公开(公告)号：US08997225B2

公开(公告)日：2015-03-31

申请号：US13967626

申请日：2013-08-15

Applicant: Google Inc.

Inventor： Bennet S. Yee ,  David C. Sehr ,  Cliff L. Biffle

IPC: G06F21/00 ,  G06F21/53 ,  G06F9/445

CPC classification number: G06F21/53 ,  G06F9/445

Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.

Abstract translation: 用于动态添加和删除新密码的方法和装置，用于在安全运行时执行的先前验证的应用程序。 新代码被写入不可执行的应用程序的一部分安全内存。 验证新代码以确保它不能直接调用操作系统，在安全内存之外的地址内存，或修改安全的内存状态。 间接分支指令可能只针对在固定内存中固定大小边界对齐的地址。 经过验证的代码被复制到可执行的安全内存的一部分，应用程序可以在两个阶段的过程中进行，以确保不能执行部分复制的段。 一旦所有线程达到安全执行点，就可以删除验证的新代码，前提是代码以前被插入为单元，或者不包含可以通过不被删除的代码调用的内部目标。