requests state information of the mission critical subsystem, storing information used to determine which of the diagnostic operation and the actuation operation received across the unsecure path are performed, and flashing an execution image of an electronic control unit when the execution image of the electronic control unit is received across the unsecure path.

公开(公告)号：US20180026963A1

公开(公告)日：2018-01-25

申请号：US15584892

申请日：2017-05-02

Applicant: Samsung Electronics Co., Ltd

Inventor： Peng Ning ,  Yueh-Hsun Lin ,  Stephen E. McLaughlin ,  Michael C. Grace ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Yong Choi

IPC: H04L29/06

Abstract: A connected device includes an application processor, a secure element, and a control module. The application processor is configured to receive a control command from an electronic device. The secure element is connected between the application processor and a control module and is configured to authenticate the control command. The control module is configured to receive the control command when the control command is authenticated by the secure element, execute the control command to activate at least one function of the connected device, and transmit a response to the electronic device.

公开(公告)号：US11042398B2

公开(公告)日：2021-06-22

申请号：US16504075

申请日：2019-07-05

Applicant: Samsung Electronics Co., Ltd.

Inventor： Guruprasad Ganesh ,  Sudhi Herle ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Ivan Getta ,  Xun Chen ,  Wenbo Shen ,  Ruowen Wang ,  Haining Chen ,  Khaled Elwazeer ,  Mengmeng Li ,  Peng Ning ,  Hyungseok Yu ,  Myungsu Cha ,  Kyungsun Lee ,  Se Young Choi ,  Yurak Choe ,  Yong Shin ,  Kyoung-Joong Shin ,  Donguk Seo ,  Junyong Choi

IPC: G06F9/455 ,  G06F9/48 ,  G06F9/54 ,  G06F9/445

Abstract: A method for operating an electronic device, the method including spawning a name space tool (NST) as part of a boot process of a host OS, wherein the NST is a process with a plurality of root privileges of the host OS. The method further includes spawning, by the NST, a container for a guest OS, wherein the container for the guest OS is mapped to a dedicated domain in the host OS, and dropping, by the NST, a root privilege of the host OS in response to spawning the container for the guest OS.