Methods for safe and efficient implementations of virtual machines
First Claim
1. A computer implemented method for preventing transfer of control to illegal memory addresses during execution of a sequence of virtual machine instructions, operating in a computer system having memory, the method comprising the steps:
- generating a sequence of machine executable instructions to carry out the operations defined by the sequence of virtual machine instructions;
providing, in a computer storage medium, status information, said status information indicating the illegal memory addresses which the sequence of virtual machine instructions is not allowed to transfer control to, and legal memory addresses which the sequence of virtual machine instructions is allowed to transfer control to;
analyzing the sequence of virtual machine instructions and generating a sequence of machine executable instructions to carry out operations defined by the sequence of virtual machine instructions; and
encapsulating a machine executable instruction that can cause transfer of control to the illegal memory addresses with a predetermined sequence of machine executable checking instructions so that said predetermined sequence of machine executable checking instructions is executed in conjunction with said machine executable instruction that can cause transfer of control to said illegal memory addresses, the predetermined sequence of machine executable checking instructions signaling an error if said machine executable instruction that can cause transfer of control to the illegal memory addresses does attempt to transfer control to one of said illegal memory addresses.
2 Assignments
0 Petitions
Accused Products
Abstract
An efficient method for implementing a safe virtual machine, in software, that embodies a general purpose memory protection model. The present invention runs on any general purpose computer architecture and will run an executable that has been developed for the virtual machine. The present invention compiles the executable into the native instructions of the hardware. During the compilation, specialized code sequences are added to the code using a technique called software fault isolation. A set of allowed behaviors and a set of responses to the undesirable actions will be created and written to memory. A series of optimizations are applied so that the translated code executes at nearly the native speed of the architecture, but the fault isolation sequences prevent it from engaging in undesirable actions. In particular, the memory protection model is enforced, providing the same level of protection that customarily requires hardware support to enforce efficiently.
-
Citations
12 Claims
-
1. A computer implemented method for preventing transfer of control to illegal memory addresses during execution of a sequence of virtual machine instructions, operating in a computer system having memory, the method comprising the steps:
-
generating a sequence of machine executable instructions to carry out the operations defined by the sequence of virtual machine instructions; providing, in a computer storage medium, status information, said status information indicating the illegal memory addresses which the sequence of virtual machine instructions is not allowed to transfer control to, and legal memory addresses which the sequence of virtual machine instructions is allowed to transfer control to; analyzing the sequence of virtual machine instructions and generating a sequence of machine executable instructions to carry out operations defined by the sequence of virtual machine instructions; and encapsulating a machine executable instruction that can cause transfer of control to the illegal memory addresses with a predetermined sequence of machine executable checking instructions so that said predetermined sequence of machine executable checking instructions is executed in conjunction with said machine executable instruction that can cause transfer of control to said illegal memory addresses, the predetermined sequence of machine executable checking instructions signaling an error if said machine executable instruction that can cause transfer of control to the illegal memory addresses does attempt to transfer control to one of said illegal memory addresses. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer implemented method for preventing modification of illegal memory addresses during execution of a sequence of virtual machine instructions, operating in a computer system having memory, the method comprising the steps:
-
generating a sequence of machine executable instructions to carry out the operations defined by the sequence of virtual machine instructions; providing, in a computer storage medium, status information, said status information indicating the illegal memory addresses which the sequence of virtual machine instructions is not allowed to modify and legal memory addresses which the sequence of virtual machine instructions is allowed to modify; analyzing the sequence of virtual machine instructions and generating a sequence of machine executable instructions to carry out operations defined by the sequence of virtual machine instructions; and encapsulating a machine executable instruction that can cause modification of the illegal memory addresses with a predetermined sequence of machine executable checking instructions so that said predetermined sequence of machine executable checking instructions is executed in conjunction with said machine executable instruction that can cause modification of said illegal memory addresses, the predetermined sequence of machine executable checking instructions signaling an error if said machine executable instruction that can modify the illegal memory addresses does attempt to modify one of said illegal memory addresses. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification