公开(公告)号：US10248459B2

公开(公告)日：2019-04-02

申请号：US15199665

申请日：2016-06-30

Applicant: Microsoft Technology Licensing, LLC

Inventor： Gregory John Colombo ,  Logananth Seetharaman ,  Graham Wong ,  Mehmet Iyigun ,  Steven Michel Pronovost ,  Thomas Fahrig ,  Thobias Jones ,  Michael Charles Crandall ,  James Andrew Goossen

IPC: G06F9/50 ,  G06F9/48 ,  G06F9/54

Abstract: Embodiments disclosed herein are related to systems, methods, and computer readable medium for allocating one or more system resources for the exclusive use of an application. The embodiments include receiving a request for an exclusive allocation of one or more system resources for a first application, the one or more system resources being useable by the first application and one or more second applications; determining an appropriate amount of the one or more system resources that are to be allocated exclusively to the first application; and partitioning the one or more system resources into a first portion that is allocated for the exclusive use of the first application and a second portion that is not allocated for the exclusive use of the first application, the second portion being available for the use of the one or more second applications.

公开(公告)号：US11922168B2

公开(公告)日：2024-03-05

申请号：US17702714

申请日：2022-03-23

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ben Niu ,  Gregory John Colombo ,  Weidong Cui ,  Jason Lin ,  Kenneth Dean Johnson

IPC: G06F9/38 ,  G06F11/36

CPC classification number: G06F9/3806 ,  G06F11/3636 ,  G06F11/3612 ,  G06F11/3664

Abstract: A program is executed using a call stack and shadow stack. The call stack includes frames having respective return addresses. The frames may also store variables and/or parameters. The shadow stack stores duplicates of the return addresses in the call stack. The call stack and the shadow stack are maintained by, (i) each time a function is called, adding a corresponding stack frame to the call stack and adding a corresponding return address to the shadow stack, and (ii) each time a function is exited, removing a corresponding frame from the call stack and removing a corresponding return address from the shadow stack. A backtrace of the program's current call chain is generated by accessing the return addresses in the shadow stack. The outputted backtrace includes the return addresses from the shadow stack and/or information about the traced functions that is derived from the shadow stack's return addresses.

公开(公告)号：US20170279678A1

公开(公告)日：2017-09-28

申请号：US15082914

申请日：2016-03-28

Applicant: Microsoft Technology Licensing, LLC

Inventor： Christopher Peter Kleynhans ,  Eric Wesley Wohllaib ,  Paul McAlpin Bozzay ,  Morakinyo Korede Olugbade ,  Frederick J. Smith ,  Benjamin M. Schultz ,  Gregory John Colombo ,  Hari R. Pulapaka ,  Mehmet Iyigun

IPC: H04L12/24

CPC classification number: H04L41/0816 ,  G06F9/44505 ,  G06F9/45558 ,  G06F2009/45587

Abstract: Configuring a node. A method includes at a first configuration layer, modifying configuration settings. The method further includes propagating the modified configuration settings to one or more other configuration layers implemented at the first configuration layer to configure a node.

公开(公告)号：US11709931B2

公开(公告)日：2023-07-25

申请号：US17833750

申请日：2022-06-06

Applicant: Microsoft Technology Licensing, LLC

Inventor： Jason Lin ,  Jin Lin ,  Gregory John Colombo ,  Niraj Majmudar ,  Mehmet Iyigun ,  Shayne Daniel Hiet-Block ,  Kenneth Dean Johnson

IPC: G06F21/00 ,  G06F21/54 ,  G06F9/445 ,  G06F9/48

CPC classification number: G06F21/54 ,  G06F9/44521 ,  G06F9/485 ,  G06F2221/033

Abstract: Enforcing shadow stack violations at module granularity, rather than at thread or process granularity. An exception is processed during execution of a thread based on code of an application binary, which is enabled for shadow stack enforcement, that calls an external module. The exception results from a mismatch between a return address popped from the thread's call stack and a return address popped from the thread's shadow stack. Processing the exception includes determining that the exception resulted from execution of an instruction in the external module, and determining whether or not the external module is enabled for shadow stack enforcement. Based at least on these determinations, execution of the thread is terminated when the external module is enabled for shadow stack enforcement, or the thread is permitted to continue executing when the external module is not enabled for shadow stack enforcement.

公开(公告)号：US20170269968A1

公开(公告)日：2017-09-21

申请号：US15199665

申请日：2016-06-30

Applicant: Microsoft Technology Licensing, LLC

Inventor： Gregory John Colombo ,  Logananth Seetharaman ,  Graham Wong ,  Mehmet lyigun ,  Steve Michel Pronovost ,  Thomas Fahrig ,  Thobias Jones ,  Michael Charles Crandall ,  James Andrew Goossen

IPC: G06F9/50 ,  G06F9/54 ,  G06F9/48

CPC classification number: G06F9/5011 ,  G06F9/52

Abstract: Embodiments disclosed herein are related to systems, methods, and computer readable medium for allocating one or more system resources for the exclusive use of an application. The embodiments include receiving a request for an exclusive allocation of one or more system resources for a first application, the one or more system resources being useable by the first application and one or more second applications; determining an appropriate amount of the one or more system resources that are to be allocated exclusively to the first application; and partitioning the one or more system resources into a first portion that is allocated for the exclusive use of the first application and a second portion that is not allocated for the exclusive use of the first application, the second portion being available for the use of the one or more second applications.

公开(公告)号：US11379579B2

公开(公告)日：2022-07-05

申请号：US16828089

申请日：2020-03-24

Applicant: Microsoft Technology Licensing, LLC

Inventor： Jason Lin ,  Jin Lin ,  Gregory John Colombo ,  Niraj Majmudar ,  Mehmet Iyigun ,  Shayne Daniel Hiet-Block ,  Kenneth Dean Johnson

IPC: G06F21/00 ,  G06F21/54 ,  G06F9/445 ,  G06F9/48

Abstract: Enforcing shadow stack violations at module granularity, rather than at thread or process granularity. An exception is processed during execution of a thread based on code of an application binary, which is enabled for shadow stack enforcement, that calls an external module. The exception results from a mismatch between a return address popped from the thread's call stack and a return address popped from the thread's shadow stack. Processing the exception includes determining that the exception resulted from execution of an instruction in the external module, and determining whether or not the external module is enabled for shadow stack enforcement. Based at least on these determinations, execution of the thread is terminated when the external module is enabled for shadow stack enforcement, or the thread is permitted to continue executing when the external module is not enabled for shadow stack enforcement.

公开(公告)号：US11294682B2

公开(公告)日：2022-04-05

申请号：US16417493

申请日：2019-05-20

Applicant: Microsoft Technology Licensing, LLC

Inventor： Ben Niu ,  Gregory John Colombo ,  Weidong Cui ,  Jason Lin ,  Kenneth Dean Johnson

IPC: G06F9/38 ,  G06F11/36

Abstract: A program is executed using a call stack and shadow stack. The call stack includes frames having respective return addresses. The frames may also store variables and/or parameters. The shadow stack stores duplicates of the return addresses in the call stack. The call stack and the shadow stack are maintained by, (i) each time a function is called, adding a corresponding stack frame to the call stack and adding a corresponding return address to the shadow stack, and (ii) each time a function is exited, removing a corresponding frame from the call stack and removing a corresponding return address from the shadow stack. A backtrace of the program's current call chain is generated by accessing the return addresses in the shadow stack. The outputted backtrace includes the return addresses from the shadow stack and/or information about the traced functions that is derived from the shadow stack's return addresses.

公开(公告)号：US10929167B2

公开(公告)日：2021-02-23

申请号：US16243938

申请日：2019-01-09

Applicant: Microsoft Technology Licensing, LLC

Inventor： Jason Lin ,  Gregory John Colombo ,  Mehmet Iyigun ,  Yevgeniy Bak ,  Christopher Peter Kleynhans ,  Stephen Louis-Essman Hufnagel ,  Michael Ebersol ,  Ahmed Saruhan Karademir ,  Shawn Michael Denbow ,  Kevin Broas ,  Wen Jia Liu

IPC: G06F9/455 ,  G06F9/50

Abstract: Communicating a low-latency event across a virtual machine boundary. Based on an event signaling request by a first process running at a first virtual machine, the first virtual machine updates a shared register that is accessible by a second virtual machine. Updating the shared register includes updating a signal stored in the shared register. The first virtual machine sends an event signal message, which includes a register identifier, through a virtualization fabric to the second virtual machine. The second virtual machine receives the event signaling message and identifies the register identifier from the message. Based on the register identifier, the second virtual machine reads the shared register, identifying a value of the signal stored in the shared register. Based at least on the value of the signal comprising a first value, the second virtual machine signals a second process running at the second virtual machine.