Patents by Inventor J. Bradley Chen
J. Bradley Chen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20200257804Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.Type: ApplicationFiled: April 29, 2020Publication date: August 13, 2020Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
-
Patent number: 10685123Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.Type: GrantFiled: July 17, 2017Date of Patent: June 16, 2020Assignee: Google LLCInventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
-
Publication number: 20180004959Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.Type: ApplicationFiled: July 17, 2017Publication date: January 4, 2018Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
-
Patent number: 9756149Abstract: Methods, systems, and computer program products are provided for machine-specific instruction set translation. One example method includes identifying computing devices, each device having a respective software component installed, the software component including a translator component for translating a program in a portable format to a machine-specific instruction set, and a sandbox component for executing programs translated to the machine-specific instruction set on the computing device using software-based fault isolation; identifying computing devices having a given hardware configuration; and transmitting another translator component and another sandbox component to each of the identified computing devices. Each of the identified computing devices having the given hardware configuration is configured to receive the components and to configure its software component to use the received components in lieu of the corresponding components.Type: GrantFiled: March 28, 2016Date of Patent: September 5, 2017Assignee: Google Inc.Inventors: David C. Sehr, J. Bradley Chen, Bennet S. Yee, Robert Muth, Jan Voung, Derek L. Schuff
-
Patent number: 9710654Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.Type: GrantFiled: June 3, 2016Date of Patent: July 18, 2017Assignee: Google Inc.Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
-
Patent number: 9536079Abstract: A system that safely executes a native code module on a computing device. During operation, the system receives the native code module, which is comprised of untrusted native program code expressed using native instructions in the instruction set architecture associated with the computing device. The system then loads the native code module into a secure runtime environment, and proceeds to execute a set of instructions from the native code module in the secure runtime environment. The secure runtime environment enforces code integrity, control flow integrity, and data integrity for the native code module. Furthermore, the secure runtime environment moderates which resources can be accessed by the native code module on the computing device and/or how these resources can be accessed. By executing the native code module in the secure runtime environment, the system facilitates achieving native code performance for untrusted program code without a significant risk of unwanted side effects.Type: GrantFiled: February 13, 2015Date of Patent: January 3, 2017Assignee: Google Inc.Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee, Gregory Dardyk
-
Publication number: 20160283720Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.Type: ApplicationFiled: June 3, 2016Publication date: September 29, 2016Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
-
Publication number: 20160212243Abstract: Methods, systems, and computer program products are provided for machine-specific instruction set translation. One example method includes identifying computing devices, each device having a respective software component installed, the software component including a translator component for translating a program in a portable format to a machine-specific instruction set, and a sandbox component for executing programs translated to the machine-specific instruction set on the computing device using software-based fault isolation; identifying computing devices having a given hardware configuration; and transmitting another translator component and another sandbox component to each of the identified computing devices. Each of the identified computing devices having the given hardware configuration is configured to receive the components and to configure its software component to use the received components in lieu of the corresponding components.Type: ApplicationFiled: March 28, 2016Publication date: July 21, 2016Inventors: David C. Sehr, J. Bradley Chen, Bennet S. Yee, Robert Muth, Jan Voung, Derek L. Schuff
-
Patent number: 9372704Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, relating to software execution. One of the methods includes executing, on a computer including a single memory for storing data and instructions, a virtual environment including a data memory and an instruction memory, the instruction memory configured to be unreadable by instructions stored in the instruction memory; receiving, at the virtual environment, a software module comprising multiple instructions; and performing validation of the software module including: identifying, in the software module one or more calls to the single memory; and verifying that the one or more calls to the single memory are in the data memory.Type: GrantFiled: December 27, 2013Date of Patent: June 21, 2016Assignee: Google Inc.Inventors: David C. Sehr, J. Bradley Chen, Bennet S. Yee
-
Patent number: 9361453Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.Type: GrantFiled: August 19, 2014Date of Patent: June 7, 2016Assignee: Google Inc.Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
-
Patent number: 9300760Abstract: Methods, systems, and computer program products are provided for machine-specific instruction set translation. One example method includes identifying computing devices, each device having a respective software component installed, the software component including a translator component for translating a program in a portable format to a machine-specific instruction set, and a sandbox component for executing programs translated to the machine-specific instruction set on the computing device using software-based fault isolation; identifying computing devices having a given hardware configuration; and transmitting another translator component and another sandbox component to each of the identified computing devices. Each of the identified computing devices having the given hardware configuration is configured to receive the components and to configure its software component to use the received components in lieu of the corresponding components.Type: GrantFiled: January 28, 2013Date of Patent: March 29, 2016Assignee: Google Inc.Inventors: David C. Sehr, J. Bradley Chen, Bennet S. Yee, Robert Muth, Jan Voung, Derek L. Schuff
-
Publication number: 20160004858Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for preserving code safety of application code that is received in a portable, instruction-set-neutral format. One aspect of the subject matter described in this specification can be embodied in methods that include the actions of receiving a portable code file that is implemented in an instruction-set-neutral and source code independent format; translating the portable code file into native object code for execution on a particular instruction set architecture; generating a native executable for the particular instruction set architecture using the native object code; and validation the native executable using a trusted validator prior to execution of the native executable.Type: ApplicationFiled: March 16, 2011Publication date: January 7, 2016Inventors: J. Bradley Chen, Alan A. Donovan, Robert Muth, David C. Sehr, Bennet Yee, Matthew Papakipos, Stephen White
-
Patent number: 9141360Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for providing a translation service that generates native object code by translating an intermediate representation of application code in a portable code format. One aspect of the subject matter described in this specification can be embodied in methods that include the actions of receiving a translation service request for a native executable for a particular instruction set architecture from a requestor, where the translation service request includes data specifying portable code in an instruction-set neutral format; obtaining the portable code; translating the portable code into native object code for execution on the particular instruction set architecture; generating a native executable for the particular instruction set architecture; and returning the native executable to the requestor.Type: GrantFiled: March 16, 2011Date of Patent: September 22, 2015Assignee: Google Inc.Inventors: J. Bradley Chen, Alan A. Donovan, Robert Muth, David C. Sehr, Bennet Yee
-
Publication number: 20150195376Abstract: Methods, systems, and computer program products are provided for machine-specific instruction set translation. One example method includes identifying computing devices, each device having a respective software component installed, the software component including a translator component for translating a program in a portable format to a machine-specific instruction set, and a sandbox component for executing programs translated to the machine-specific instruction set on the computing device using software-based fault isolation; identifying computing devices having a given hardware configuration; and transmitting another translator component and another sandbox component to each of the identified computing devices. Each of the identified computing devices having the given hardware configuration is configured to receive the components and to configure its software component to use the received components in lieu of the corresponding components.Type: ApplicationFiled: January 28, 2013Publication date: July 9, 2015Inventors: David C. Sehr, J. Bradley Chen, Bennet S. Yee, Robert Muth, Jan Voung, Derek L. Schuff
-
Patent number: 9058483Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.Type: GrantFiled: May 8, 2008Date of Patent: June 16, 2015Assignee: Google Inc.Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
-
Publication number: 20150161383Abstract: A system that safely executes a native code module on a computing device. During operation, the system receives the native code module, which is comprised of untrusted native program code expressed using native instructions in the instruction set architecture associated with the computing device. The system then loads the native code module into a secure runtime environment, and proceeds to execute a set of instructions from the native code module in the secure runtime environment. The secure runtime environment enforces code integrity, control flow integrity, and data integrity for the native code module. Furthermore, the secure runtime environment moderates which resources can be accessed by the native code module on the computing device and/or how these resources can be accessed. By executing the native code module in the secure runtime environment, the system facilitates achieving native code performance for untrusted program code without a significant risk of unwanted side effects.Type: ApplicationFiled: February 13, 2015Publication date: June 11, 2015Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee, Gregory Dardyk
-
Patent number: 8959632Abstract: A system that safely executes a native code module on a computing device. During operation, the system receives the native code module, which is comprised of untrusted native program code expressed using native instructions in the instruction set architecture associated with the computing device. The system then loads the native code module into a secure runtime environment, and proceeds to execute a set of instructions from the native code module in the secure runtime environment. The secure runtime environment enforces code integrity, control flow integrity, and data integrity for the native code module. Furthermore, the secure runtime environment moderates which resources can be accessed by the native code module on the computing device and/or how these resources can be accessed. By executing the native code module in the secure runtime environment, the system facilitates achieving native code performance for untrusted program code without a significant risk of unwanted side effects.Type: GrantFiled: March 6, 2013Date of Patent: February 17, 2015Assignee: Google Inc.Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee, Gregory Dardyk
-
Patent number: 8935776Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that maintain control flow integrity for the native code module and constrain store instructions in the native code module by bounding a valid memory region of the native code module with one or more guard regions.Type: GrantFiled: May 29, 2013Date of Patent: January 13, 2015Assignee: Google Inc.Inventors: David C. Sehr, Bennet S. Yee, J. Bradley Chen, Victor Khimenko
-
Publication number: 20140359765Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.Type: ApplicationFiled: August 19, 2014Publication date: December 4, 2014Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
-
Patent number: 8850573Abstract: Methods and apparatus for executing untrusted application code are disclosed. An example apparatus includes an execution mode state indicator with a plurality of states. In the example apparatus, the execution mode state indicator is configured such that placing the execution mode state indicator in a first state causes the processor to operate in a first execution mode and placing the execution mode state indicator in a second state causes the processor to operate in a second execution mode. The example apparatus also includes an instruction processing module that is configured to implement a set of instructions in the first execution mode and designate one or more instructions of the set of instructions as illegal instructions in the second execution mode. The example apparatus further includes a memory system that, in the second execution mode, is configured to restrict access to a set of memory addresses accessible by the processor in the first execution mode to a subset of the set of memory addresses.Type: GrantFiled: September 21, 2010Date of Patent: September 30, 2014Assignee: Google Inc.Inventors: J. Bradley Chen, Bennet S. Yee, David C. Sehr