US2017192909A1PendingUtilityA1

Method and system for process working set isolation

49
Assignee: RUBICON LABS INCPriority: Mar 20, 2012Filed: Jan 6, 2017Published: Jul 6, 2017
Est. expiryMar 20, 2032(~5.7 yrs left)· nominal 20-yr term from priority
H04L 9/14G06F 12/1425G06F 12/0837G06F 12/0842G06F 12/1466H04L 9/30H04L 9/3242G06F 2212/1052
49
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Embodiments of systems and methods disclosed herein may isolate the working set of a process such that the data of the working set is inaccessible to other processes, even after the original process terminates. More specifically, in certain embodiments, the working set of an executing process may be stored in cache and for any of those cache lines that are written to while in secure mode those cache lines may be associated with a secure descriptor for the currently executing process. The secure descriptor may uniquely specify those cache lines as belonging to the executing secure process such that access to those cache lines can be restricted to only that process.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A system, comprising:
 a processor;   a memory;   a secret key stored in hardware;   a cache having a line comprising data of a process executed on the processor in a secure mode; and   a secure execution controller configured to control access to the line of the cache using a first secure descriptor based on the secret key and associated with the process such that only the process can access the line of the cache.   
     
     
         2 . The system of  claim 1 , wherein the system was placed in secure mode based on the first secure descriptor. 
     
     
         3 . The system of  claim 1 , wherein the secure execution controller is configured to cause an entire working set of the process to be stored in the cache and to cause writes to a memory location other than the cache in the secure mode to be disabled. 
     
     
         4 . The system of  claim 1 , wherein the process has terminated. 
     
     
         5 . The system of  claim 3 , wherein the secure execution controller is configured to cause the line of the cache to be associated with the first secure descriptor associated with the process. 
     
     
         6 . The system of  claim 5 , wherein the secure execution controller is configured to cause a security flag associated with the line of the cache to be set when the process writes the data. 
     
     
         7 . The system of  claim 6 , wherein the secure execution controller is configured to control access by causing the following steps to be performed:
 determining that the line of cache is being accessed by a currently executing process,   determining if a currently executing process is executing in secure mode,   determining a second secure descriptor associated with the currently executing process,   comparing the second secure descriptor and the second secure descriptor, and   allowing access only if the currently executing process is executing in secure mode and the first secure descriptor matches the second secure descriptor.   
     
     
         8 . A method, comprising:
 executing a process on a processor in a secure mode;   storing data in a line of a cache, wherein the data was stored by the process executed on the processor in the secure mode; and   controlling access to the line of the using a first secure descriptor associated with the process such that only the process can access the line of the cache, wherein the first secure descriptor is based on a secret key stored in hardware on a system comprising the processor and the cache.   
     
     
         9 . The method of  claim 8 , wherein the secure mode was entered based on the first secure descriptor. 
     
     
         10 . The method of  claim 8 , further comprising storing an entire working set of the process in the cache and disabling writes to a memory location other than the cache in the secure mode. 
     
     
         11 . The method of  claim 8 , wherein the process has terminated. 
     
     
         12 . The method of  claim 10 , further comprising associating the line of the cache with the first secure descriptor associated with the process. 
     
     
         13 . The method of  claim 12 , further comprising setting a security flag associated with the line of the cache when the process writes the data. 
     
     
         14 . The method of  claim 13 , wherein controlling access comprises:
 determining that the line of cache is being accessed by a currently executing process,   determining if a currently executing process is executing in secure mode,   determining a second secure descriptor associated with the currently executing process,   comparing the second secure descriptor and the second secure descriptor, and   allowing access only if the currently executing process is executing in secure mode and the first secure descriptor matches the second secure descriptor.   
     
     
         15 . A non-transitory computer readable medium, comprising instructions for:
 executing a process on a processor in a secure mode;   storing data in a line of a cache, wherein the data was stored by the process executed on the processor in the secure mode; and   controlling access to the line of the using a first secure descriptor associated with the process such that only the process can access the line of the cache, wherein the first secure descriptor is based on a secret key stored in hardware on a system comprising the processor and the cache.   
     
     
         16 . The computer readable medium of  claim 15 , wherein the secure mode was entered based on the first secure descriptor. 
     
     
         17 . The computer readable medium of  claim 15 , further comprising instructions for storing an entire working set of the process in the cache and disabling writes to a memory location other than the cache in the secure mode. 
     
     
         18 . The computer readable medium of  claim 15 , wherein the process has terminated. 
     
     
         19 . The computer readable medium of  claim 17 , further comprising instructions for associating the line of the cache with the first secure descriptor associated with the process. 
     
     
         20 . The computer readable medium of  claim 19 , further comprising instructions for setting a security flag associated with the line of the cache when the process writes the data.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.