Patents by Inventor Can ACAR
Can ACAR has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240403411Abstract: Various embodiments include methods and devices for maintaining control flow integrity in computing devices. Embodiments may include identifying indirect function call candidate functions from a source code by a compiler, replacing, by the compiler, an indirect function call from the source code with a call to a wrapper function, and collocating the indirect function call candidate functions in at least one range of addresses of memory by a linker. The wrapper function may be configured to determine whether an address to be passed to the indirect function call is within the at least one range of addresses of memory.Type: ApplicationFiled: November 17, 2022Publication date: December 5, 2024Inventors: Sundeep KUSHWAHA, Arvind KRISHNASWAMY, Sergei LARIN, Can ACAR, Tianshuo SU, Awanish PANDEY, Richard SENIOR
-
Patent number: 11386012Abstract: Various embodiments include methods and devices for generating a memory map configured to map virtual addresses of pages to physical addresses, in which pages of a same size are grouped into regions. The embodiments may include adding a first entry for a first additional page to a first region in the memory map, shifting virtual addresses of the first region to accommodate a shift of virtual addresses of the first region allocated for code by a sub-page granular shift amount, mapping shifted virtual addresses of the first entry for the first additional page to physical address mapped to a first lowest shifted virtually addressed page of the first region, and shifting the virtual addresses of the first region allocated for code by a sub-page granular shift amount, in which the virtual addresses of the first region allocated for code partially shift into the first entry for the first additional page.Type: GrantFiled: March 15, 2021Date of Patent: July 12, 2022Assignee: QUALCOMM IncorporatedInventors: Arvind Krishnaswamy, Richard Senior, Sundeep Kushwaha, Can Acar
-
Patent number: 11055402Abstract: A method is provided for safely executing dynamically generated code to avoid the possibility of an attack in unprotected memory space. Upon ascertaining that dynamically generated code is to be executed, a processing circuit and/or operating system kernel restrict the dynamically generated code to use a first memory region within an unprotected memory space, where the first memory region is distinct (e.g., reserved) from other memory regions used by other processes executed by the processing circuit. A first processing stack is maintained for the dynamically generated code within the first memory region. This first processing stack is separate from a general processing stack used by other processes executed by the processing circuit. A stack pointer is switched/pointed to the first processing stack when the dynamically generated code is executed and the stack pointer is switched/pointed to the general processing stack when the dynamically generated code ends.Type: GrantFiled: September 26, 2018Date of Patent: July 6, 2021Assignee: QUALCOMM IncorporatedInventors: Can Acar, Robert Turner, Alexander Gantman
-
Publication number: 20200097646Abstract: Techniques for managing resources on computing device are provided. An example processor according to these techniques includes a resource management module (RMM) configured to be executed by the processor as an only privileged application on the processor such that the RMM has exclusive control over the allocation of memory resources utilized by the other applications executed by the processor and assignment of access permissions to the memory resources. The RMM is configured to manage the memory resources used by other applications executed by the processor, to group applications into logical compartments, and to enforce separation between the compartments such that resources associated with one compartment are inaccessible to another compartment. The processor may include a memory protection unit (MPU) configured to provide memory protection for memory utilized by the processor, and the RMM can be configured to dynamically configure the MPU regions to enforce separation between compartments.Type: ApplicationFiled: September 26, 2018Publication date: March 26, 2020Inventors: Robert Emanuel Buhren, Liang Cai, Can Acar
-
Publication number: 20190102540Abstract: A method is provided for safely executing dynamically generated code to avoid the possibility of an attack in unprotected memory space. Upon ascertaining that dynamically generated code is to be executed, a processing circuit and/or operating system kernel restrict the dynamically generated code to use a first memory region within an unprotected memory space, where the first memory region is distinct (e.g., reserved) from other memory regions used by other processes executed by the processing circuit. A first processing stack is maintained for the dynamically generated code within the first memory region. This first processing stack is separate from a general processing stack used by other processes executed by the processing circuit. A stack pointer is switched/pointed to the first processing stack when the dynamically generated code is executed and the stack pointer is switched/pointed to the general processing stack when the dynamically generated code ends.Type: ApplicationFiled: September 26, 2018Publication date: April 4, 2019Inventors: Can ACAR, Robert TURNER, Alexander GANTMAN
-
Publication number: 20190065405Abstract: Several features pertain to computing systems equipped to perform speculative processing and configured to access device memory (e.g. non-speculative or unspeculatable memory) and non-device memory (e.g. speculative or speculatable memory). Malicious attacks may seek to obtain sensitive information from such systems by exploiting speculative code execution. Herein, techniques are described whereby sensitive data is protected from such attacks by placing the data in a page of memory not ordinarily used as device memory, and then designating or marking the page as device memory (e.g. marking the page as unspeculatable). By designating the page as unspeculatable device memory, the processor does not speculatively access the sensitive information (e.g. speculation stops once a branch is invoked that would access the page) and so certain types of attacks can be mitigated.Type: ApplicationFiled: June 7, 2018Publication date: February 28, 2019Inventors: Kevin Christopher GOTZE, Can ACAR, David HARTLEY, Qing LI, Daniel GODAS-LOPEZ
-
Publication number: 20180109552Abstract: Techniques for mitigating an attack on baseband on a mobile wireless device are provided. An example method according to these techniques includes detecting a network switch event in which the mobile wireless device has disconnected from a first wireless network and connected to a second wireless network, performing an integrity check on one or more components of the mobile wireless device responsive to detecting the network switch event, and performing one or more actions responsive to the integrity check indicating that the one or more components of the mobile wireless device have been modified.Type: ApplicationFiled: October 14, 2016Publication date: April 19, 2018Inventors: Nico GOLDE, Can ACAR, Robert TURNER, Patrick STEWIN
-
Patent number: 9672351Abstract: A method of producing a control stack includes: writing a plurality of control information entries into a control stack buffer that is internal to a processor in response to one or more function calls; and in response to the control stack buffer being full and receiving a further function call, writing: the plurality of control information entries to an external memory that is external to the processor; and a further control information entry, corresponding to the further function call, to the control stack buffer.Type: GrantFiled: February 2, 2015Date of Patent: June 6, 2017Assignee: QUALCOMM IncorporatedInventors: Arvind Krishnaswamy, Can Acar, Robert Turner
-
Patent number: 9514305Abstract: Techniques for enforcing flow control of a software program in a processor are provided. An example method according to these techniques includes analyzing program code of the software program to identify a code pointer in the program code, generating an authentication tag based on the code pointer, and modifying the code pointer in the program code with the authentication tag to generate a tagged code pointer.Type: GrantFiled: October 17, 2014Date of Patent: December 6, 2016Assignee: QUALCOMM IncorporatedInventors: Can Acar, Arvind Krishnaswamy, Robert Turner
-
Publication number: 20160313938Abstract: A way is provided to protect memory blocks from unauthorized access from executable instructions by defining various sets of instructions that are specifically bound to operate on defined memory blocks and inhibited from operating in other memory blocks. For instance, executable code may include a plurality of distinct read and write instructions where each read and/or write instruction is specific to one memory access tag from a plurality of different memory access tags. Memory blocks are also established and each memory block is associated with one of the plurality of different memory access tags. Consequently, if a first read and/or write instruction, associated with a first memory access tag, attempts to access a memory block associated with a different memory access tag, then execution of the first read and/or write instruction is inhibited or aborted.Type: ApplicationFiled: April 24, 2015Publication date: October 27, 2016Inventors: Alexander Gantman, Can Acar, Billy Brumley, Brian Rosenberg
-
Publication number: 20160224784Abstract: A method of producing a control stack includes: writing a plurality of control information entries into a control stack buffer that is internal to a processor in response to one or more function calls; and in response to the control stack buffer being full and receiving a further function call, writing: the plurality of control information entries to an external memory that is external to the processor; and a further control information entry, corresponding to the further function call, to the control stack buffer.Type: ApplicationFiled: February 2, 2015Publication date: August 4, 2016Inventors: Arvind KRISHNASWAMY, Can ACAR, Robert TURNER
-
Publication number: 20160110545Abstract: Techniques for enforcing flow control of a software program in a processor are provided. An example method according to these techniques includes analyzing program code of the software program to identify a code pointer in the program code, generating an authentication tag based on the code pointer, and modifying the code pointer in the program code with the authentication tag to generate a tagged code pointer.Type: ApplicationFiled: October 17, 2014Publication date: April 21, 2016Inventors: Can ACAR, Arvind KRISHNASWAMY, Robert TURNER