Address validation using signatures
First Claim
1. A computer-implemented method comprising:
- receiving, by a component from a device, a plurality of first requests, each of the plurality of first requests for a corresponding physical address and including a corresponding virtual address;
for each of the plurality of first requests, in response to receiving the respective request from the plurality of first requests;
determining, by the component, a first physical address using the corresponding virtual address;
generating a first signature for the first physical address, the first signature for use to validate the first physical address;
generating a first error-detecting code value for a response to the first request using the first signature and the first physical address, wherein the first error-detecting code value is a different value than the first signature;
generating the response to the first request that comprises i) an error-detecting code field that includes the first error-detecting code value and ii) a body that includes the first physical address and does not include the first signature; and
providing, to the device, the response that includes the first error-detecting code value;
receiving, from the device, a plurality of second requests, each of the plurality of second requests for access to a corresponding second physical address and including a corresponding second error-detecting code;
determining, by the component for each of the plurality of second requests, whether to allow the device access to a memory location identified by the corresponding second physical address based on determining whether the corresponding second physical address is valid using the corresponding second error-detecting code; and
for each second request for which the second physical address is determined to be valid using the second error-detecting code of the corresponding second request, servicing the corresponding second request.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and apparatus, including computer programs encoded on computer storage media, for generating signed addresses. One of the methods includes receiving, by a component from a device, a plurality of first requests, each first request for a physical address and including a virtual address, determining, by the component, a first physical address using the virtual address, generating a first signature for the first physical address, and providing, to the device, a response that includes the first signature, receiving, from the device, a plurality of second requests, each second request for access to a second physical address and including a second signature, determining, by the component for each of the plurality of second requests, whether the second physical address is valid using the second signature, and for each second request for which the second physical address is determined to be valid, servicing the corresponding second request.
28 Citations
29 Claims
-
1. A computer-implemented method comprising:
-
receiving, by a component from a device, a plurality of first requests, each of the plurality of first requests for a corresponding physical address and including a corresponding virtual address; for each of the plurality of first requests, in response to receiving the respective request from the plurality of first requests; determining, by the component, a first physical address using the corresponding virtual address; generating a first signature for the first physical address, the first signature for use to validate the first physical address; generating a first error-detecting code value for a response to the first request using the first signature and the first physical address, wherein the first error-detecting code value is a different value than the first signature; generating the response to the first request that comprises i) an error-detecting code field that includes the first error-detecting code value and ii) a body that includes the first physical address and does not include the first signature; and providing, to the device, the response that includes the first error-detecting code value; receiving, from the device, a plurality of second requests, each of the plurality of second requests for access to a corresponding second physical address and including a corresponding second error-detecting code; determining, by the component for each of the plurality of second requests, whether to allow the device access to a memory location identified by the corresponding second physical address based on determining whether the corresponding second physical address is valid using the corresponding second error-detecting code; and for each second request for which the second physical address is determined to be valid using the second error-detecting code of the corresponding second request, servicing the corresponding second request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system comprising:
-
a data processing apparatus; and a non-transitory computer readable storage medium in data communication with the data processing apparatus and storing instructions executable by the data processing apparatus and upon such execution cause the data processing apparatus to perform operations comprising; receiving, by the data processing apparatus from a device, a plurality of first requests, each of the plurality of first requests for a corresponding physical address and including a corresponding virtual address; for each of the plurality of first requests, in response to receiving the respective request from the plurality of first requests; determining, by the data processing apparatus, a first physical address using the corresponding virtual address; generating a first signature for the first physical address, the first signature for use to validate the first physical address; generating a first error-detecting code value for a response to the first request using the first signature and the first physical address, wherein the first error-detecting code value is a different value than the first signature; generating the response to the first request that comprises i) an error-detecting code field that includes the first error-detecting code value and ii) a body that includes the first physical address and does not include the first signature; and providing, to the device, the response that includes the first error-detecting code value; receiving, from the device, a plurality of second requests, each of the plurality of second requests for access to a corresponding second physical address and including a corresponding second error-detecting code; determining, by the data processing apparatus for each of the plurality of second requests, whether to allow the device access to a memory location identified by the corresponding second physical address based on determining whether the corresponding second physical address is valid using the corresponding second error-detecting code; and for each second request for which the second physical address is determined to be valid using the second error-detecting code of the corresponding second request, servicing the corresponding second request. - View Dependent Claims (25, 26, 27, 28)
-
-
29. A non-transitory computer readable storage medium storing instructions executable by a data processing apparatus and upon such execution cause the data processing apparatus to perform operations comprising:
-
receiving, by the data processing apparatus from a device, a plurality of first requests, each of the plurality of first requests for a corresponding physical address and including a corresponding virtual address; for each of the plurality of first requests, in response to receiving the respective request from the plurality of first requests; determining, by the data processing apparatus, a first physical address using the corresponding virtual address; generating a first signature for the first physical address, the first signature for use to validate the first physical address; generating a first error-detecting code value for a response to the first request using the first signature and the first physical address, wherein the first error-detecting code value is a different value than the first signature; generating the response to the first request that comprises i) an error-detecting code field that includes the first error-detecting code value and a body that includes the first physical address and does not include the first signature; and providing, to the device, a response that includes the first error-detecting code value; receiving, from the device, a plurality of second requests, each of the plurality of second requests for access to a corresponding second physical address and including a corresponding second error-detecting code; determining, by the data processing apparatus for each of the plurality of second requests, whether to allow the device access to a memory location identified by the corresponding second physical address based on determining whether the corresponding second physical address is valid using the corresponding second error-detecting code; and for each second request for which the second physical address is determined to be valid using the second error-detecting code of the corresponding second request, servicing the corresponding second request.
-
Specification