Non-supervisor mode cross address space dynamic linking
First Claim
1. In a network of computer systems comprising at least one central processing unit (CPU) having a supervisor mode and a non-supervisor mode of execution, a method for a first process executing in said non-supervisor mode in a first address space to dynamically link a first program code segment to a second program code segment in a second address space, without compromising said computer systems'"'"' security, said method comprising the steps of:
- a) obtaining said first and second program code segments and access to said second address space from a first and a second program code manager and an address space manager respectively by said first process, said first and second program code managers and said address space manager authenticating said first process as being authorized to obtain said first and second program code segments and said access to said second address space using a third party authentication manager;
b) causing said obtained first and second program code segments to be mapped into said first and second address spaces by said first process using said address space manager;
c) deriving linkage information of said first and second program code segments by said first process using said mapped first and second program code segments in said first address space, and linking said mapped first program code segment in said second address space to said mapped second program code segment in said second address space by said first process using said derived linkage information; and
d) transferring execution control by said first process to a start address in said second address space.
1 Assignment
0 Petitions
Accused Products
Abstract
In a network of object oriented distributed systems, a plurality of program code managers, each having access to a plurality of program code segment objects, a plurality of address space managers, each having access to a plurality of address space objects having linked program segment and symbol address information, and a plurality of trusted third party authentication managers are provided, thereby allowing a client process executing in non-supervisor mode to be able to dynamically link a program segment to either another program segment in another address space or a process in either another address space or the client'"'"'s address space, without compromising the security of the systems.
144 Citations
16 Claims
-
1. In a network of computer systems comprising at least one central processing unit (CPU) having a supervisor mode and a non-supervisor mode of execution, a method for a first process executing in said non-supervisor mode in a first address space to dynamically link a first program code segment to a second program code segment in a second address space, without compromising said computer systems'"'"' security, said method comprising the steps of:
-
a) obtaining said first and second program code segments and access to said second address space from a first and a second program code manager and an address space manager respectively by said first process, said first and second program code managers and said address space manager authenticating said first process as being authorized to obtain said first and second program code segments and said access to said second address space using a third party authentication manager; b) causing said obtained first and second program code segments to be mapped into said first and second address spaces by said first process using said address space manager; c) deriving linkage information of said first and second program code segments by said first process using said mapped first and second program code segments in said first address space, and linking said mapped first program code segment in said second address space to said mapped second program code segment in said second address space by said first process using said derived linkage information; and d) transferring execution control by said first process to a start address in said second address space. - View Dependent Claims (2, 3)
-
-
4. In a network of computer systems comprising at least one central processing unit (CPU) having a supervisor mode and a non-supervisor mode of execution, a method for a first process executing in said non-supervisor mode in a first address space to dynamically link a first program code segment to a second process in a second address space, without compromising said computer systems'"'"' security, said method comprising the steps of:
-
a) obtaining said first program code segment and access to said second address space from a first program code manager and an address space manager respectively by said first process, said first program code manager and said address space manager authenticating said first process as being authorized to obtain said first program code segment and said access to said second address space using a third party authentication manager; b) causing said obtained first program code segment to be mapped into said second address space by said first process using said address space manager; c) deriving linkage information of said first program code segment by said first process using said mapped first program code segment in said second address space, updating a symbol address table of said second address space by said first process using said derived linkage information, and linking said first program code segment mapped in said second address space to said second process in said second address space by said first process using linkage information in said updated symbol address table of said second address space; and d) transferring execution control to a start address in said second address space by said first process. - View Dependent Claims (5, 6, 7, 8)
-
-
9. In a network of computer systems comprising at least one central processing unit (CPU) having a supervisor mode and a non-supervisor mode of execution, an apparatus for a first process executing in said non-supervisor mode in a first address space to dynamically link a first program code segment to a second program code segment in a second address space, without compromising said computer systems'"'"' security, said apparatus comprising:
-
a) a third party authentication manager coupled to said first process for authenticating said first process as being authorized to obtain said first and second program code segments and access to said second address space; b) a first and a second program code manager coupled to said third party authentication manager and said first process for providing said first and second program code segments to said first process respectively, after authenticating said first process as being authorized to obtain said first and second program code segments; and c) an address space manager coupled to said third party authentication manager and said first process for providing access to said second address space to said first process after authenticating said first process as being authorized to have access to said second address space, and for mapping said first and second program code segments into said first and second address spaces at the request of said first process; wherein said first process links said first program code segment in said second address space to said second program code segment in said second address space using linkage information derived from said first and second program code segments mapped in said first address space, after having obtained said first and second program code segments and said access to said second address space, and caused said first and second program code segments to be mapped into said first and second address spaces using said address space manager, and wherein execution of said linked first and second program code segments is started by said first process by transferring execution from said first process to a start address in to said second address space. - View Dependent Claims (10, 11)
-
-
12. In a network of computer systems comprising at least one central processing unit (CPU) having a supervisor mode and a non-supervisor mode of execution, an apparatus for a first process executing in said non-supervisor mode in a first address space to dynamically link a first program code segment to a second process in a second address space, without compromising said computer systems'"'"' security, said apparatus comprising:
-
a) a third party authentication manager coupled to said first process for authenticating said first process as being authorized to obtain said first program code segment and access to said second address space; b) a first program code manager coupled to said third party authentication manager and said first process for providing said first program code segment to said first process respectively after authenticating said first process as being authorized to obtain said first program code segment using said third party authentication manager; and c) an address space manager coupled to said third party authentication manager for providing access to said second address space to said first process after authenticating said first process as being authorized to have access to said second address space using said third party authentication manager, and mapping said first program code segment into said first and second address spaces at the request of said first process; wherein said first process links said first program code segment in said second address space to said second process in said second address space using updated linkage information in a symbol address table of said second address space modified with updates derived from said first program code segment mapped in said second address space, after having obtained said first program code segment and access to said second address space, and caused said first program code segment to be mapped into said second address spaces using said address space manager, and wherein execution of said second process linked with said first program code segment is started by said first process by transferring execution from said first process to a start address in said second address space. - View Dependent Claims (13, 14, 15, 16)
-
Specification