Apparatus and method for handling page protection faults in a computing system

US 8,719,541 B2
Filed: 11/11/2008
Issued: 05/06/2014
Est. Priority Date: 07/29/2008
Status: Active Grant

First Claim

Patent Images

1. A computing system, comprising:

a translator unit arranged to convert a subject code into a target code, the subject code comprising a reference to at least one subject memory page having associated subject page access attributes;

a target processor unit arranged to execute the target code;

a target memory associated with the target processor unit and including a page descriptor store and plurality of memory locations related to the subject memory pages, wherein N most significant bits of the location in the target memory are selected based on information in the page descriptor store according to the subject page access attributes, the N most significant bits indicating a page protection condition of a corresponding subject memory page; and

wherein the translator unit is arranged to allow an attempt to access a target memory location within the plurality of memory locations to proceed without an interruption in control flow, if the attempted access is within the scope of the subject page access attributes for the associated subject memory page, and wherein the translator unit is operable to detect a page protection fault based on an attempt to access a target memory location and determine a nature of the page protection fault by examining the N most significant bits of the respective target memory location.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and apparatus for handling page protection faults in combination particularly with the dynamic conversion of binary code executable by a one computing platform into binary code executed instead by another computing platform. In one exemplary aspect, a page protection fault handling unit (196) is used to detect memory accesses; to check page protection information relevant to the detected access by examining the contents of a page descriptor store; and to selectively allow the access or pass on page protection fault information in accordance with the page protection information.

7 Citations

View as Search Results

34 Claims

1. A computing system, comprising:
- a translator unit arranged to convert a subject code into a target code, the subject code comprising a reference to at least one subject memory page having associated subject page access attributes;
  
  a target processor unit arranged to execute the target code;
  
  a target memory associated with the target processor unit and including a page descriptor store and plurality of memory locations related to the subject memory pages, wherein N most significant bits of the location in the target memory are selected based on information in the page descriptor store according to the subject page access attributes, the N most significant bits indicating a page protection condition of a corresponding subject memory page; and
  
  wherein the translator unit is arranged to allow an attempt to access a target memory location within the plurality of memory locations to proceed without an interruption in control flow, if the attempted access is within the scope of the subject page access attributes for the associated subject memory page, and wherein the translator unit is operable to detect a page protection fault based on an attempt to access a target memory location and determine a nature of the page protection fault by examining the N most significant bits of the respective target memory location.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computing system of claim 1, wherein the translator unit is arranged to detect an attempt to access a memory location outside the scope of the subject page access attributes for the associated subject memory page and to pass on page protection fault information to an exception handling unit.
  - 3. The computing system of claim 1, wherein the translator unit is arranged to populate the page descriptor store in response to system calls in the subject code that modify memory layout.
  - 4. The computing system of claim 1, wherein the translator unit is arranged to set up, in the target memory, a guard representation of the at least one subject memory page, said guard representation resident in an address space in the target memory that is identifiable by the target processor unit as inaccessible.
  - 5. The computing system of claim 4, wherein the translator unit is arranged to attempt to access either the target memory location within the plurality of memory locations or to attempt to access the guard representation in accordance with the information in the page descriptor store.
  - 6. The computing system of claim 5, wherein the target processor is arranged to generate an exception in response to an attempt to access the guard representation, and the translator unit is arranged to handle the exception with reference to a page protection fault handling unit.
  - 7. The computing system of claim 1, wherein the plurality of memory locations in the target memory are each further associated with information inserted into the page descriptor store by the translator in order to enable the translator unit to redirect attempted accesses to shared subject pages to a corresponding shared region within the target memory.
  - 8. The computing system of claim 1, wherein the translator unit is arranged to determine whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary, and to allow the attempt to proceed without interruption in control flow when the attempted access is within the permissions of all the subject pages involved in the attempted access.
  - 9. The computing system of claim 1, wherein the translator unit is arranged to determine whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary, and to allow the attempt to proceed without interruption in control flow when the attempted access is within the permissions of the first subject page involved in the attempted access, and the permissions of the second subject page involved in the attempted access match those of the first subject page.
  - 10. The computing system of claim 1, wherein the translator unit is arranged to determine whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary, and to allow the attempt to proceed without interruption in control flow when the attempted access is within the permissions of all the first subject page involved in the attempted access, and the permissions of the second subject page involved in the attempted access match those of the first subject page by inspecting a cross-page permission change flag stored in the page descriptor associated with the first subject page.

11. A method of handling page protection faults comprising the steps of:
- converting a subject code executable that comprises a reference to at least one subject memory page having associated subject page access permissions into a target code executable by the at least one target processor and including references to a target memory, the conversion including establishing a page descriptor store according to the reference to the subject memory page and the associated subject page permissions and forming a plurality of target memory locations related to the subject memory page wherein N most significant bits of the location in the target memory are selected based on information in the page descriptor store according to the subject page access permissions, the N most significant bits indicating a page protection condition of the subject memory page;
  
  allowing an attempt to access a target memory location within the plurality of target memory locations to proceed without an interruption in control flow, if the attempted access is within the scope of the subject page access permissions for the subject memory page; and
  
  detecting a page protection fault based on an attempt to access a target memory location and determining a nature of the page protection fault by examining the N most significant bits of the respective target memory location.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, comprising the step of detecting an attempt to access a memory location outside the scope of the subject page access attributes for the associated subject memory page and passing on page protection fault information to an exception handling unit.
  - 13. The method of claim 11, comprising the step of populating the page descriptor store in response to system calls in the subject code that modify memory layout.
  - 14. The method of claim 11, comprising the step of setting up, in the target memory, a guard representation of the at least one subject memory page, said guard representation resident in an address space in the target memory that is identifiable by the target processor unit as inaccessible.
  - 15. The method of claim 14, comprising the steps of attempting to access either the target memory location within the plurality of memory locations or attempting to access the guard representation in accordance with the information in the page descriptor store.
  - 16. The method of claim 15, comprising the steps of generating an exception in response to an attempt to access the guard representation, and handling the exception with reference to a page protection fault handling unit.
  - 17. The method of claim 11, comprising the step of associating locations in the target memory with information inserted into the page descriptor store by the translator in order to enable redirection of attempted accesses to shared subject pages to a corresponding shared region within the target memory.
  - 18. The method of claim 11, comprising the steps of determining whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary, and allowing the attempt to proceed without interruption in control flow when the attempted access is within the permissions of all the subject pages involved in the attempted access.
  - 19. The method of claim 11, comprising the steps of determining whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary, and allowing the attempt to proceed without interruption in control flow when the attempted access is within the permissions of the first subject page involved in the attempted access, and the permissions of the second subject page involved in the attempted access match those of the first subject page.
  - 20. The method of claim 11, comprising the steps of determining whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary;
    - and allowing the attempt to proceed without interruption in control flow when the attempted access is within the permissions of all the first subject page involved in the attempted access, and the permissions of the second subject page involved in the attempted access match those of the first subject page, the matching determined by inspecting a cross-page permission change flag stored in the page descriptor associated with the first subject page.

21. A non-transitory computer readable recording medium having instructions recorded thereon which when executed by a computing system having at least one target processor cause the computing system to perform at least the steps of:
- converting a subject code executable that comprises a reference to at least one subject memory page having associated subject page access permissions into a target code executable by the at least one target processor and including references to a target memory, the conversion including establishing a page descriptor store according to the references to the subject memory pages and the associated subject page access permissions and forming a plurality of target memory locations related to the subject memory page wherein N most significant bits of the location in the target memory are selected based on information in the page descriptor store according to the subject page access permissions, the N most significant bits indicating a page protection condition of the subject memory page;
  
  allowing an attempt to access a target memory location within the plurality of target memory locations to proceed without an interruption in control flow, if the attempted access is within the scope of the subject page access permissions for the subject memory page; and
  
  detecting a page protection fault based on an attempt to access a target memory location and determining a nature of the page protection fault by examining the N most significant bits of the respective target memory location.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The computer readable recording medium of claim 21, having instructions recorded thereon which when executed perform the further steps of detecting an attempt to access a memory location outside the scope of the subject page access attributes for the associated subject memory page and passing on page protection fault information to an exception handling unit.
  - 23. The computer readable recording medium of claim 21, having instructions recorded thereon which when executed perform the further step of populating the page descriptor store in response to system calls in the subject code that modify memory layout.
  - 24. The computer readable recording medium of claim 21, having instructions recorded thereon which when executed perform the further step of setting up, in the target memory, a guard representation of the at least one subject memory page, said guard representation resident in an address space in the target memory that is identifiable by the target processor unit as inaccessible.
  - 25. The computer readable recording medium of claim 24, having instructions recorded thereon which when executed perform the further steps of attempting to access either the target memory location within the plurality of memory locations or attempting to access the guard representation in accordance with the information in the page descriptor store.
  - 26. The computer readable recording medium of claim 25, having instructions recorded thereon which when executed perform the further steps of generating an exception in response to an attempt to access the guard representation, and handling the exception with reference to a page protection fault handling unit.
  - 27. The computer readable recording medium of claim 21, having instructions recorded thereon which when executed perform the further step of associating locations in the target memory with information inserted into the page descriptor store by the translator in order to enable redirection of attempted accesses to shared subject pages to a corresponding shared region within the target memory.
  - 28. The computer readable recording medium of claim 21, having instructions recorded thereon which when executed perform the further steps of determining whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary, and allowing the attempt to proceed without interruption in control flow when the attempted access is within the permissions of all the subject pages involved in the attempted access.
  - 29. The computer readable recording medium of claim 21, having instructions recorded thereon which when executed perform the further steps of determining whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary, and allowing the attempt to proceed without interruption in control flow when the attempted access is within the permissions of the first subject page involved in the attempted access, and the permissions of the second subject page involved in the attempted access match those of the first subject page.
  - 30. The computer readable recording medium of claim 21, having instructions recorded thereon which when executed perform the further steps of determining whether an attempt to access a target memory location within the plurality of memory locations crosses a subject page boundary;
    - and allowing the attempt to proceed without interruption in control flow when the attempted access is within the permissions of all the first subject page involved in the attempted access, and the permissions of the second subject page involved in the attempted access match those of the first subject page, the matching determined by inspecting a cross-page permission change flag stored in the page descriptor associated with the first subject page.

31. A method of handling page protection faults, comprising:
- converting a subject code executable that comprises a reference to at least one subject memory page having associated subject page access permissions into a target code executable by the at least one target processor and including references to a target memory, the conversion including establishing a page descriptor store according to the reference to the subject memory page and the associated subject page permissions; and
  
  allowing an attempt to access a target memory location within the plurality of memory locations to proceed without an interruption in control flow, if the attempted access is within the scope of the subject page access attributes for the associated subject memory page, wherein the information in the page descriptor store is provided in N most significant bits of the location in the target memory, wherein values of the N most significant bits indicate a nature of a page protection condition of a corresponding subject memory page.
- View Dependent Claims (32, 33, 34)
- - 32. The method of claim 31, further comprising manipulating the values of the N most significant bits to indicate the page protection condition.
  - 33. The method of claim 32, further comprising forming multiple guard representations of the subject memory page in the target memory location, the values of the N most significant bits defining an address for respective guard representations.
  - 34. The method of claim 33, further comprising setting the guard representations to occupy pages in the target memory location identifiable as inaccessible.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Murray, Simon, North, Geraint M.
Primary Examiner(s)
Blair, April Y
Assistant Examiner(s)
Cygiel, Gary W

Application Number

US12/268,881
Publication Number

US 20100030975A1
Time in Patent Office

2,002 Days
Field of Search

711136-138, 711/153, 711/202, 711/208
US Class Current

711/202
CPC Class Codes

G06F 12/10   Address translation

G06F 12/1009   using page tables, e.g. pag...

G06F 12/12   Replacement control

G06F 12/145   the protection being virtua...

G06F 12/1483   using an access-table, e.g....

G06F 2212/1052   Security improvement

G06F 8/52   Binary to binary

G06F 9/4552   Involving translation to a ...

G06F 9/45537   Provision of facilities of ...

Apparatus and method for handling page protection faults in a computing system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

7 Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for handling page protection faults in a computing system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links