Abstract: A method, system and apparatus for protecting against out-of-bounds references, including storing an address of a buffer in a general register and storing bounds information (BI) for the buffer in a bounds information register, and when a content of the general register is used as an address in a load or store operation, using a content of the bounds information register to determine if the load or store is out of bounds.

Abstract: Techniques facilitating hardware-based memory-error mitigation for heap-objects. In one example, a system can comprise a process that executes computer executable components stored in a non-transitory computer readable medium. The computer executable components comprise: an entry component; and a re-purpose component. The entry component can allocate an entry in a table to store bounds-information when an object is allocated in memory. The re-purpose component can re-purpose unused bits of an object address to store an index to the table entry.

Abstract: A method, system and apparatus for protecting against out-of-bounds references, including storing an address of a buffer in a general register and storing bounds information (BI) for the buffer in a bounds information register, and when a content of the general register is used as an address in a load or store operation, using a content of the bounds information register to determine if the load or store is out of bounds.

Abstract: In an approach to protecting against out-of-bounds buffer references, an apparatus comprises one or more processor cores and a bounds-checking functional unit in each processor core configured to manage bounds information for one or more memory buffers. When a buffer is allocated, an address range of the buffer is stored. When a pointer is assigned an address within the address range of the buffer, the address range of the buffer is associated with the pointer. When the pointer is used to compute an address for an operation, whether the address for the operation is within the address range associated with the pointer is determined. If the address is not within the address range associated with the pointer, signaling that an error has occurred.

Abstract: A method, system and apparatus for protecting from out of bounds memory references, including establishing a threshold number of active objects for examination for an out of bounds memory reference, determining whether a number of active objects for an application exceeds the threshold, and when the number of active objects exceeds the threshold, storing at least part of information about the active objects in an overflow table in a memory.

Abstract: A method, system and apparatus for protecting from out of bounds memory references, including establishing a threshold number of active objects for examination for an out of bounds memory reference, determining whether a number of active objects for an application exceeds the threshold, and when the number of active objects exceeds the threshold, storing at least part of information about the active objects in an overflow table in a memory.

Abstract: A method and apparatus for providing support for Secure Objects on a data processing system including providing a Secure Object comprising code and data that is protected on the data processing system on a first processor which is a first type of processor, wherein the data processing system includes a plurality of processors of different types, responsive to a portion of the Secure Object being needed to be executed on a second processor which is a second type of processor different than the first type of processor, by the first processor calling the second processor in a special interprocessor call, returning information by the second processor to the first processor, and retrieving, by the first processor, the information from the second processor.

Abstract: A method for securing Secure Objects that are protected from other software on a heterogeneous data processing system including a plurality of different types of processors wherein different portions of a Secure Object may run on different types of processors. A Secure Object may begin execution on a first processor then, depending on application requirements, the Secure Object may make a call to a second processor passing information to the second processor using a special inter-processor function call. The second processor performs the requested processing and then performs an inter-processor “function return” returning information as appropriate to the Secure Object on the first processor.

Abstract: Techniques facilitating hardware-based memory-error mitigation for heap-objects. In one example, a system can comprise a process that executes computer executable components stored in a non-transitory computer readable medium. The computer executable components comprise: an entry component; and a re-purpose component. The entry component can allocate an entry in a table to store bounds-information when an object is allocated in memory. The re-purpose component can re-purpose unused bits of an object address to store an index to the table entry.

Abstract: A method, system and apparatus for protecting a program from making out of bounds memory references, including determining whether an instruction makes out of bound references where the instruction that loads data from or stores data to a buffer refers to addresses that are outside the bounds of the buffer, and responsive to the determining that the instruction refers to addresses that are partially out of bounds, changing an execution of the load or the store including modifying the starting address specified in the instruction, a length of data specified in the instruction, or a value for an out of bounds reference to load or store data that is within the bounds of the buffer.

Abstract: Techniques facilitating hardware-based memory-error mitigation for heap-objects. In one example, a system can comprise a process that executes computer executable components stored in a non-transitory computer readable medium. The computer executable components comprise: an entry component; and a re-purpose component. The entry component can allocate an entry in a table to store bounds-information when an object is allocated in memory. The re-purpose component can re-purpose unused bits of an object address to store an index to the table entry.

Abstract: A method, system and apparatus for protecting against out-of-bounds references, including storing an address of a buffer in a general register and storing bounds information (BI) for the buffer in a bounds information register, and when a content of the general register is used as an address in a load or store operation, using a content of the bounds information register to determine if the load or store is out of bounds.

Abstract: A method, system and apparatus for providing bound information accesses in buffer protection, including providing one-to-one mapping between a general-purpose register and bound information in a BI (bound information) register, saving loaded bound information in the BI register for future use, providing integrity of the bound information in the BI register that is maintained along program execution, and providing a pro-active load of the bound information with one-bit extra control on load instruction of the BI register.

Abstract: A method verifies an authenticity, integrity, and provenance of outputs from steps in a process flow. One or more processor(s) validate one or more inputs to each step in a process flow by verifying at least one of a hash and a digital signature of each of the one or more inputs. The processor(s) then generate digital signatures that cover outputs of each step and the one or more inputs to each step, such that the digital signatures result in a chain of digital signatures that are used to verify an authenticity, an integrity and a provenance of outputs of the one or more steps in the process flow.

Abstract: Techniques facilitating hardware-based memory-error mitigation for heap-objects. In one example, a system can comprise a process that executes computer executable components stored in a non-transitory computer readable medium. The computer executable components comprise: an entry component; and a re-purpose component. The entry component can allocate an entry in a table to store bounds-information when an object is allocated in memory. The re-purpose component can re-purpose unused bits of an object address to store an index to the table entry.

Abstract: A private key of a public-private key pair with a corresponding identity is written to an integrated circuit including a processor, a non-volatile memory, and a cryptographic engine coupled to the processor and the non-volatile memory. The private key is written to the non-volatile memory. The integrated circuit is implemented in complementary metal-oxide semiconductor 14 nm or smaller technology. The integrated circuit is permanently modified, subsequent to the writing, such that further writing to the non-volatile memory is disabled and such that the private key can be read only by the cryptographic engine and not off-chip. Corresponding integrated circuits and wafers are also disclosed.

Abstract: A method verifies an authenticity, integrity, and provenance of outputs from steps in a process flow. One or more processor(s) validate one or more inputs to each step in a process flow by verifying at least one of a hash and a digital signature of each of the one or more inputs. The processor(s) then generate digital signatures that cover outputs of each step and the one or more inputs to each step, such that the digital signatures result in a chain of digital signatures that are used to verify an authenticity, an integrity and a provenance of outputs of the one or more steps in the process flow.

Abstract: A secure cloud computing environment protects the confidentiality of application code from a customer while simultaneously protecting the confidentiality of a customer's data from intentional or inadvertent leaks by the application code. This result is accomplished without the need to trust the application code and without requiring human surveillance or intervention. A client secure virtual machine (SVM) is accessible by a client who supplies commands, operand data and application data. An appliance SVM has the application code loaded therein and includes an application program interface that accesses a memory area shared by both SVMs. All access to the appliance SVM is initially revoked by an ultravisor, except for the shared memory and an encrypted persistent storage. The appliance SVM stores the application data in the persistent storage. The ultravisor manages an SVM by maintaining exclusive control over a device tree used by the operating system of the SVM.

Abstract: A private key of a public-private key pair with a corresponding identity is written to an integrated circuit including a processor, a non-volatile memory, and a cryptographic engine coupled to the processor and the non-volatile memory. The private key is written to the non-volatile memory. The integrated circuit is implemented in complementary metal-oxide semiconductor 14 nm or smaller technology. The integrated circuit is permanently modified, subsequent to the writing, such that further writing to the non-volatile memory is disabled and such that the private key can be read only by the cryptographic engine and not off-chip. Corresponding integrated circuits and wafers are also disclosed.

Abstract: In an approach to protecting against out-of-bounds buffer references, an apparatus comprises one or more processor cores and a bounds-checking functional unit in each processor core configured to manage bounds information for one or more memory buffers. When a buffer is allocated, an address range of the buffer is stored. When a pointer is assigned an address within the address range of the buffer, the address range of the buffer is associated with the pointer. When the pointer is used to compute an address for an operation, whether the address for the operation is within the address range associated with the pointer is determined. If the address is not within the address range associated with the pointer, signaling that an error has occurred.