公开(公告)号：US11531531B1

公开(公告)日：2022-12-20

申请号：US15916099

申请日：2018-03-08

Applicant: Amazon Technologies, Inc.

Inventor： Bjoern Doebel ,  Martin Thomas Pohlack

IPC: G06F8/60 ,  G06F8/656 ,  G06F8/65 ,  G06F8/71 ,  G06F9/48

Abstract: An execution of an instance of a program that does not include checkpoint-based live update functionality is paused. A set of objects containing state information of the program is identified from a portion of memory used by the instance, and stored in a checkpoint of the program. The execution of the instance is resumed using at least the checkpoint and code that has been dynamically introduced into the instance.

公开(公告)号：US10817190B1

公开(公告)日：2020-10-27

申请号：US16511699

申请日：2019-07-15

Applicant: Amazon Technologies, Inc.

Inventor： Martin Thomas Pohlack

IPC: G06F3/06 ,  G06F21/57

Abstract: Systems and processes for managing memory compression security to mitigate security risks related to compressed memory page access are disclosed herein. A system for managing memory compression security includes a system memory and a memory manager. The system memory includes an uncompressed region configured to store a plurality of uncompressed memory pages and a compressed region configured to store a plurality of compressed memory pages. The memory manager identifies a memory page in the uncompressed region of the system memory as a candidate for compression and estimate a decompression time for a compressed version of the identified memory page. The memory manager determines whether the estimated decompression time is less than a constant decompression time. The memory manager, based on a determination that the estimated decompression time is less than the constant decompression time, compresses the memory page and writes the compressed memory page in the compressed region.

公开(公告)号：US10311229B1

公开(公告)日：2019-06-04

申请号：US14715333

申请日：2015-05-18

Applicant: Amazon Technologies, Inc.

Inventor： Martin Thomas Pohlack

IPC: G06F9/44 ,  G06F21/54 ,  G06F8/41

Abstract: In a virtualization environment, a guest process may protect itself from potential timing side-channel attacks by other guest processes on the same host machine by taking steps to obscure accesses to alternative critical code paths (e.g., alternative paths within cryptographic functions whose selection at runtime is dependent on secret data) that have been designated as potential targets of such attacks. This may include interleaving instructions from multiple alternative code paths so that they land in the same cache lines (e.g., so that all code paths pass through the same set of cache lines). The different code paths may be allocated the same or different numbers of bytes per cache line, and unused allocated locations may be filled with NOPs. Chunks of code for a given code path that fall on different cache lines may be linked using local jumps. Some code chunks may span the boundaries between two cache lines.

公开(公告)号：US09436603B1

公开(公告)日：2016-09-06

申请号：US14192480

申请日：2014-02-27

Applicant: Amazon Technologies, Inc.

Inventor： Martin Thomas Pohlack

IPC: G06F12/02 ,  G06F12/08

CPC classification number: G06F12/0808 ,  G06F21/556

Abstract: During execution of an application that accesses a shared memory, a security component may, based on an indication from a performance monitor, determine that the application is carrying out a timing side-channel attack. The performance monitor may trigger an interrupt if a pre-determined number of cache line flushes is executed, after which the security component may inspect program instructions of the executing application to determine whether those instructions are likely being used in such an attack. In response to determining that an attack is under way, the security component may take action to mitigate or curtail the attack. The security component may modify the program instructions or page mapping of the executing application to make accesses to portions of the shared memory targeted by the cache line flushes predictable or consistent (e.g., by replacing the instructions with traps, removing them, or inserting instructions immediately before or after them).

Abstract translation: 在执行访问共享存储器的应用程序期间，安全组件可以基于来自性能监视器的指示来确定应用正在执行定时侧信道攻击。 如果执行预定数量的高速缓存行刷新，则性能监视器可以触发中断，之后安全组件可以检查执行应用程序的程序指令，以确定这些指令是否可能在这种攻击中被使用。 为了响应确定正在进行攻击，安全组件可以采取行动来减轻或限制攻击。 安全组件可以修改程序指令或执行应用程序的页面映射，以使对高速缓存行目标的部分共享内存的访问可预测或一致（例如，通过用陷阱替换指令，删除它们或立即插入指令 在他们之前或之后）。

公开(公告)号：US09164754B1

公开(公告)日：2015-10-20

申请号：US14133515

申请日：2013-12-18

Applicant: Amazon Technologies, Inc.

Inventor： Martin Thomas Pohlack

IPC: G06F9/44 ,  G06F9/445

CPC classification number: G06F8/658 ,  G06F8/656

Abstract: During execution of a program, a code patching component may insert a redirection patch into a native-code representation of the program. The code patching component may identify a patch area in the native-code representation, copy existing code from the patch area to another location for subsequent emulation by a trap handler, determine the number of instructions and type of native-code elements within the patch area, and replace native-code elements in the patch area with native-code elements representing a jump type instruction and a target address argument for the jump type instruction (directly or indirectly indicating the location of new code that replaces the code in the patch area). The target address argument may be determined by the code patching component based on the program's characteristics, and may include a collection of elements representing existing code, trap type instructions, NOP type instructions, or arbitrary values.

Abstract translation: 在执行程序期间，代码补丁组件可以将重定向补丁插入到程序的本地代码表示中。 代码补丁组件可以识别本机代码表示中的补丁区域，将现有代码从补丁区域复制到另一位置，以便由陷阱处理程序进行后续仿真，确定补丁区域内的指令数量和本机代码元素的类型 并且用代表跳转类型指令的本地代码元素和跳转类型指令的目标地址参数（直接或间接地指示替换补丁区域中的代码的新代码的位置）来替换补丁区域中的本机代码元素。 。 目标地址参数可以由代码修补组件基于程序的特性来确定，并且可以包括表示现有代码，陷阱类型指令，NOP类型指令或任意值的元素的集合。