-
公开(公告)号:US20220113952A1
公开(公告)日:2022-04-14
申请号:US17561544
申请日:2021-12-23
Applicant: Intel Corporation
Inventor: Tugrul Ince , Koichi Yamada
Abstract: A disclosed example includes generating a binary translation of a native code section in response to a determination that the binary translation of the native code section is not present in a translation cache; storing the binary translation of the native code section in the translation cache; determining that a stop has occurred during the generation of the binary translation; subsequent to the determination that the stop has occurred, generating a binary translation state map of at least a portion of the binary translation; storing, for at least a portion of a duration of the stop, the binary translation state map in memory; and discarding the binary translation state map from the memory upon termination of the stop, the binary translation state map to not exist after the discard of the binary translation state map.
-
32.发明授权公开(公告)号:US10565379B2
公开(公告)日:2020-02-18
申请号:US15609369
申请日:2017-05-31
Applicant: Intel Corporation
Inventor: Koichi Yamada , Tugrul Ince , Paul A. Campbell , Jiunn-Yeu Chen
Abstract: In one embodiment, an apparatus includes an execution monitor to monitor an application in execution, identify a code region, generate region information for the code region, and analyze the code region to identify potential malicious behavior, and if the potential malicious behavior is identified, to alert a security agent, and otherwise to enable the code region to execute, where the execution monitor is isolated from the application. Other embodiments are described and claimed.
-
Patent Agency Ranking
公开(公告)号:US09990233B2
公开(公告)日:2018-06-05
申请号:US14129420
申请日:2013-06-28
Applicant: Intel Corporation
Inventor: Abhik Sarkar , Jiwei Lu , Palanivelrajan Rajan Shanmugavelayutham , Jason M. Agron , Koichi Yamada
CPC classification number: G06F9/5038 , G06F8/61 , G06F8/62 , G06F9/45516 , G06F9/485 , G06F9/5016 , G06F12/0253 , G06F12/0802 , G06F2212/1044 , G06F2212/60
Abstract: Technologies for partial binary translation on multi-core platforms include a shared translation cache, a binary translation thread scheduler, a global installation thread, and a local translation thread and analysis thread for each processor core. On detection of a hotspot, the thread scheduler first resumes the global thread if suspended, next activates the global thread if a translation cache operation is pending, and last schedules local translation or analysis threads for execution. Translation cache operations are centralized in the global thread and decoupled from analysis and translation. The thread scheduler may execute in a non-preemptive nucleus, and the translation and analysis threads may execute in a preemptive runtime. The global thread may be primarily preemptive with a small non-preemptive nucleus to commit updates to the shared translation cache. The global thread may migrate to any of the processor cores. Forward progress is guaranteed. Other embodiments are described and claimed.
-
公开(公告)号:US09965620B2
公开(公告)日:2018-05-08
申请号:US14998257
申请日:2015-12-24
Applicant: Intel Corporation
Inventor: Koichi Yamada , Palanivelrajan Shanmugavelayutham , Chang Seok Bae
CPC classification number: G06F21/52
Abstract: This disclosure is directed to a system for system for application program interface (API) monitoring bypass prevention. Operation of an API function may be preserved by generating a binary translation based on the API function native code. The native code may then be protected to prevent API monitoring bypassing. In one embodiment, access permission may be set to non-executable for a memory page in which the native code is stored. Attempts to execute the native code may generate exceptions triggering API monitoring. Alternatively, some or all of a body section of the native code may be replaced with at least one trap instruction that cause exceptions triggering API monitoring or engaging protective measures. Use of the trap instruction may be combined with at least one jump instruction added after a header section of the native code. Execution of the jump instruction may cause execution to be redirected to API monitoring.
-
公开(公告)号:US09940484B2
公开(公告)日:2018-04-10
申请号:US14582114
申请日:2014-12-23
Applicant: INTEL CORPORATION
Inventor: Koichi Yamada , Palanivelrajan Shanmugavelayutham , Lior Malka , Ashish Bijlani
IPC: G06F21/56 , G06F21/80 , G06F12/14 , G06F13/42 , G06F13/40 , G06F13/38 , G06F21/85 , G06F21/55 , G06F21/54
CPC classification number: G06F21/805 , G06F12/1483 , G06F13/387 , G06F13/404 , G06F13/4282 , G06F21/54 , G06F21/552 , G06F21/85 , G06F2221/2101
Abstract: Various embodiments are generally directed to an apparatus, method and other techniques to determine whether a target address of a register for an execution instruction is valid or invalid based on a comparison between the target address and one or more valid target addresses stored in a storage, increase a number of invalid target addresses if the target address is invalid, and determine whether the number of invalid target addresses is greater than an invalid target address threshold. Various embodiments may also include initiating a security measure to prevent a security breach if the number of invalid target addresses is greater than the invalid target address threshold or executing the execution instruction if the number of invalid target addresses is less than or equal to the invalid target address threshold.
-
36.发明授权公开(公告)号:US09405937B2
公开(公告)日:2016-08-02
申请号:US13930766
申请日:2013-06-28
Applicant: Intel Corporation
Inventor: Lior Malka , Koichi Yamada , Palanivelrajan Shanmugavelayutham , Barry E. Huntley , Scott D. Rodgers , James D. Beaney, Jr.
Abstract: A processor and method are described for managing different privilege levels associated with different types of program code, including binary translation program code. For example, one embodiment of a method comprises entering into one of a plurality of privilege modes responsive to detecting the execution of a corresponding one of a plurality of different types of program code including native executable program code, translated executable program code, and binary translation program code. In one embodiment, the binary translation program code includes sub-components each of which are associated with a different privilege level for improved security.
Abstract translation: 描述了处理器和方法,用于管理与不同类型的程序代码相关联的不同特权级别,包括二进制翻译程序代码。 例如,方法的一个实施例包括响应于检测到多个不同类型的程序代码中的相应的一个程序代码的执行,包括本机可执行程序代码,翻译的可执行程序代码和二进制转换,来进入多个特权模式之一 程序代码。 在一个实施例中,二进制翻译程序代码包括子组件,每个子组件与不同的权限级别相关联,以提高安全性。
-
公开(公告)号:US09110723B2
公开(公告)日:2015-08-18
申请号:US13997630
申请日:2013-03-13
Applicant: INTEL CORPORATION
Inventor: Jason M. Agron , Koichi Yamada
CPC classification number: G06F9/5027 , G06F1/3203 , G06F1/3206 , G06F1/329 , G06F9/505 , G06F9/5094 , G06F2209/5017 , Y02D10/22 , Y02D10/24
Abstract: Embodiments of techniques and systems associated with binary translation (BT) in computing systems are disclosed. In some embodiments, a BT task to be processed may be identified. The BT task may be associated with a set of code and may be identified during execution of the set of code on a first processing core of the computing device. The BT task may be queued in a queue accessible to a second processing core of the computing device, the second processing core being different from the first processing core. In response to a determination that the second processing core is in an idle state or has received an instruction through an operating system to enter an idle state, at least some of the BT task may be processed using the second processing core. Other embodiments may be described and/or claimed.
Abstract translation: 公开了与计算系统中的二进制翻译(BT)相关联的技术和系统的实施例。 在一些实施例中,可以识别待处理的BT任务。 BT任务可以与一组代码相关联,并且可以在计算设备的第一处理核心处的该代码集的执行期间被识别。 BT任务可以排队在计算设备的第二处理核心可访问的队列中,第二处理核心与第一处理核心不同。 响应于第二处理核心处于空闲状态或已经通过操作系统接收到进入空闲状态的指令的确定,可以使用第二处理核来处理BT任务中的至少一些。 可以描述和/或要求保护其他实施例。
-
-
-
-
-
-
Search Results
37
records
(took 0.029 seconds)
