Patents by Inventor David C. Sehr
David C. Sehr has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20140013430Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that constrain store instructions in the native code module. The SFI mechanisms also maintain control flow integrity for the native code module by dividing a code region associated with the native code module into equally sized code blocks and data blocks and starting each of the data blocks with an illegal instruction.Type: ApplicationFiled: September 10, 2013Publication date: January 9, 2014Applicant: Google Inc.Inventors: Robert Muth, Karl Schmipf, David C. Sehr, Cliff L. Biffle
-
Patent number: 8621619Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.Type: GrantFiled: November 30, 2010Date of Patent: December 31, 2013Assignee: Google Inc.Inventors: Bennet S. Yee, David C. Sehr, Cliff L. Biffle
-
Publication number: 20130333031Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.Type: ApplicationFiled: August 15, 2013Publication date: December 12, 2013Applicant: Google Inc.Inventors: Bennet S. Yee, David C. Sehr, Cliff L. Biffle
-
Patent number: 8595832Abstract: This disclosure presents a system that uses masking to safely execute native code. This system includes a processing element that executes the native code and a memory which stores code and data for the processing element. The processing element includes a masking mechanism that masks one or more bits of a target address during a control flow transfer to transfer control to a restricted set of aligned byte boundaries in the native code.Type: GrantFiled: February 23, 2012Date of Patent: November 26, 2013Assignee: Google Inc.Inventors: Bennet S. Yee, J. Bradley Chen, David C. Sehr
-
Patent number: 8561183Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that constrain store instructions in the native code module. The SFI mechanisms also maintain control flow integrity for the native code module by dividing a code region associated with the native code module into equally sized code blocks and data blocks and starting each of the data blocks with an illegal instruction.Type: GrantFiled: November 18, 2009Date of Patent: October 15, 2013Assignee: Google Inc.Inventors: Robert Muth, Karl Schmipf, David C. Sehr, Clifford L. Biffle
-
Publication number: 20130185787Abstract: A system that safely executes a native code module on a computing device. During operation, the system receives the native code module, which is comprised of untrusted native program code expressed using native instructions in the instruction set architecture associated with the computing device. The system then loads the native code module into a secure runtime environment, and proceeds to execute a set of instructions from the native code module in the secure runtime environment. The secure runtime environment enforces code integrity, control flow integrity, and data integrity for the native code module. Furthermore, the secure runtime environment moderates which resources can be accessed by the native code module on the computing device and/or how these resources can be accessed. By executing the native code module in the secure runtime environment, the system facilitates achieving native code performance for untrusted program code without a significant risk of unwanted side effects.Type: ApplicationFiled: March 6, 2013Publication date: July 18, 2013Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee, Gregory Dardyk
-
Patent number: 8468592Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that maintain control flow integrity for the native code module and constrain store instructions in the native code module by bounding a valid memory region of the native code module with one or more guard regions.Type: GrantFiled: November 18, 2009Date of Patent: June 18, 2013Assignee: Google Inc.Inventors: David C. Sehr, Bennet Sze-bun Yee, John Bradley Chen, Victor Khimenko
-
Patent number: 8464349Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.Type: GrantFiled: December 27, 2010Date of Patent: June 11, 2013Assignee: Google Inc.Inventors: Bennet S. Yee, David C. Sehr, Cliff L. Biffle
-
Patent number: 8424082Abstract: A system that safely executes a native code module on a computing device. During operation, the system receives the native code module, which is comprised of untrusted native program code expressed using native instructions in the instruction set architecture associated with the computing device. The system then loads the native code module into a secure runtime environment, and proceeds to execute a set of instructions from the native code module in the secure runtime environment. The secure runtime environment enforces code integrity, control-flow integrity, and data integrity for the native code module. Furthermore, the secure runtime environment moderates which resources can be accessed by the native code module on the computing device and/or how these resources can be accessed. By executing the native code module in the secure runtime environment, the system facilitates achieving native code performance for untrusted program code without a significant risk of unwanted side effects.Type: GrantFiled: May 8, 2008Date of Patent: April 16, 2013Assignee: Google Inc.Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee, Gregory Dardyk
-
Patent number: 8307193Abstract: A system that uses segmentation to safely execute native code. This system includes a processing element that executes the native code and a memory which stores code and data for the processing element. The processing element includes a segmentation mechanism which limits the native code executing on the processing element to accessing a specified segment of memory. The processing element also includes an instruction-processing unit, which is configured to execute a user-level instruction that causes the segmentation mechanism to limit memory accesses by the native code to the specified segment of the memory.Type: GrantFiled: October 19, 2011Date of Patent: November 6, 2012Assignee: Google Inc.Inventors: David C. Sehr, J. Bradley Chen, Bennet S. Yee
-
Patent number: 8151349Abstract: This disclosure presents a system that uses masking to safely execute native code. This system includes a processing element that executes the native code and a memory which stores code and data for the processing element. The processing element includes a masking mechanism that masks one or more bits of a target address during a control flow transfer to transfer control to a restricted set of aligned byte boundaries in the native code.Type: GrantFiled: August 29, 2008Date of Patent: April 3, 2012Assignee: Google Inc.Inventors: Bennet S. Yee, J. Bradley Chen, David C. Sehr
-
Patent number: 8136158Abstract: A system that uses segmentation to safely execute native code. This system includes a processing element that executes the native code and a memory which stores code and data for the processing element. The processing element includes a segmentation mechanism which limits the native code executing on the processing element to accessing a specified segment of memory. The processing element also includes an instruction-processing unit, which is configured to execute a user-level instruction that causes the segmentation mechanism to limit memory accesses by the native code to the specified segment of the memory.Type: GrantFiled: August 29, 2008Date of Patent: March 13, 2012Assignee: Google Inc.Inventors: David C. Sehr, J. Bradley Chen, Bennet S. Yee
-
Publication number: 20120042145Abstract: A system that uses segmentation to safely execute native code. This system includes a processing element that executes the native code and a memory which stores code and data for the processing element. The processing element includes a segmentation mechanism which limits the native code executing on the processing element to accessing a specified segment of memory. The processing element also includes an instruction-processing unit, which is configured to execute a user-level instruction that causes the segmentation mechanism to limit memory accesses by the native code to the specified segment of the memory.Type: ApplicationFiled: October 19, 2011Publication date: February 16, 2012Applicant: GOOGLE INC.Inventors: David C. Sehr, J. Bradley Chen, Bennet S. Yee
-
Patent number: 8037465Abstract: Thread-data affinity optimization can be performed by a compiler during the compiling of a computer program to be executed on a cache coherent non-uniform memory access (cc-NUMA) platform. In one embodiment, the present invention includes receiving a program to be compiled. The received program is then compiled in a first pass and executed. During execution, the compiler collects profiling data using a profiling tool. Then, in a second pass, the compiler performs thread-data affinity optimization on the program using the collected profiling data.Type: GrantFiled: September 30, 2005Date of Patent: October 11, 2011Assignee: Intel CorporationInventors: Xinmin Tian, Milind Girkar, David C. Sehr, Richard Grove, Wei Li, Hong Wang, Chris Newburn, Perry Wang, John Shen
-
Publication number: 20110138473Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.Type: ApplicationFiled: November 30, 2010Publication date: June 9, 2011Applicant: GOOGLE INC.Inventors: Bennet S. Yee, David C. Sehr, Cliff L. Biffle
-
Publication number: 20110138474Abstract: Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted.Type: ApplicationFiled: December 27, 2010Publication date: June 9, 2011Applicant: GOOGLE INC.Inventors: Bennet S. Yee, David C. Sehr, Cliff L. Biffle
-
Publication number: 20110029820Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that maintain control flow integrity for the native code module and constrain store instructions in the native code module by bounding a valid memory region of the native code module with one or more guard regions.Type: ApplicationFiled: November 18, 2009Publication date: February 3, 2011Applicant: GOOGLE INC.Inventors: David C. Sehr, Bennet Sze-bun Yee, John Bradley Chen, Victor Khimenko
-
Publication number: 20110029961Abstract: Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that constrain store instructions in the native code module. The SFI mechanisms also maintain control flow integrity for the native code module by dividing a code region associated with the native code module into equally sized code blocks and data blocks and starting each of the data blocks with an illegal instruction.Type: ApplicationFiled: November 18, 2009Publication date: February 3, 2011Applicant: GOOGLE INC.Inventors: Robert Muth, Karl Schmipf, David C. Sehr, Clifford L. Biffle
-
Publication number: 20100017461Abstract: Some embodiments provide a system that executes a web application. During operation, the system loads the web application in a web browser and loads a native code module associated with the web application into a secure runtime environment. Next, the system provides input data associated with the web application to the native code module and processes the input data using the native code module to obtain output data. Finally, the system provides the output data to the web application for use by the web application.Type: ApplicationFiled: November 7, 2008Publication date: January 21, 2010Applicant: GOOGLE INC.Inventors: Evangelos Kokkevis, Matthew Papakipos, David C. Sehr
-
Patent number: 7634765Abstract: Methods and apparatus for reducing a control flow graph are disclosed. A disclosed method comprises: creating a points-to set associated with a function in a computer program; determining if a control flow edge between: (1) a call-site associated with a restore and return instruction and (2) a successor block following the call-site is removable from a control flow graph representing the computer program; and removing the control flow edge if it is determined that the control flow edge is removable.Type: GrantFiled: August 27, 2004Date of Patent: December 15, 2009Assignee: Intel CorporationInventors: Rakesh Ghiya, Robert J. Cox, David C. Sehr