Implementation of memory access control using optimization

US 7,605,816 B2
Filed: 07/28/2006
Issued: 10/20/2009
Est. Priority Date: 05/02/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-readable storage medium encoded with computer-executable instructions that when executed by a processor cause said processor to perform a method, the method comprising:

storing information regarding a directed labeled graph that comprises a plurality of vertices and a plurality of labeled edges connecting the vertices, each edge being defined by an ordered pair of the vertices and a label, wherein said graph is representative of an address translation map that comprises a plurality of pages, each page in said address translation map corresponding to a vertex of said graph, each reference within one page of said address translation map to another page of said address translation map corresponding to an edge of said graph, and a binary attribute associated with a reference corresponding to a label of the reference'"'"'s corresponding edge, each label indicating whether the reference has the associated binary attribute;

performing a first operation that changes said graph by removing or adding a vertex, removing or adding an edge, or changing the label of an edge;

updating said information to reflect the change to said graph, wherein the change is based on a memory access policy; and

determining whether a second operation may be performed based at least in part on said information regarding said directed label graph.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Mechanisms are disclosed that may allow certain memory access control algorithms to be implemented efficiently. When memory access control is based on controlling changes to an address translation map (or set of maps), it may be necessary to determine whether a particular map change would allow memory to be accessed in an impermissible way. Certain data about the map may be cached in order to allow the determination to be made more efficiently than performing an evaluation of the entire map.

42 Citations

View as Search Results

19 Claims

1. A computer-readable storage medium encoded with computer-executable instructions that when executed by a processor cause said processor to perform a method, the method comprising:
- storing information regarding a directed labeled graph that comprises a plurality of vertices and a plurality of labeled edges connecting the vertices, each edge being defined by an ordered pair of the vertices and a label, wherein said graph is representative of an address translation map that comprises a plurality of pages, each page in said address translation map corresponding to a vertex of said graph, each reference within one page of said address translation map to another page of said address translation map corresponding to an edge of said graph, and a binary attribute associated with a reference corresponding to a label of the reference'"'"'s corresponding edge, each label indicating whether the reference has the associated binary attribute;
  
  performing a first operation that changes said graph by removing or adding a vertex, removing or adding an edge, or changing the label of an edge;
  
  updating said information to reflect the change to said graph, wherein the change is based on a memory access policy; and
  
  determining whether a second operation may be performed based at least in part on said information regarding said directed label graph.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer-readable storage medium of claim 1, wherein said graph is stored in a computer memory, and wherein said first operation comprises a write to a portion of said computer memory that stores said graph.
  - 3. The computer-readable storage medium of claim 1, wherein said information comprises data identifying a set of vertices of said graph map that are located at a predetermined distance from a root vertex of said graph.
  - 4. The computer-readable storage medium of claim 1, wherein said information comprises data identifying a set of vertices of said graph that have a predetermined property.
  - 5. The computer-readable storage medium of claim 1, wherein said information comprises data indicative of a number of edges leading into a specified vertex.
  - 6. The computer-readable storage medium of claim 1, wherein said information comprises data indicative of a number of edges that satisfy a specified predicate and that lead into a specified vertex.
  - 7. The computer-readable storage medium of claim 1, wherein said information omprises data indicative of a number of edges leading away from a specified vertex in said graph.
  - 8. The computer-readable storage medium of claim 1, wherein said information comprises data indicative of a number of edges that satisfy a specified predicate and that lead away from a specified vertex.
  - 9. The computer-readable storage medium of claim 1, wherein whether said second operation may be performed depends upon a given vertex'"'"'s membership in a set, wherein said information contains data indicative of a proper superset of said set, and said act of determining whether said second operation may be performed comprises determining whether said given vertex is a member of said superset.
  - 10. The computer-readable storage medium of claim 1, wherein whether said second operation may be performed depends upon a given vertex'"'"'s membership in a set, wherein said information contains data indicative of a proper subset of said set, and said act of determining whether said second operation may be performed comprises determining whether said given vertex is a member of said subset.

11. A method comprising:
- a computer storing information regarding a directed labeled graph that comprises a plurality of vertices and a plurality of labeled edges connecting the vertices, each edge being defined by an ordered pair of the vertices and a label, wherein said graph is representative of an address translation map that comprises a plurality of pages, each page in said address translation map corresponding to a vertex of said graph, each reference within one page of said address translation map to another page of said address translation map corresponding to an edge of said graph, and a binary attribute associated with a reference corresponding to a label of the reference'"'"'s corresponding edge, each label indicating whether the reference has the associated binary attribute;
  
  the computer performing a first operation that changes said graph by removing or adding a vertex, removing or adding an edge, or changing the label of an edge;
  
  the computer updating said information to reflect the change to said graph, wherein the change is based on a memory access policy; and
  
  the computer determining whether a second operation may be performed based at least in part on said information regarding said directed label graph.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11, wherein said graph is stored in a computer memory, and wherein said first operation comprises a write to a portion of said computer memory that stores said graph.
  - 13. The method of claim 11, wherein said information comprises data indicative of a number of edges that satisfy a specified predicate and that lead away from a specified vertex.
  - 14. The method of claim 11, wherein whether said second operation may be performed depends upon a given vertex'"'"'s membership in a set, wherein said information contains data indicative of a proper superset of said set, and said act of determining whether said second operation may be performed comprises determining whether said given vertex is a member of said superset.
  - 15. The method of claim 11, wherein whether said second operation may be performed depends upon a given vertex'"'"'s membership in a set, wherein said information contains data indicative of a proper subset of said set, and said act of determining whether said second operation may be performed comprises determining whether said given vertex is a member of said subset.

16. A computer system comprising:
- means for storing information regarding a directed labeled graph that comprises a plurality of vertices and a plurality of labeled edges connecting the vertices, each edge being defined by an ordered pair of the vertices and a label, wherein said graph is representative of an address translation map that comprises a plurality of pages, each page in said address translation map corresponding to a vertex of said graph, each reference within one page of said address translation map to another page of said address translation map corresponding to an edge of said graph, and a binary attribute associated with a reference corresponding to a label of the reference'"'"'s corresponding edge, each label indicating whether the reference has the associated binary attribute;
  
  means for performing a first operation that changes said graph by removing or adding a vertex, removing or adding an edge, or changing the label of an edge;
  
  means for updating said information to reflect the change to said graph, wherein the change is based on a memory access policy; and
  
  means for determining whether a second operation may be performed based at least in part on said information regarding said directed label graph.
- View Dependent Claims (17, 18, 19)
- - 17. The computer system of claim 16, wherein said graph is stored in a computer memory, and wherein said first operation comprises a write to a portion of said computer memory that stores said graph.
  - 18. The computer system of claim 16, wherein whether said second operation may be performed depends upon a given vertex'"'"'s membership in a set, wherein said information contains data indicative of a proper superset of said set, and said determining means determines whether said second operation may be performed by determining whether said given vertex is a member of said superset.
  - 19. The computer system of claim 16, wherein whether said second operation may be performed depends upon a given vertex'"'"'s membership in a set, wherein said information contains data indicative of a proper subset of said set, and said determining means determines whether said second operation may be performed by determining whether said given vertex is a member of said subset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
England, Paul, Peinado, Marcus
Primary Examiner(s)
Tung; Kee M
Assistant Examiner(s)
Amini; Javid A

Application Number

US11/494,907
Publication Number

US 20060265557A1
Time in Patent Office

1,180 Days
Field of Search

711/163, 345/440, 345/619
US Class Current

345/440
CPC Class Codes

G06F 12/145 the protection being virtua...

G06F 21/79 in semiconductor storage me...

Implementation of memory access control using optimization

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

42 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Implementation of memory access control using optimization

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links