System and method for multi-level memory domain protection
First Claim
Patent Images
1. A computer-implemented method for multi-level memory domain protection, comprising the steps of:
- creating a domain process context, having an operating system code executing within a first protection level, a domain code executing within a second protection level, and a user code residing within the second protection level;
creating a user process context, having the operating system code executing within the first protection level, a non-executable reserved portion, and the user code executing within the second protection level; and
protecting the domain code from the user code by locating the domain code in the non-executable reserved portion.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for multi-level memory domain protection. A user process for executing operating system code at a first protection level and user code at a second protection level. A domain process for executing the operating system code at the first protection level and domain code at the second protection level. The operating system code protecting the domain code, executing at the second protection level, from the user code, executing at the second protection level, by context switching between the user process context and the domain process context.
11 Citations
11 Claims
-
1. A computer-implemented method for multi-level memory domain protection, comprising the steps of:
-
creating a domain process context, having an operating system code executing within a first protection level, a domain code executing within a second protection level, and a user code residing within the second protection level;
creating a user process context, having the operating system code executing within the first protection level, a non-executable reserved portion, and the user code executing within the second protection level; and
protecting the domain code from the user code by locating the domain code in the non-executable reserved portion.
-
-
2. A system for multi-level memory domain protection, the system comprising:
-
means for creating a domain process context, having an operating system code executing within a first protection level, a domain code executing within a second protection level, and a user code residing within the second protection level;
means for creating a user process context, having the operating system code executing within the first protection level, a non-executable reserved portion, and the user code executing within the second protection level; and
means for protecting the domain code from the user code by locating the domain code in the non-executable reserved portion.
-
-
3. A computer-useable medium embodying computer-readable program code for causing a computer to perform multi-level memory domain protection by performing the steps of:
-
creating a domain process context, having an operating system code executing within a first protection level, a domain code executing within a second protection level, and a user code residing within the second protection level;
creating a user process context, having the operating system code executing within the first protection level, a non-executable reserved portion, and the user code executing within the second protection level; and
protecting the domain code from the user code by locating the domain code in the non-executable reserved portion.
-
-
4. A computer-implemented method for multi-level memory domain protection, comprising:
-
establishing a user process context for a user code;
establishing a domain process context for a domain code; and
protecting the domain code, executing at a protection level, from the user code, executing at the protection level, by context switching between the user process context and the domain process context, wherein the user context process has a non-executable reserve portion in which the domain code is located.
-
-
5. A system for multi-level memory domain protection comprising:
-
a user process context for a user code;
a domain process context for a domain code; and
a protection that protects the domain code, executing at a protection level, from the user code, executing at the protection level, by context switching between the user process context and the domain process context, wherein the user context process has a non-executable reserve portion in which the domain code is located.
-
-
6. A computer-readable medium embodying computer-readable program code for causing a computer to perform multi-level memory domain protection by performing the process of:
-
establishing a user process context for a user code;
establishing a domain process context for a domain code; and
protecting the domain code, executing at a protection level, from the user code, executing at the protection level, by context switching between the user process context and the domain process context, wherein the user context process has a non-executable reserve portion in which the domain code is located.
-
-
7. A computer-implemented method for multi-level memory domain protection, comprising:
protecting a domain code, executing at a protection level, from a user code, executing at the protection level, by context switching to establish two levels of protection within said protection level.
-
8. A computer-implemented method for multi-level memory domain protection, comprising:
-
executing calling-code in a first process pair calling for execution of targeted code in a second process pair; and
inter-group context switching from the first process pair to the second process pair, wherein the inter-group context switching establishes two levels of protection within said protection level.
-
-
9. A system for multi-level memory domain protection comprising:
a protection that protects a domain code, executing at a protection level, from a user code, executing at the protection level, formed by context switching to establish two levels of protection within said protection level.
-
10. A computer-readable medium embodying computer-readable program code for causing a computer to perform multi-level memory domain protection by performing the process of:
protecting a domain code executing at a protection level, from a user code, executing at the protection level, by context switching to establish two levels of protection within said protection level.
-
11. A system for multi-level memory domain protection comprising:
a protection that protects a domain code, executing at a protection level, from a user code, executing at the protection level, formed by context switching to establish two levels of protection within said protection level.
Specification