公开(公告)号：US11860996B1

公开(公告)日：2024-01-02

申请号：US16376091

申请日：2019-04-05

Applicant: Apple Inc.

Inventor： Filip J. Pizlo ,  Yin Zin Mark Lam ,  Jean-Francois Bastien ,  Michael L. Saboff

IPC: G06F21/54 ,  G06F21/12 ,  G06F9/455 ,  G06F9/445 ,  G06F8/41

CPC classification number: G06F21/54 ,  G06F8/434 ,  G06F9/44568 ,  G06F9/45558 ,  G06F21/125 ,  G06F21/126 ,  G06F2009/45587

Abstract: Embodiments described herein provide for virtual machine (VM) based exploit mitigation techniques that can be used to harden web content frameworks and JavaScript Engines. Some embodiments described herein are also generally applicable to other system frameworks, libraries, and program code that executes on a processor that is vulnerable to an attack using a security exploit. Program code that implements the techniques described herein can prevent the use of security exploit attacks to bypass security properties within the program code.

公开(公告)号：US20220138313A1

公开(公告)日：2022-05-05

申请号：US17348576

申请日：2021-06-15

Applicant: Apple Inc.

Inventor： Filip J. Pizlo ,  Michael L. Saboff ,  Bernard J. Semeria ,  Jacques Fortier ,  Ivan Krstic ,  Yusuke Suzuki ,  Saam J. Barati ,  Yin Zin Mark Lam

IPC: G06F21/53

Abstract: In an embodiment, dynamically-generated code may be supported in the system by ensuring that the code either remains executing within a predefined region of memory or exits to one of a set of valid exit addresses. Software embodiments are described in which the dynamically-generated code is scanned prior to permitting execution of the dynamically-generated code to ensure that various criteria are met including exclusion of certain disallowed instructions and control of branch target addresses. Hardware embodiments are described in which the dynamically-generated code is permitted to executed but is monitored to ensure that the execution criteria are met.

公开(公告)号：US20150067639A1

公开(公告)日：2015-03-05

申请号：US14231464

申请日：2014-03-31

Applicant: Apple Inc.

Inventor： Filip J. Pizlo

IPC: G06F9/44

CPC classification number: G06F12/0815 ,  G06F8/315 ,  G06F8/4443 ,  G06F9/4491 ,  G06F9/451 ,  G06F9/45504 ,  G06F9/45508 ,  G06F9/45516 ,  G06F9/4552 ,  G06F9/45529 ,  G06F2212/621

Abstract: A method and an apparatus for an enhanced object model to allow concurrent execution for program code generated from dynamic programming languages, such as JavaScript, are described. An index structure may be introduced to an object model representing a dynamically typed object in addition to a type structure and a data payload storing property or field values of the object. Elements of the index structure may point at corresponding property values as an indirection for accessing the object.

Abstract translation: 描述了用于允许从动态编程语言（例如JavaScript）生成的程序代码的并发执行的增强对象模型的方法和装置。 索引结构可以被引入到表示动态类型对象的对象模型，除了类型结构和数据有效载荷存储对象的属性或字段值之外。 索引结构的元素可以指向相应的属性值作为访问对象的间接。