Customized execution environment

US 7,509,639 B2
Filed: 03/04/2004
Issued: 03/24/2009
Est. Priority Date: 03/04/2003
Status: Active Grant

First Claim

Patent Images

1. A computer-readable medium having a customized execution engine stored therein, the customized execution engine comprising:

code and data sections of a set of or more applications; and

code and data sections of a set of system services, the set of system services having direct and full control of a set of hardware resources of a computer system containing one or more processors implementing a parallel protected architecture, the set of system services using hardware features that are not used by traditional operating systems, the set of system services limited to only those services required by the set of one or more applications, the set of one or more applications together implementing a control flow structure by using only a single thread of execution in each of one or more processors, the customized execution engine unable to load or to load and execute applications in addition to the set of one or more applications.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and techniques for implementing a custom execution environment (CE²) and a related loader are provided. According to one embodiment, the CE²includes code and data sections of an application and code and data sections of a set of system services. The set of system services has direct and full control of a set of hardware resources of a computer system containing one or more processors implementing a parallel protected architecture. According to one embodiment, the system services are designed for maximum simplicity, fastest possible speed, and elimination of security vulnerabilities.

69 Citations

View as Search Results

21 Claims

1. A computer-readable medium having a customized execution engine stored therein, the customized execution engine comprising:
- code and data sections of a set of or more applications; and
  
  code and data sections of a set of system services, the set of system services having direct and full control of a set of hardware resources of a computer system containing one or more processors implementing a parallel protected architecture, the set of system services using hardware features that are not used by traditional operating systems, the set of system services limited to only those services required by the set of one or more applications, the set of one or more applications together implementing a control flow structure by using only a single thread of execution in each of one or more processors, the customized execution engine unable to load or to load and execute applications in addition to the set of one or more applications.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-readable medium of claim 1, wherein the customized execution environment makes full use of capabilities of the computer system, including capabilities not supported by a traditional operating system.
  - 3. The computer-readable medium of claim 1, wherein the set of system services is strictly limited to only those services required by the application.
  - 4. The computer-readable medium of claim 1, wherein the set of system services enable the application to recover and continue following a system error.
  - 5. The computer-readable medium of claim 1, wherein the application and the set of system services are non-portable.
  - 6. The computer-readable medium of claim 1, wherein the set of system services utilize no general-purpose operating system abstractions.
  - 7. The computer-readable medium of claim 1, wherein the set of system services employ entirely different resource management strategies than those used by a general-purpose operating system.

8. A method comprising:
- a customized execution environment providing, to a set of one or more applications together implementing a control flow structure,only a single thread of execution on each of one or more processors, the customized execution engine unable to load or to load and execute applications in addition to the set of one or more applications, anda set of system services to the set of one or more applications, the set of system services having direct and full control of a set of hardware resources of a computer system containing one or more processors implementing a parallel protected architecture, the set of system services using hardware features that are not used by traditional operating systems, the set of system services limited to only those services required by the set of one or more applications; and
  
  the set of one or more applications performing both normal application tasks and tasks that occur as a result of events external to the application using only the single thread on each of the one or more processors.
- View Dependent Claims (9, 10)
- - 9. The method of claim 8, further comprising responsive to an interrupt, an interruption control service receiving control of the single thread, setting state to cause control of the single thread to flow first to one or more interruption service routines (ISRs) corresponding to the interrupt and later to flow to one or more deferred interruption service routines (DISRs).
  - 10. The method of claim 8, further comprising:
    - an I/O driver of a minimum set of I/O drivers using only the single thread on each processor, operating solely using virtual addresses, and generating encoded directives specifying steps needed to perform an I/O operation; and
      
      the I/O driver calling platform control services to control an I/O device, the platform control services using physical addresses by following encoded directives supplied by the I/O driver.

11. A method comprising:
- a caller executing within a customized execution environment;
  
  the caller invoking a system service call of a set of system services provided by the customized execution environment, the set of system services having direct and full control of a set of hardware resources of a computer system containing one or more processors implementing a parallel protected architecture, the set of system services using hardware features that are not used by traditional operating systems, the set of system services limited to only those services required by the set of one or more applications, the set of one or more applications together implementing a control flow structure by using only a single thread of execution in each of one or more processors; and
  
  the system service call causing a call return address associated with the system service call by the application to be verified.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, wherein said verifying a call return address is performed via an intermediate system service of the customized execution environment.
  - 13. The method of claim 11, wherein said verifying a call return address is performed with reference to one or more data structures initialized during loading of the customized execution environment and application.
  - 14. The method of claim 13, wherein a first data structure of the one or more data structures comprises a call table and a second data structure of the one or more data structures comprises a path table.
  - 15. The method of claim 14, wherein the path table contains one or more random numbers at specific locations, and wherein the call table includes the call return address, one or more random numbers supplied by a customized execution environment loader, a specific path table entry location, and a disposition parameter indicating modifications, if any, to the path table to be executed during the system service call.
  - 16. The method of claim 15, further comprising verifying flow of the caller had reached the call point after passing through a back dominating instruction in the flow path to the caller by comparing a first random number of the one or more random numbers in the call table to a second random number of the one or more random numbers at a specific location in the path table.
  - 17. The method of claim 16, further comprising verifying a random number associated with the back dominating instruction.
  - 18. The method of claim 11, wherein the caller executes at a first privilege level of a plurality of privilege levels, wherein the called system service executes at the same or higher privilege level of the plurality of privilege levels.
  - 19. The method of claim 11, further comprising:
    - an I/O driver of a minimum set of I/O drivers using only the single thread on each processor, operating solely using virtual addresses, and generating encoded directives specifying steps needed to perform an I/O operation; and
      
      the I/O driver calling platform control services to control an I/O device, the platform control services using physical addresses by following encoded directives supplied by the I/O driver.

20. A computer-readable medium having a customized execution engine encoded in computer instructions and stored therein, comprising:
- a customized execution environment that provides;
  
  a minimum set of I/O drivers for a particular application, anda set of system services having direct and full control of a set of hardware resources of a computer system containing one or more processors implementing a parallel protected architecture, the set of system services using hardware features that are not used by traditional operating systems, the set of system services limited to only those services required by the set of one or more applications, the set of one or more applications together implementing a control flow structure by using only a single thread of execution in each of one or more processors, the customized execution engine unable to load or to load and execute applications in addition to the set of one or more applications;
  
  an I/O driver of a minimum set of I/O drivers operating solely using virtual addresses and generating encoded directives specifying steps needed to perform an I/O operation; and
  
  the I/O driver calling platform control services to control an I/O device, the platform control services using physical addresses by following encoded directives supplied by the I/O driver.
- View Dependent Claims (21)
- - 21. The computer-readable medium of claim 20, wherein the encoded directives specify I/O controller addresses indirectly through an I/O controller descriptor residing in a compartment accessible only by one or more of the platform control services.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Secure64 Software Corp.
Original Assignee
Secure64 Software Corp.
Inventors
Worley, William S. Jr.
Primary Examiner(s)
Bullock, Jr.; Lewis A
Assistant Examiner(s)
Wang; Jue S

Application Number

US10/794,995
Publication Number

US 20040177243A1
Time in Patent Office

1,846 Days
Field of Search

718/1, 718100-108, 719310-332, 713 1-601, 726/2, 726 16- 21
US Class Current

718/1
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/575   Secure boot

G06F 9/468   Specific access rights for ...

G06F 9/5077   Logical partitioning of res...

G06F 9/545   where tasks reside in diffe...

Customized execution environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

69 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Customized execution environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

69 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links