Patents by Inventor Sahil Rihan
Sahil Rihan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10977367Abstract: It is determined whether an installed firmware of a device matches a reference firmware for the device. In response to a determination that the installed firmware of the device does not match the reference firmware for the device, different types of content sections of the installed firmware of the device are extracted. At least one of the content sections is identified as a dynamic section. A portion of the installed firmware selected to exclude at least the dynamic section is compared with a corresponding portion of the reference firmware to determine a comparison result. A security action is performed based at least in part on the comparison result.Type: GrantFiled: February 6, 2018Date of Patent: April 13, 2021Assignee: Facebook, Inc.Inventors: B. Thomas Adler, Sahil Rihan, Srishti Srivastava
-
Patent number: 10049048Abstract: A processor cache is logically partitioned into a main partition, located in the cache itself, and an enclave partition, located within an enclave, that is, a hardware-enforced protected region of an address space of a memory. This extends the secure address space usable by and for an application such as a software cryptoprocessor that is to execute only in secure regions of cache or memory.Type: GrantFiled: October 1, 2014Date of Patent: August 14, 2018Assignee: Facebook, Inc.Inventors: Oded Horovitz, Stephen A. Weis, Sahil Rihan, Carl A. Waldspurger
-
Publication number: 20180217941Abstract: A processor cache is logically partitioned into a main partition, located in the cache itself, and an enclave partition, located within an enclave, that is, a hardware-enforced protected region of an address space of a memory. This extends the secure address space usable by and for an application such as a software cryptoprocessor that is to execute only in secure regions of cache or memory.Type: ApplicationFiled: October 1, 2014Publication date: August 2, 2018Inventors: Oded HOROVITZ, Stephen A. WEIS, Sahil RIHAN, Carl A. WALDSPURGER
-
Patent number: 10037282Abstract: A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict.Type: GrantFiled: September 23, 2016Date of Patent: July 31, 2018Assignee: Facebook, Inc.Inventors: Carl A. Waldspurger, Oded Horovitz, Stephen A. Weis, Sahil Rihan
-
Patent number: 9983894Abstract: An application such as a virtual machine are executed securely using a software-based, full-system emulator within a hardware-protected enclave, such as an SGX enclave. The emulator may thereby be secure even against a malicious underlying host operating system. In some cases, paging is used to allow even a large application may run within a small enclave using paging. Where the application itself uses enclaves, these guest enclaves may themselves be emulated within an emulator enclave such that the guest enclave(s) are nested as sibling enclaves by the emulator.Type: GrantFiled: September 25, 2014Date of Patent: May 29, 2018Assignee: Facebook, Inc.Inventors: Oded Horovitz, Stephen A. Weis, Sahil Rihan, Carl A. Waldspurger
-
Patent number: 9747450Abstract: An attestation system for asserting and verifying assertions of a known-good state of a computer system is provided. The attestation system allows a challenger and a prover to conduct an attestation so that the challenger can verify an assertion of the prover. To conduct the attestation, the prover sends, as an assertion of its state, a combined measurement of resources along with a constituent measurement of each resource to the challenger. The challenger verifies the assertion by verifying that the asserted constituent measurements represent known-good measurements and verifying that the asserted combined measurement can be generated from the asserted constituent measurements. To verify the asserted constituent measurements, the challenger determines whether each asserted constituent measurement for a resource is a known-good measurement for that resource.Type: GrantFiled: February 10, 2015Date of Patent: August 29, 2017Assignee: Facebook, Inc.Inventors: Oded Horovitz, Sahil Rihan, Stephen A. Weis, Daniel Arai
-
Patent number: 9734092Abstract: Methods and systems for securing sensitive data from security risks associated with direct memory access (“DMA”) by input/output (“I/O”) devices are provided. An enhanced software cryptoprocessor system secures sensitive data using various techniques, including (1) protecting sensitive data by preventing DMA by an I/O device to the portion of the cache that stores the sensitive data, (2) protecting device data by preventing cross-device access to device data using DMA isolation, and (3) protecting the cache by preventing the pessimistic eviction of cache lines on DMA writes to main memory.Type: GrantFiled: March 19, 2015Date of Patent: August 15, 2017Assignee: Facebook, Inc.Inventors: Oded Horovitz, Sahil Rihan, Stephen A. Weis, Carl A. Waldspurger
-
Publication number: 20170206167Abstract: A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict.Type: ApplicationFiled: September 23, 2016Publication date: July 20, 2017Inventors: Carl A. Waldspurger, Oded Horovitz, Stephen A. Weis, Sahil Rihan
-
Patent number: 9639482Abstract: Security of information—both code and data—stored in a computer's system memory is provided by an agent loaded into and at run time resident in a CPU cache. Memory writes from the CPU are encrypted by the agent before writing and reads into the CPU are decrypted by the agent before they reach the CPU. The cache-resident agent also optionally validates the encrypted information stored in the system memory. Support for I/O devices and cache protection from unsafe DMA of the cache by devices is also provided.Type: GrantFiled: August 6, 2015Date of Patent: May 2, 2017Assignee: Facebook, Inc.Inventors: Oded Horovitz, Stephen A. Weis, Carl A. Waldspurger, Sahil Rihan
-
Patent number: 9477603Abstract: A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict.Type: GrantFiled: September 5, 2014Date of Patent: October 25, 2016Assignee: FACEBOOK, INC.Inventors: Carl A. Waldspurger, Oded Horovitz, Stephen A. Weis, Sahil Rihan
-
Publication number: 20160224475Abstract: Security of information—both code and data—stored in a computer's system memory is provided by an agent loaded into and at run time resident in a CPU cache. Memory writes from the CPU are encrypted by the agent before writing and reads into the CPU are decrypted by the agent before they reach the CPU. The cache-resident agent also optionally validates the encrypted information stored in the system memory. Support for I/O devices and cache protection from unsafe DMA of the cache by devices is also provided.Type: ApplicationFiled: August 6, 2015Publication date: August 4, 2016Inventors: Oded Horovitz, Stephen A. Weis, Carl A. Waldspurger, Sahil Rihan
-
Patent number: 9304915Abstract: One embodiment of the present invention includes a method for maintaining a shadow page table in at least partial correspondence with guest page mappings of a guest computation. The method marking with a traced write indication at least those entries of the shadow page table that map physical memory locations which themselves encode the guest page mappings, the marking identifying, for a hardware facility, a subset of memory access targets for which updates are to be recorded in a guest write buffer accessible to the virtualization system. Responsive to a coherency-inducing operation of the guest computation, the method reads from the guest write buffer and introduces corresponding updates into the shadow page table.Type: GrantFiled: September 16, 2014Date of Patent: April 5, 2016Assignee: VMware, Inc.Inventors: Keith Adams, Sahil Rihan
-
Patent number: 9164924Abstract: Security of information—both code and data—stored in a computer's system memory is provided by an agent loaded into and at run time resident in a CPU cache. Memory writes from the CPU are encrypted by the agent before writing and reads into the CPU are decrypted by the agent before they reach the CPU. The cache-resident agent also optionally validates the encrypted information stored in the system memory. Support for I/O devices and cache protection from unsafe DMA of the cache by devices is also provided.Type: GrantFiled: September 13, 2012Date of Patent: October 20, 2015Assignee: FACEBOOK, INC.Inventors: Oded Horovitz, Stephen A. Weis, Carl A. Waldspurger, Sahil Rihan
-
Publication number: 20150269091Abstract: Methods and systems for securing sensitive data from security risks associated with direct memory access (“DMA”) by input/output (“I/O”) devices are provided. An enhanced software cryptoprocessor system secures sensitive data using various techniques, including (1) protecting sensitive data by preventing DMA by an I/O device to the portion of the cache that stores the sensitive data, (2) protecting device data by preventing cross-device access to device data using DMA isolation, and (3) protecting the cache by preventing the pessimistic eviction of cache lines on DMA writes to main memory.Type: ApplicationFiled: March 19, 2015Publication date: September 24, 2015Inventors: Oded Horovitz, Sahil Rihan, Stephen A. Weis, Carl A. Waldspurger
-
Publication number: 20150227744Abstract: An attestation system for asserting and verifying assertions of a known-good state of a computer system is provided. The attestation system allows a challenger and a prover to conduct an attestation so that the challenger can verify an assertion of the prover. To conduct the attestation, the prover sends, as an assertion of its state, a combined measurement of resources along with a constituent measurement of each resource to the challenger. The challenger verifies the assertion by verifying that the asserted constituent measurements represent known-good measurements and verifying that the asserted combined measurement can be generated from the asserted constituent measurements. To verify the asserted constituent measurements, the challenger determines whether each asserted constituent measurement for a resource is a known-good measurement for that resource.Type: ApplicationFiled: February 10, 2015Publication date: August 13, 2015Inventors: Oded Horovitz, Sahil Rihan, Stephen A. Weis, Daniel Arai
-
Publication number: 20150089502Abstract: An application such as a virtual machine are executed securely using a software-based, full-system emulator within a hardware-protected enclave, such as an SGX enclave. The emulator may thereby be secure even against a malicious underlying host operating system. In some cases, paging is used to allow even a large application may run within a small enclave using paging. Where the application itself uses enclaves, these guest enclaves may themselves be emulated within an emulator enclave such that the guest enclave(s) are nested as sibling enclaves by the emulator.Type: ApplicationFiled: September 25, 2014Publication date: March 26, 2015Applicant: PrivateCore, Inc.Inventors: Oded HOROVITZ, Stephen A. WEIS, Sahil RIHAN, Carl A. WALDSPURGER
-
Publication number: 20150067265Abstract: A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict.Type: ApplicationFiled: September 5, 2014Publication date: March 5, 2015Applicant: PRIVATECORE, INC.Inventors: Carl A. WALDSPURGER, Oded HOROVITZ, Stephen A. WEIS, Sahil RIHAN
-
Publication number: 20150032935Abstract: One embodiment of the present invention includes a method for maintaining a shadow page table in at least partial correspondence with guest page mappings of a guest computation. The method marking with a traced write indication at least those entries of the shadow page table that map physical memory locations which themselves encode the guest page mappings, the marking identifying, for a hardware facility, a subset of memory access targets for which updates are to be recorded in a guest write buffer accessible to the virtualization system. Responsive to a coherency-inducing operation of the guest computation, the method reads from the guest write buffer and introduces corresponding updates into the shadow page table.Type: ApplicationFiled: September 16, 2014Publication date: January 29, 2015Inventors: Keith ADAMS, Sahil RIHAN
-
Patent number: 8838914Abstract: One embodiment of the present invention includes a method for maintaining a shadow page table in at least partial correspondence with guest page mappings of a guest computation. The method marking with a traced write indication at least those entries of the shadow page table that map physical memory locations which themselves encode the guest page mappings, the marking identifying, for a hardware facility, a subset of memory access targets for which updates are to be recorded in a guest write buffer accessible to the virtualization system. Responsive to a coherency-inducing operation of the guest computation, the method reads from the guest write buffer and introduces corresponding updates into the shadow page table.Type: GrantFiled: May 14, 2013Date of Patent: September 16, 2014Assignee: VMware, Inc.Inventors: Keith Adams, Sahil Rihan
-
Patent number: 8762684Abstract: Some embodiments of the present invention include a memory management unit (MMU) configured to, in response to a write access targeting a guest page mapping of a guest virtual page number (GVPN) to a guest physical page number (GPPN) within a guest page table, identify a first page mapping that associates the GVPN with a physical page number (PPN). The MMU is also configured to determine whether a traced write indication is associated with the first page mapping and, if so, record update information identifying the targeted guest page mapping. The update information is used to reestablish coherence between the guest page mapping and the first page mapping. The MMU is further configured to perform the write access.Type: GrantFiled: July 10, 2012Date of Patent: June 24, 2014Assignee: VMware, Inc.Inventors: Keith Adams, Sahil Rihan