Method and apparatus for automated native code isolation
First Claim
1. A computerized method to automate isolation of native code within a computer program that has been compiled to a platform-independent code, the method comprising:
- receiving a library containing a native code sub-routine from a first process, wherein the native code sub-routine provides a service to the computer program;
analyzing the library in a second process to determine a defined symbol name for the native code sub-routine;
creating a proxy sub-routine for the native code sub-routine, wherein the proxy sub-routine forms a link to the native code sub-routine;
placing the proxy sub-routine into a memory of a new library in the second process using the defined symbol name of the native code sub-routine as a symbol name for the proxy sub-routine;
running the native code sub-routine in the first process;
executing the platform-independent code in the second process; and
invoking the native code sub-routine in the first process by using an interprocess call from in the first process to call the proxy sub-routine in the platform-independent code in the second process;
wherein operations in the first process are isolated from memory and other system resources belonging to the second process by ensuring that interactions between the first process and the second process take place through the interprocess call, so that an error in the first process does not, one of, corrupt memory belonging to the second process or interfere with the second process in any other way.
2 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system that facilitates automated isolation of native code within a computer program that has been compiled to a platform-independent code. The system operates by receiving a library containing a native code sub-routine that provides a service to the computer program. The system analyzes the library to determine the symbol name for the native code sub-routine. A proxy sub-routine is generated for each native code sub-routine exported by the native library that forms a link to the native code sub-routine. This proxy sub-routine is placed into a new library using the original name of the native code sub-routine. The system runs the native code sub-routine in one process, and executes the platform-independent code in a separate process. The system invokes the native code sub-routine in the first process by calling the proxy sub-routine from the platform-independent code in the second process.
-
Citations
24 Claims
-
1. A computerized method to automate isolation of native code within a computer program that has been compiled to a platform-independent code, the method comprising:
-
receiving a library containing a native code sub-routine from a first process, wherein the native code sub-routine provides a service to the computer program;
analyzing the library in a second process to determine a defined symbol name for the native code sub-routine;
creating a proxy sub-routine for the native code sub-routine, wherein the proxy sub-routine forms a link to the native code sub-routine;
placing the proxy sub-routine into a memory of a new library in the second process using the defined symbol name of the native code sub-routine as a symbol name for the proxy sub-routine;
running the native code sub-routine in the first process;
executing the platform-independent code in the second process; and
invoking the native code sub-routine in the first process by using an interprocess call from in the first process to call the proxy sub-routine in the platform-independent code in the second process;
wherein operations in the first process are isolated from memory and other system resources belonging to the second process by ensuring that interactions between the first process and the second process take place through the interprocess call, so that an error in the first process does not, one of, corrupt memory belonging to the second process or interfere with the second process in any other way. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
providing a proxy platform-independent native interface (PINI) to the library containing the native code sub-routine; and
transparently transforming local PINI calls into calls to the proxy PINI, wherein transforming local PINI calls into calls to the proxy PINI preserves an original control flow, and wherein upcalls and downcalls are guaranteed to be executed by a same thread of a process that executes the native code sub-routine.
-
-
3. The method of claim 1, wherein analyzing the library to determine the defined symbol name includes analyzing the library to determine call arguments for the defined symbol name.
-
4. The method of claim 3, wherein analyzing the library to determine call arguments for the defined symbol name is accomplished at runtime by analyzing a current call frame.
-
5. The method of claim 3, further comprising copying call arguments from the proxy sub-routine to a call to the native code sub-routine.
-
6. The method of claim 3, further comprising returning a result value from the native code sub-routine to the proxy sub-routine.
-
7. The method of claim 1, wherein the proxy sub-routine and the native code sub-routine communicate through inter-process communication.
-
8. The method of claim 1, wherein forming the link to the native code sub-routine includes translating a data element from a first address width in the computer program to a second address width in the native code sub-routine.
-
9. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method to facilitate automated isolation of native code within a computer program that has been compiled to a platform-independent code, the method comprising:
-
receiving a library containing a native code sub-routine from a first process, wherein the native code sub-routine provides a service to the computer program;
analyzing the library in a second process to determine a defined symbol name for the native code sub-routine;
creating a proxy sub-routine for the native code sub-routine, wherein the proxy sub-routine forms a link to the native code sub-routine;
placing the proxy sub-routine into a memory of a new library in the second process using the defined symbol name of the native code sub-routine as a symbol name for the proxy sub-routine;
running the native code sub-routine in the first process;
executing the platform-independent code in the second process; and
invoking the native code sub-routine in the first process by using an interprocess call from the first process to call the proxy sub-routine in the platform-independent code in the second process;
wherein operations in the first process are isolated from memory and other system resources belonging to the second process by ensuring that interactions between the first process and the second process take place through the interprocess call, so that an error in the first process does not, one of, corrupt memory belonging to the second process or interfere with the second process in any other way. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
providing a proxy platform-independent native interface (PINI) to the library containing the native code sub-routine; and
transparently transforming local PINI calls into calls to the proxy PINI, wherein transforming local PINI calls into calls to the proxy PINI preserves an original control flow, and wherein upcalls and downcalls are guaranteed to be executed by a same thread of a process that executes the native code sub-routine.
-
-
11. The computer-readable storage medium of claim 9, wherein analyzing the library to determine the defined symbol name includes analyzing the library to determine call arguments for the defined symbol name.
-
12. The computer-readable storage medium of claim 11, wherein analyzing the library to determine call arguments for the defined symbol name is accomplished at runtime by analyzing a current call frame.
-
13. The computer-readable storage medium of claim 11, the method further comprising copying call arguments from the proxy sub-routine to a call to the native code sub-routine.
-
14. The computer-readable storage medium of claim 11, the method further comprising returning a result value from the native code sub-routine to the proxy sub-routine.
-
15. The computer-readable storage medium of claim 9, wherein the proxy sub-routine and the native code sub-routine communicate through inter-process communication.
-
16. The computer-readable storage medium of claim 9, wherein forming the link to the native code sub-routine includes translating a data element from a first address width in the computer program to a second address width in the native code sub-routine.
-
17. An apparatus that facilitates automated isolation of native code within a computer program that has been compiled to a platform-independent code, the apparatus comprising:
-
a receiving mechanism that is configured to receive a library containing a native code sub-routine from a first process, wherein the native code sub-routine provides a service to the computer program;
an analyzing mechanism in a second process that is configured to analyze the library to determine a defined symbol name for the native code sub-routine;
a creating mechanism that is configured to create a proxy sub-routine for the native code sub-routine, wherein the proxy sub-routine forms a link to the native code sub-routine;
a placing mechanism that is configured to place the proxy sub-routine into a memory of a new library in the second process using the defined symbol name of the native code sub-routine as a symbol name for the proxy sub-routine;
a running mechanism that is configured to run the native code sub-routine in the first process;
an executing mechanism that is configured to execute the platform-independent code in the second process; and
an invoking mechanism that is configured to invoke the native code sub-routine in the, first process by using an interprocess call from the first process to call the proxy sub-routine in the platform-independent code in the second process;
wherein operations in the first process are isolated from memory and other system resources belonging to the second process by ensuring that interactions between the first process and the second process take place through the interprocess call, so that an error in the first process does not, one of, corrupt memory belonging to the second process or interfere with the second process in any other way. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
a providing mechanism configured to provide a proxy platform-independent native interface (PINI) to the library containing the native code sub-routine; and
a transforming mechanism that is configured to transparently transform local PINI calls into calls to the proxy PINI, wherein transforming local PINI calls into calls to the proxy PINI preserves an original control flow, and wherein upcalls and downcalls are guaranteed to be executed by a same thread of a process that executes the native code sub-routine.
-
-
19. The apparatus of claim 17, wherein the analyzing mechanism is further configured to analyze the library to determine call arguments for the defined symbol name.
-
20. The apparatus of claim 19, wherein analyzing the library to determine call arguments for the defined symbol name is accomplished at runtime by analyzing a current call frame.
-
21. The apparatus of claim 19, further comprising a copying mechanism that is configured to copy call arguments from the proxy sub-routine to a call to the native code sub-routine.
-
22. The apparatus of claim 19, further comprising a returning mechanism that is configured to return a result value from the native code sub-routine to the proxy sub-routine.
-
23. The apparatus of claim 17, further comprising an inter-process communication mechanism that is configured so that the proxy sub-routine and the native code sub-routine can communicate.
-
24. The apparatus of claim 17, further comprising an address width translating mechanism that is configured to translate an address from a first address width in the computer program to a second address width in the native code sub-routine.
Specification