公开(公告)号：US20200081847A1

公开(公告)日：2020-03-12

申请号：US16564502

申请日：2019-09-09

Applicant: Apple Inc.

Inventor： Julien Oster ,  Thomas G. Holland ,  Bernard J. Semeria ,  Jason A. Harmening ,  Pierre-Olivier J. Martel ,  Gregory D. Hughes ,  P. Love Hornquist Astrand ,  Jacques Fortier ,  Ryan P. Nielson ,  Simon P. Cooper

IPC: G06F12/1009 ,  G06F21/62 ,  G06F9/455

Abstract: In an embodiment, a computer system comprises a page protection layer. The page protection layer may be the component in the system which manages the page tables for virtual to physical page mappings. Transactions to the page protection layer are used to create/manage mappings created in the page tables. The page protection layer may enforce dynamic security policies in the system (i.e. security policies that may not be enforced using only a static hardware configuration). In an embodiment, the page protection layer may ensure that it is the only component which is able to modify the page tables. The page protection layer may ensure than no component in the system is able to modify a page that is marked executable in any process' address space. The page protection may ensure that any page that is marked executable has code with a verified code signature, in an embodiment.

公开(公告)号：US11188477B2

公开(公告)日：2021-11-30

申请号：US16564502

申请日：2019-09-09

Applicant: Apple Inc.

Inventor： Julien Oster ,  Thomas G. Holland ,  Bernard J. Semeria ,  Jason A. Harmening ,  Pierre-Olivier J. Martel ,  Gregory D. Hughes ,  P. Love Hornquist Astrand ,  Jacques Fortier ,  Ryan P. Nielson ,  Simon P. Cooper

IPC: G06F12/1009 ,  G06F21/62 ,  G06F9/455

Abstract: In an embodiment, a computer system comprises a page protection layer. The page protection layer may be the component in the system which manages the page tables for virtual to physical page mappings. Transactions to the page protection layer are used to create/manage mappings created in the page tables. The page protection layer may enforce dynamic security policies in the system (i.e. security policies that may not be enforced using only a static hardware configuration). In an embodiment, the page protection layer may ensure that it is the only component which is able to modify the page tables. The page protection layer may ensure than no component in the system is able to modify a page that is marked executable in any process' address space. The page protection may ensure that any page that is marked executable has code with a verified code signature, in an embodiment.

公开(公告)号：US11023587B2

公开(公告)日：2021-06-01

申请号：US16147712

申请日：2018-09-29

Applicant: Apple Inc.

Inventor： Julien Oster ,  Eric S. Harmon ,  Mitchell K. Allison ,  Pierre-Olivier J. Martel ,  Damien P. Sorresso ,  Dallas B. De Atley ,  Ryan P. Nielsen

IPC: G06F9/00 ,  G06F15/177 ,  G06F21/57 ,  G06F12/14 ,  G06F12/0875

Abstract: In an embodiment, a system supports an external trust cache. That is, the trust cache is separate from the kernel image on the non-volatile storage in the system. During boot, the boot code may read the trust cache from the storage and write it to the working memory of the system (e.g. the Random Access Memory (RAM) forming the memory system in the system). The boot code may also validate the kernel image and write it to the memory system. The boot code may program a region register in the processor to define a region in the working memory that encompasses the kernel image and the trust cache, to protect the region from modification/tampering.

公开(公告)号：US10521592B2

公开(公告)日：2019-12-31

申请号：US15490838

申请日：2017-04-18

Applicant: Apple Inc.

Inventor： Simon P. Cooper ,  Julien Oster ,  Robert J. Kendall-Kuppe ,  Christopher S. Linn ,  Jonathan Grynspan ,  Keith Stattenfield

IPC: G06F21/57 ,  G06F11/20 ,  G06F8/656 ,  G06F21/51 ,  G06F21/56

Abstract: In one embodiment, a software application that is downloaded from an untrusted source is marked, based on the untrusted classification of the source, to be translocated when the software application is launched. When the software application is launched it is translocated, through a mirroring file system, to a random mount point that is a partial bind mount to the real file system that stores the image of the software application (e.g. the image of the software application's bundle).

公开(公告)号：US20170316211A1

公开(公告)日：2017-11-02

申请号：US15490838

申请日：2017-04-18

Applicant: Apple Inc.

Inventor： Simon P. Cooper ,  Julien Oster ,  Robert J. Kendall-Kuppe ,  Christopher S. Linn ,  Jonathan Grynspan ,  Keith Stattenfield

IPC: G06F21/57 ,  G06F11/20 ,  G06F9/445 ,  G06F21/55 ,  G06F21/62

Abstract: In one embodiment, a software application that is downloaded from an untrusted source is marked, based on the untrusted classification of the source, to be translocated when the software application is launched. When the software application is launched it is translocated, through a mirroring file system, to a random mount point that is a partial bind mount to the real file system that stores the image of the software application (e.g. the image of the software application's bundle).