Abstract: A computer-implemented method protects stack memory by moving contents of stack memory to an accumulation general purpose register. One or more processors identify an authorized function and a malicious function in a computer program, in which the malicious function is able to execute a call that provides the malicious function with access to stack memory that is used by the authorized function. The processor(s) move data from the stack memory to a protected kernel register before the call is executed, and store results of execution of the authorized function in a first register that is accessible only to the authorized function. The processor(s) then clear the stack memory, and move the results of execution of the authorized function from the first register to an accumulation general purpose register that is also accessible only to the authorized function.
Type:
Grant
Filed:
June 4, 2019
Date of Patent:
October 27, 2020
Assignee:
International Business Machines Corporation
Inventors:
Arun K. Iyengar, Ashish Kundu, Gong Su, Qi Zhang
Abstract: A verifier performs static checks of machine code to ensure that the code will execute safely. After verification is performed, the code is executed. The code modules generated by the rewriter and verified by the verifier prevent runtime code modifications so that properties established by the verifier cannot be invalidated during execution. Guards ensure that control flows only as expected. Stack data that must be shared within a code module, and which may therefore be corrupted during execution, is placed on a separate data stack. Other stack data remains on the regular execution stack, called the control stack. Multiple memory accesses can be checked by a single memory-range guard, optimized for fast access to the most-frequently used memory.
Type:
Application
Filed:
June 9, 2006
Publication date:
December 13, 2007
Applicant:
Microsoft Corporation
Inventors:
Ulfar Erlingsson, Martin Abadi, Michael Vrable