公开(公告)号：US20170255781A1

公开(公告)日：2017-09-07

申请号：US15060274

申请日：2016-03-03

Applicant: QUALCOMM Incorporated

Inventor： Daniel Godas-Lopez

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F21/52 ,  G06F2221/033

Abstract: Disclosed are methods and apparatus for packet based validation of control flow transfers for hardware control-flow enforcement. The methods and apparatus achieve control-flow validation through the determination of a first identifier for a source packet that implements a jump, where the determination is based on a computation using contents within the source packet itself. Similarly, a second identifier is determined for a target packet to which the source packet is directed based on a computation using contents of the target packet. The identifiers may be predetermined based on the packet contents, and may also involve insertion of No Operation instructions to ensure the computations based on the packet contents yield the desired identifiers. The identifiers may then be compared to determine whether they match or are compatible, and an invalid control flow can be detected if they are not compatible.

公开(公告)号：US10558808B2

公开(公告)日：2020-02-11

申请号：US15060274

申请日：2016-03-03

Applicant: QUALCOMM Incorporated

Inventor： Daniel Godas-Lopez

IPC: G06F21/57 ,  G06F21/52

Abstract: Disclosed are methods and apparatus for packet based validation of control flow transfers for hardware control-flow enforcement. The methods and apparatus achieve control-flow validation through the determination of a first identifier for a source packet that implements a jump, where the determination is based on a computation using contents within the source packet itself. Similarly, a second identifier is determined for a target packet to which the source packet is directed based on a computation using contents of the target packet. The identifiers may be predetermined based on the packet contents, and may also involve insertion of No Operation instructions to ensure the computations based on the packet contents yield the desired identifiers. The identifiers may then be compared to determine whether they match or are compatible, and an invalid control flow can be detected if they are not compatible.

公开(公告)号：US20180341786A1

公开(公告)日：2018-11-29

申请号：US15605777

申请日：2017-05-25

Applicant: QUALCOMM Incorporated

Inventor： Daniel Godas-Lopez ,  Robert Terashima ,  Ryan Puga Nakamoto

IPC: G06F21/64 ,  G06F7/72 ,  G06F21/60

Abstract: In an aspect, an apparatus obtains at least a first input value and a second input value from a sender device. The apparatus performs a computational operation between portions of the first input value and portions of the second input value to obtain a plurality of partial results of the computational operation. The apparatus applies a hash function to each of the plurality of partial results of the computational operation to obtain a hash of a final result of the computational operation between the first input value and the second input value. The apparatus obtains the final result of the computational operation from the sender device. The apparatus verifies that the final result of the computational operation from the sender device is correct based on the hash of the final result of the computational operation.

公开(公告)号：US20170214658A1

公开(公告)日：2017-07-27

申请号：US15004844

申请日：2016-01-22

Applicant: QUALCOMM Incorporated

Inventor： Daniel Godas-Lopez ,  Arun Balakrishnan ,  Kenneth Chen

IPC: H04L29/06

CPC classification number: H04L63/0263 ,  H04L63/0236 ,  H04L63/0245 ,  H04L63/20

Abstract: Aspects of the disclosure are related to a method for installing one or more filtering rules, comprising: receiving the filtering rules; and installing the filtering rules into a mobile network modem, in which each filtering rule may be associated with a layer of an over-the-air (OTA) protocol stack and specifies a type of payload and one or more conditions for the payload.