Apparatus and method for controlling use of bounded pointers
First Claim
1. An apparatus, comprising:
- a plurality of bounded pointer storage elements, each bounded pointer storage element to store a bounded pointer and associated permission attributes indicative of allowed uses of the bounded pointer, said associated permission attributes comprising a copy permission attribute indicating whether the bounded pointer is allowed to be subjected to a copy operation; and
processing circuitry, responsive to at least one instruction that specifies the copy operation, to generate, from a source bounded pointer and associated permission attributes of a source bounded pointer storage element, a destination bounded pointer and associated permission attributes to be stored in a destination bounded pointer storage element, and to mark the source bounded pointer storage element as storing an invalid bounded pointer dependent on whether the copy permission attribute of the source bounded pointer has a first value indicating that the source bounded pointer is to be prevented from being subjected to the copy operation, whereas when the copy permission attribute has a second value indicating that the source bounded pointer is allowed to be subjected to the copy operation, the processing circuitry is arranged to retain the source bounded pointer storage element as storing a valid bounded pointer;
whereineach bounded pointer storage element has a validity field associated therewith to indicate whether the bounded pointer storage element stores a valid bounded pointer, and the processing circuitry is arranged to mark the source bounded pointer storage element as storing an invalid bounded pointer by updating the validity field associated with the source bounded pointer storage element to identify that the source bounded pointer is invalid.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus and method are provided for controlling use of bounded pointers. The apparatus has a plurality of bounded pointer storage elements, each bounded pointer storage element being used to store a bounded pointer and associated permission attributes indicative of allowed uses of the bounded pointer. In accordance with the present technique, the associated permission attributes include a copy permission attribute indicating whether the bounded pointer is allowed to be subjected to a copy operation. Processing circuitry is then responsive to at least one instruction that specifies the copy operation, to generate, from a source bounded pointer and associated permission attributes of a source bounded pointer storage element, a destination bounded pointer and associated permission attributes to be stored in a destination bounded pointer storage element. Furthermore, the processing circuitry marks the source bounded pointer storage element as storing an invalid bounded pointer dependent on whether the copy permission attribute of the source bounded pointer indicates that the source bounded pointer is to be prevented from being subjected to the copy operation. This provides an effective mechanism for inhibiting the subversion of control flow integrity when executing software on the apparatus.
10 Citations
20 Claims
-
1. An apparatus, comprising:
-
a plurality of bounded pointer storage elements, each bounded pointer storage element to store a bounded pointer and associated permission attributes indicative of allowed uses of the bounded pointer, said associated permission attributes comprising a copy permission attribute indicating whether the bounded pointer is allowed to be subjected to a copy operation; and processing circuitry, responsive to at least one instruction that specifies the copy operation, to generate, from a source bounded pointer and associated permission attributes of a source bounded pointer storage element, a destination bounded pointer and associated permission attributes to be stored in a destination bounded pointer storage element, and to mark the source bounded pointer storage element as storing an invalid bounded pointer dependent on whether the copy permission attribute of the source bounded pointer has a first value indicating that the source bounded pointer is to be prevented from being subjected to the copy operation, whereas when the copy permission attribute has a second value indicating that the source bounded pointer is allowed to be subjected to the copy operation, the processing circuitry is arranged to retain the source bounded pointer storage element as storing a valid bounded pointer;
whereineach bounded pointer storage element has a validity field associated therewith to indicate whether the bounded pointer storage element stores a valid bounded pointer, and the processing circuitry is arranged to mark the source bounded pointer storage element as storing an invalid bounded pointer by updating the validity field associated with the source bounded pointer storage element to identify that the source bounded pointer is invalid. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of controlling use of bounded pointers within an apparatus having a plurality of bounded pointer storage elements, each bounded pointer storage element storing a bounded pointer and associated permission attributes indicative of allowed uses of the bounded pointer, the method comprising:
-
providing a copy permission attribute within said associated permission attributes, the copy permission attribute indicating whether the bounded pointer is allowed to be subjected to a copy operation; and responsive to at least one instruction that specifies the copy operation, generating, from a source bounded pointer and associated permission attributes of a source bounded pointer storage element, a destination bounded pointer and associated permission attributes to be stored in a destination bounded pointer storage element, and marking the source bounded pointer storage element as storing an invalid bounded pointer dependent on whether the copy permission attribute of the source bounded pointer has a first value indicating that the source bounded pointer is to be prevented from being subjected to the copy operation, whereas when the copy permission attribute has a second value indicating that the source bounded pointer is allowed to be subjected to the copy operation, retaining the source bounded pointer storage element as storing a valid bounded pointer; providing each bounded pointer storage element with a validity field associated therewith to indicate whether the bounded pointer storage element stores a valid bounded pointer; and marking the source bounded pointer storage element as storing an invalid bounded pointer by updating the validity field associated with the source bounded pointer storage element to identify that the source bounded pointer is invalid.
-
-
20. An apparatus, comprising:
-
a plurality of bounded pointer storage element means, each bounded pointer storage element means for storing a bounded pointer and associated permission attributes indicative of allowed uses of the bounded pointer, said associated permission attributes comprising a copy permission attribute indicating whether the bounded pointer is allowed to be subjected to a copy operation; and processing means for generating from a source bounded pointer and associated permission attributes of a source bounded pointer storage element means, in response to at least one instruction that specifies the copy operation, a destination bounded pointer and associated permission attributes to be stored in a destination bounded pointer storage element means, and for marking the source bounded pointer storage element means as storing an invalid bounded pointer dependent on whether the copy permission attribute of the source bounded pointer has a first value indicating that the source bounded pointer is to be prevented from being subjected to the copy operation, whereas when the copy permission attribute has a second value indicating that the source bounded pointer is allowed to be subjected to the copy operation, the processing means is arranged to retain the source bounded pointer storage element means as storing a valid bounded pointer;
whereineach bounded pointer storage element means has a validity field associated therewith to indicate whether the bounded pointer storage element means stores a valid bounded pointer, and the processing means is arranged to mark the source bounded pointer storage element means as storing an invalid bounded pointer by updating the validity field associated with the source bounded pointer storage element means to identify that the source bounded pointer is invalid.
-
Specification