Method and apparatus for secure execution of code
First Claim
Patent Images
1. A method, comprising:
- executing a trusted section of code on a computer, said executing comprising executing one or more instructions to explicitly raise a privilege level of the trusted section of code to an elevated privilege level, wherein;
the elevated privilege level is necessary to execute a restricted function that is not executable by the trusted section of code before raising the privilege level to the elevated level, andthe raising of privilege level is dependent, at least in part, on determining that the trusted section of code is trusted to raise the privilege level to the elevated level; and
;
while the privilege level of the trusted section of code is at the elevated level, the trusted section of code invoking a given function comprising a second section of code, wherein the second section of code does not inherit from the trusted section, the elevated privilege level necessary to execute the restricted function.
3 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system that facilitates secure execution of code. During operation, the system executes a section of code. Upon executing an instruction that raises a privilege of the section of code, the system checks if the section of code is trusted, wherein trusted code is allowed to raise the privilege and non-trusted code is not allowed to raise the privilege. If so, the system raises the privilege of the section of code and executes the section of code. After the section of code is executed, the system then lowers the privilege of the section of code.
273 Citations
20 Claims
-
1. A method, comprising:
-
executing a trusted section of code on a computer, said executing comprising executing one or more instructions to explicitly raise a privilege level of the trusted section of code to an elevated privilege level, wherein; the elevated privilege level is necessary to execute a restricted function that is not executable by the trusted section of code before raising the privilege level to the elevated level, and the raising of privilege level is dependent, at least in part, on determining that the trusted section of code is trusted to raise the privilege level to the elevated level; and
;while the privilege level of the trusted section of code is at the elevated level, the trusted section of code invoking a given function comprising a second section of code, wherein the second section of code does not inherit from the trusted section, the elevated privilege level necessary to execute the restricted function. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method comprising:
-
executing a trusted section of code on a computer, said executing comprising executing one or more instructions to explicitly raise a privilege level of the trusted section of code to an elevated privilege level, wherein; the elevated privilege level is necessary to execute a restricted function that is not executable by the trusted section of code before raising the privilege level to the elevated level, and the raising of privilege level is dependent, at least in part, on determining that the trusted section of code is trusted to raise the privilege level to the elevated level; and
;while the privilege level of the trusted section of code is at the elevated level, the trusted section of code invoking a given function comprising a second section of code, wherein the second section of code does not inherit from the trusted section, the elevated privilege level necessary to execute the restricted function. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer, comprising:
a computer-readable storage medium storing instructions thereon for implementing a method comprising; executing a trusted section of code on a computer, said executing comprising executing one or more instructions to explicitly raise a privilege level of the trusted section of code to an elevated privilege level, wherein; the elevated privilege level is necessary to execute a restricted function that is not executable by the trusted section of code before raising the privilege level to the elevated level, and the raising of privilege level is dependent, at least in part, on determining that the trusted section of code is trusted to raise the privilege level to the elevated level; and
;while the privilege level of the trusted section of code is at the elevated level, the trusted section of code invoking a given function comprising a second section of code, wherein the second section of code does not inherit from the trusted section, the elevated privilege level necessary to execute the restricted function. - View Dependent Claims (16, 17, 18, 19, 20)
Specification