-
1.发明申请公开(公告)号:US20160283714A1
公开(公告)日:2016-09-29
申请号:US14670988
申请日:2015-03-27
申请人: Michael LeMay , Ravi L. Sahita , Beeman C. Strong , Thilo Schmitt , Yuriy Bulygin , Markus T. Metzger
发明人: Michael LeMay , Ravi L. Sahita , Beeman C. Strong , Thilo Schmitt , Yuriy Bulygin , Markus T. Metzger
摘要: Technologies for control flow exploit mitigation include a computing device having a processor with real-time instruction tracing support. During execution of a process, the processor generates trace data indicative of control flow of the process. The computing device analyzes the trace data to identify suspected control flow exploits. The computing device may use heuristic algorithms to identify return-oriented programming exploits. The computing device may maintain a shadow stack based on the trace data. The computing device may identify indirect branches to unauthorized addresses based on the trace data to identify jump-oriented programming exploits. The computing device may check the trace data whenever the process is preempted. The processor may detect mispredicted return instructions in real time and invoke a software handler in the process space of the process to verify and maintain the shadow stack. Other embodiments are described and claimed.
摘要翻译: 用于控制流利用减轻的技术包括具有具有实时指令跟踪支持的处理器的计算设备。 在处理过程中,处理器产生指示过程控制流的跟踪数据。 计算设备分析跟踪数据以识别可疑的控制流攻击。 计算设备可以使用启发式算法来识别返回导向的编程漏洞。 计算设备可以基于跟踪数据来维护阴影栈。 计算设备可以基于跟踪数据来识别对未授权地址的间接分支,以识别面向跳跃的编程漏洞。 每当进程被抢占时,计算设备可以检查跟踪数据。 处理器可以实时地检测错误的返回指令,并且在该过程的过程空间中调用软件处理程序以验证和维护该影子栈。 描述和要求保护其他实施例。
-
公开(公告)号:US09471583B2
公开(公告)日:2016-10-18
申请号:US13991433
申请日:2011-09-02
申请人: Markus T. Metzger
发明人: Markus T. Metzger
CPC分类号: G06F17/30144 , G06F11/3612 , G06F11/3632
摘要: A method according to one embodiment includes the operations of receiving a list of one or more data race analysis targets, wherein the data race analysis targets comprise at least one of a source file name, source file line, function name, variable name or target address range; generating a data race analysis filter, wherein the data race analysis filter comprises a data structure including memory address ranges based on the list of data race analysis targets; and performing a data race analysis on a memory access, wherein the memory access is associated with memory addresses included in the data race analysis filter.
摘要翻译: 根据一个实施例的方法包括接收一个或多个数据竞赛分析目标的列表的操作,其中数据竞赛分析目标包括源文件名,源文件行,功能名称,变量名或目标地址中的至少一个 范围; 生成数据竞赛分析过滤器,其中数据竞赛分析过滤器包括基于数据竞赛分析目标的列表的包括存储器地址范围的数据结构; 以及对存储器访问执行数据竞争分析,其中所述存储器访问与包括在所述数据竞争分析过滤器中的存储器地址相关联。
-
公开(公告)号:US20140317129A1
公开(公告)日:2014-10-23
申请号:US13991433
申请日:2011-09-02
申请人: Markus T. Metzger
发明人: Markus T. Metzger
IPC分类号: G06F17/30
CPC分类号: G06F17/30144 , G06F11/3612 , G06F11/3632
摘要: A method according to one embodiment includes the operations of receiving a list of one or more data race analysis targets, wherein the data race analysis targets comprise at least one of a source file name, source file line, function name, variable name or target address range; generating a data race analysis filter, wherein the data race analysis filter comprises a data structure including memory address ranges based on the list of data race analysis targets; and performing a data race analysis on a memory access, wherein the memory access is associated with memory addresses included in the data race analysis filter.
摘要翻译: 根据一个实施例的方法包括接收一个或多个数据竞赛分析目标的列表的操作,其中数据竞赛分析目标包括源文件名,源文件行,功能名称,变量名或目标地址中的至少一个 范围; 生成数据竞赛分析过滤器,其中数据竞赛分析过滤器包括基于数据竞赛分析目标的列表的包括存储器地址范围的数据结构; 以及对存储器访问执行数据竞争分析,其中所述存储器访问与包括在所述数据竞争分析过滤器中的存储器地址相关联。
-
公开(公告)号:US20170371775A1
公开(公告)日:2017-12-28
申请号:US15195303
申请日:2016-06-28
申请人: Markus T. Metzger
发明人: Markus T. Metzger
IPC分类号: G06F11/36
CPC分类号: G06F11/3692 , G06F11/3636
摘要: Technologies for bridging trace gaps include a computing device that traces execution of a program to generate an execution trace and identifies a trace gap in the execution trace. The computing device generates a first call stack that corresponds to a location immediately before the trace gap and a second call stack that corresponds to a location immediately after the trace gap. Each call stack identifies a list of functions, and each function corresponds to a source function of the program. The computing device evaluates connection pairs between the first call stack and the second call stack to determine whether each connection pair is valid and, for each valid connection pair, a number of matching functions. The computing device selects a connection pair that is valid and has a largest number of matching functions and bridges the trace gap with the selected connection pair. Other embodiments are described and claimed.
-
公开(公告)号:US20140068277A1
公开(公告)日:2014-03-06
申请号:US13602518
申请日:2012-09-04
申请人: Markus T. Metzger
发明人: Markus T. Metzger
CPC分类号: G06F21/79 , G06F2221/2107 , G06F2221/2143
摘要: In accordance with some embodiments, a granularity of memory such as block, may be deleted in a way to make it very difficult for an interloper to ever gain access to that block. Moreover the deletion may be done in a sufficiently efficient way and in a way that does not overly burden the user. In some embodiments, the encryption of the granularity of memory (such as a block) may be handled entirely within the memory. Then the encryption process cannot be accessed from the outside and the user need not be burdened with the sequence of encryption sequence since it is done automatically within the storage device.
摘要翻译: 根据一些实施例,诸如块的存储器的粒度可以以使得内部访问者难以获得对该块的访问的方式被删除。 此外,可以以足够有效的方式并且以不会使用户过度负担的方式来进行删除。 在一些实施例中,可以在存储器内完全处理存储器的粒度(诸如块)的加密。 然后,加密过程不能从外部访问,并且用户不需要加载序列的加密序列,因为它在存储设备内自动完成。
-
公开(公告)号:US07774764B2
公开(公告)日:2010-08-10
申请号:US11314225
申请日:2005-12-21
申请人: Markus T. Metzger , Robert Wiesner
发明人: Markus T. Metzger , Robert Wiesner
IPC分类号: G06F9/45
摘要: Embodiments of a method and system for compiling code, such as program-generated code, are disclosed herein. The method and system efficiently encode combined range and stride checks. For example, the method and system are operable to encode combined range and stride checks as they occur in a translation of switch statements. The method and system can generate code to perform the range and stride check, and to branch to the case body, if the range and stride checks are successful. The various embodiments may operate to provide an efficient code transformation, better code density, and processing performance. Other embodiments are described and claimed.
摘要翻译: 本文公开了用于编译代码的方法和系统的实施例,例如程序生成的代码。 该方法和系统有效地编码组合范围和步幅检查。 例如,该方法和系统可操作用于在组合的范围和步幅检查在开关语句的翻译中发生时进行编码。 方法和系统可以生成代码来执行范围和步幅检查,并且如果范围和步幅检查成功,则分支到案例主体。 各种实施例可以操作以提供有效的代码转换,更好的代码密度和处理性能。 描述和要求保护其他实施例。
-
7.发明授权Method and system for performing link-time code optimization without additional code analysis 失效执行链路时代码优化的方法和系统,无需附加代码分析公开(公告)号:US07418699B2
公开(公告)日:2008-08-26
申请号:US10784072
申请日:2004-02-20
申请人: Markus T. Metzger , Khem Raj , Oender Karpat , Robert Wiesner
发明人: Markus T. Metzger , Khem Raj , Oender Karpat , Robert Wiesner
IPC分类号: G06F9/45
摘要: A system for performing code optimization is described which includes an optimizing analyzer within a compiler to generate a first optimizing transformation and a second optimizing transformation and their satisfying conditions for a compiled code. An optimization transformation module is placed within a linker to determine which of the first and second optimizing transformations should be selected when the compiled code is linked with other compiled codes, and to execute the selected one of the first and second optimizing transformations at link-time. A method of performing code optimization is also described.
摘要翻译: 描述了用于执行代码优化的系统,其包括编译器内的优化分析器以生成第一优化变换和第二优化变换及其对编译代码的满足条件。 优化变换模块被放置在链接器内以确定当编译代码与其他编译代码相关联时应当选择第一和第二优化变换中的哪一个,并且在链接时执行第一和第二优化变换中选择的一个优化变换 。 还描述了执行代码优化的方法。
-
公开(公告)号:US07269827B2
公开(公告)日:2007-09-11
申请号:US10274572
申请日:2002-10-21
申请人: Markus T. Metzger
发明人: Markus T. Metzger
CPC分类号: G06F8/445
摘要: The method and apparatus for compiling high level code is described. A method may be utilized that may include integrating the allocation of registers, scheduling instructions, and selecting code functions to produce an intermediate representation of a high level code segment with scheduled instructions. Additionally, a modular conflict handler may be utilized to resolve register and/or scheduler conflicts as may be required or useful in compiling the high level code. Also, a modular transformation interface may be utilized to invoke analyzers as may be required or useful to generate a compiled version of the high level code.
摘要翻译: 描述用于编译高级代码的方法和装置。 可以使用可以包括集成寄存器的分配,调度指令和选择代码功能以产生具有调度指令的高级代码段的中间表示的方法。 此外,可以利用模块化冲突处理程序来解决在编译高级代码时可能需要或有用的寄存器和/或调度程序冲突。 而且,可以使用模块化变换接口来调用可能需要或有用的分析器来生成高级代码的编译版本。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.027 秒)
