Patents by Inventor Yinqian Zhang
Yinqian Zhang has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20250231743Abstract: Embodiments of this specification provide a method and an apparatus for managing a user-mode program in a target operating system. The target operating system is written in a Rust language. The Rust language includes an unsafe keyword. The method includes: in response to a kernel processing program requesting, by calling an interface function, to enter a user mode to execute a target program, confirming, by the user-mode interface module, security of a register access related to the request, where the kernel processing program is located at a non-privilege level and has no permission to use the unsafe keyword, and the user-mode interface module does not include the unsafe keyword; and activating, by the basic code module, a target page table corresponding to the target program through the register access by using first code that includes the unsafe keyword, and setting a mode of the operating system to the user mode.Type: ApplicationFiled: January 10, 2025Publication date: July 17, 2025Inventors: Yuke PENG, Hongliang TIAN, Shoumeng YAN, Yinqian ZHANG
-
Publication number: 20250231888Abstract: Embodiments of this specification provide a method and an apparatus for memory management in a target operating system. The target operating system is written in a Rust language. The Rust language includes an unsafe keyword. The method is performed by a memory management module. The memory management module includes a management interface module and a kernel code module. The method includes: receiving, by the management interface module, a memory request sent by program code, where neither the program code nor the management interface module includes a code segment using the unsafe keyword; and when target security assurance is ensured based on the management interface module, performing, by the kernel code module, a memory operation corresponding to the memory request by using code that includes the unsafe keyword, where the target security assurance is related to the memory operation.Type: ApplicationFiled: January 10, 2025Publication date: July 17, 2025Inventors: Yuke PENG, Hongliang TIAN, Shoumeng YAN, Yinqian ZHANG
-
Publication number: 20250232031Abstract: Embodiments of this specification provide a method and an apparatus for device management in a target operating system. The target operating system is written in a Rust language. The Rust language includes an unsafe keyword. The method relates to a device driver of a peripheral device and a device management module. The method includes: receiving, by an interface module in the device management module, a target request sent by the device driver, where the target request is an operation request related to interrupt configuration or access of the peripheral device, and the interface module includes no code segment using the unsafe keyword; performing, by the interface module, a security check related to the operation request; and after the security check succeeds, performing, by a kernel code module in the device management module, a target operation corresponding to the operation request by using code that includes the unsafe keyword.Type: ApplicationFiled: January 10, 2025Publication date: July 17, 2025Inventors: Yuke PENG, Hongliang TIAN, Shoumeng YAN, Yinqian ZHANG
-
Publication number: 20250190566Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.Type: ApplicationFiled: February 13, 2025Publication date: June 12, 2025Applicant: Baidu USA, LLCInventors: Huibo Wang, Kang Li, Mengyuan Li, Yinqian Zhang, Yueqiang Cheng
-
Patent number: 12254087Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.Type: GrantFiled: May 17, 2022Date of Patent: March 18, 2025Inventors: Huibo Wang, Kang Li, Mengyuan Li, Yinqian Zhang, Yueqiang Cheng
-
Publication number: 20230098117Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.Type: ApplicationFiled: May 17, 2022Publication date: March 30, 2023Applicant: Baidu USA LLCInventors: Huibo WANG, Kang LI, Mengyuan LI, Yinqian ZHANG, Yueqiang CHENG
-
Publication number: 20230097216Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.Type: ApplicationFiled: May 17, 2022Publication date: March 30, 2023Applicant: Baidu USA LLCInventors: Huibo WANG, Kang LI, Mengyuan LI, Yinqian ZHANG, Yueqiang CHENG
-
Publication number: 20230097604Abstract: TLB poisoning attacks take advantage of security issues of translation lookaside buffer (TLB) management on SEV processors in Secure Encrypted Virtualization (SEV) virtual machines (VMs). In various embodiments, a hypervisor may poison TLB entries between two processes of a SEV VM to compromise the integrity and confidentiality of the SEV VM. Variants of TLB poisoning attacks and end-to-end attacks are shown to be successful on both Advanced Micro Devices (AMD) SEV and SEV-Encrypted State (SEV-ES). Countermeasures for thwarting TLB poisoning attacks include hardware-enforced TLB flush processes and re-exec schemes that, among other things, prevent attackers from manipulating TLB entries and causing a privileged victim process to execute malicious code in an attempt to bypass a password authentication.Type: ApplicationFiled: May 17, 2022Publication date: March 30, 2023Applicant: Baidu USA LLCInventors: Huibo WANG, Kang LI, Mengyuan LI, Yinqian ZHANG, Yueqiang CHENG
-
Publication number: 20230059273Abstract: AMD's Secure Encrypted Virtualization (SEV) is a hardware extension available in AMD's EPYC™ server processors to support confidential cloud computing. Although known attacks against SEV, which exploit its lack of encryption in the virtual machine (VM) control block or the lack of integrity protection of the encrypted memory and nested page tables, have been addressed in subsequent releases of SEV-Encrypted State (SEV-ES) and SEV-Secure Nested Paging (SEV-SNP), a new CipherLeaks attack presents a previously unexplored vulnerability for SEV-ES and SEV-SNP. The attack allows a privileged adversary to infer a guest VM's execution states or recover certain plaintext, e.g., to steal private keys from the constant-time implementation of the Rivest-Shamir-Adleman (RSA) algorithm and the Elliptic Curve Digital Signature Algorithm (ECDSA) in the latest OpenSSL library.Type: ApplicationFiled: April 7, 2022Publication date: February 23, 2023Applicant: Baidu USA LLCInventors: Huibo WANG, Kang LI, Mengyuan LI, Yinqian ZHANG, Yueqiang CHENG
-
Patent number: 9009385Abstract: At least one virtual machine implemented on a given physical machine in an information processing system is able to detect the presence of one or more other virtual machines that are also co-resident on that same physical machine. More particularly, at least one virtual machine is configured to avoid usage of a selected portion of a memory resource of the physical machine for a period of time, and to monitor the selected portion of the memory resource for activity during the period of time. Detection of a sufficient level of such activity indicates that the physical machine is also being shared by at least one other virtual machine. The memory resource of the physical machine may comprise, for example, a cache memory, and the selected portion of the memory resource may comprise one or more randomly selected sets of the cache memory.Type: GrantFiled: June 30, 2011Date of Patent: April 14, 2015Assignee: EMC CorporationInventors: Ari Juels, Alina M. Oprea, Michael Kendrick Reiter, Yinqian Zhang
-
Patent number: 8935675Abstract: A method includes receiving a budget cost for monitoring a plurality of tracepoints that occur as a result of operation of a device. The method further includes organizing a plurality of tracepoints into buckets such that each of the buckets corresponds to a range of expected interarrival times, and all tracepoints in a bucket have an expected interarrival time that is within the range for that bucket. The method further includes assigning a trigger to a first plurality of the bucketed tracepoints to yield a plurality of triggered tracepoints, wherein the triggers are proportionally assigned such that a tracepoint having a low expected interarrival time is less likely to be assigned a trigger than an tracepoint having a associated expected interarrival time such that an expected cost of the triggered tracepoints does not exceed the budget cost. Additionally, the method includes monitoring tracepoint occurrence during a first period of operation.Type: GrantFiled: September 25, 2013Date of Patent: January 13, 2015Assignee: Google Inc.Inventors: Michael Daniel Vrable, Ulfar Erlingsson, Yinqian Zhang
-
Patent number: 8689282Abstract: Cloud infrastructure of a cloud service provider comprises a processing platform implementing a security policy enforcement framework. The security policy enforcement framework comprises a policy analyzer that is configured to identify at least one security policy associated with at least one tenant of the cloud service provider, to analyze the security policy against configuration information characterizing the cloud infrastructure of the cloud service provider, and to control execution of one or more applications of said at least one tenant within the cloud infrastructure in accordance with the security policy, based at least in part on one or more results of the analysis of the security policy. The security policy enforcement framework may be implemented in a platform-as-a-service (PaaS) layer of the cloud infrastructure, and may comprise a runtime controller, an operating system controller, a hypervisor controller and a PaaS controller.Type: GrantFiled: December 23, 2011Date of Patent: April 1, 2014Assignees: EMC Corporation, University of North Carolina at Chapel HillInventors: Alina M. Oprea, Yinqian Zhang, Vijay Ganti, John P. Field, Ari Juels, Michael Kendrick Reiter