CN100412791C - 允许用户方式处理在特许执行方式下操作的方法和装置 - Google Patents

允许用户方式处理在特许执行方式下操作的方法和装置 Download PDF

Info

Publication number
CN100412791C
CN100412791C CNB2005100684806A CN200510068480A CN100412791C CN 100412791 C CN100412791 C CN 100412791C CN B2005100684806 A CNB2005100684806 A CN B2005100684806A CN 200510068480 A CN200510068480 A CN 200510068480A CN 100412791 C CN100412791 C CN 100412791C
Authority
CN
China
Prior art keywords
mode
user mode
string
under
special permission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2005100684806A
Other languages
English (en)
Chinese (zh)
Other versions
CN1713141A (zh
Inventor
斯蒂芬·L.·布里尼克
许宇程
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CN1713141A publication Critical patent/CN1713141A/zh
Application granted granted Critical
Publication of CN100412791C publication Critical patent/CN100412791C/zh
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/468Specific access rights for resources, e.g. using capability register

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)
  • Executing Machine-Instructions (AREA)
CNB2005100684806A 2004-06-24 2005-04-28 允许用户方式处理在特许执行方式下操作的方法和装置 Expired - Fee Related CN100412791C (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/877,910 US7669050B2 (en) 2004-06-24 2004-06-24 Method to enable user mode process to operate in a privileged execution mode
US10/877,910 2004-06-24

Publications (2)

Publication Number Publication Date
CN1713141A CN1713141A (zh) 2005-12-28
CN100412791C true CN100412791C (zh) 2008-08-20

Family

ID=35507617

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2005100684806A Expired - Fee Related CN100412791C (zh) 2004-06-24 2005-04-28 允许用户方式处理在特许执行方式下操作的方法和装置

Country Status (3)

Country Link
US (1) US7669050B2 (https=)
JP (1) JP4898155B2 (https=)
CN (1) CN100412791C (https=)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20240385913A1 (en) * 2023-05-17 2024-11-21 Red Hat, Inc. Targeted unprivileged port configuration

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100915803B1 (ko) * 2006-12-05 2009-09-07 한국전자통신연구원 임베디드 리눅스 커널의 보안성 강화를 위한 응용 프로그램구동 방법 및 시스템
US20080271122A1 (en) * 2007-04-27 2008-10-30 John Edward Nolan Granulated hardware resource protection in an electronic system
US7950022B1 (en) * 2007-06-29 2011-05-24 Emc Corporation Techniques for use with device drivers in a common software environment
US7950025B1 (en) * 2007-06-29 2011-05-24 Emc Corporation Common software environment
EP2243080B1 (en) * 2007-12-13 2016-09-21 Advanced Micro Devices, Inc. Driver architecture for computing device having multiple graphics subsystems, reduced power consumption modes, software and methods
US8473964B2 (en) 2008-09-30 2013-06-25 Microsoft Corporation Transparent user mode scheduling on traditional threading systems
US8321874B2 (en) * 2008-09-30 2012-11-27 Microsoft Corporation Intelligent context migration for user mode scheduling
WO2011119137A1 (en) 2010-03-22 2011-09-29 Lrdc Systems, Llc A method of identifying and protecting the integrity of a set of source data
GB2483907A (en) * 2010-09-24 2012-03-28 Advanced Risc Mach Ltd Privilege level switching for data processing circuitry when in a debug mode
US8782380B2 (en) 2010-12-14 2014-07-15 International Business Machines Corporation Fine-grained privilege escalation
US9405682B2 (en) 2012-06-23 2016-08-02 Microsoft Technology Licensing, Llc Storage device access using unprivileged software code
US9785783B2 (en) * 2015-07-23 2017-10-10 Ca, Inc. Executing privileged code in a process
US10325116B2 (en) * 2017-06-30 2019-06-18 Vmware, Inc. Dynamic privilege management in a computer system
US11675902B2 (en) 2018-12-05 2023-06-13 Vmware, Inc. Security detection system with privilege management

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63298447A (ja) * 1987-05-29 1988-12-06 Hitachi Ltd マルチオペレ−ティングシステムコンソ−ル制御方式
EP0610677A2 (en) * 1993-02-12 1994-08-17 International Business Machines Corporation Bimodal communications device driver
US5764889A (en) * 1996-09-26 1998-06-09 International Business Machines Corporation Method and apparatus for creating a security environment for a user task in a client/server system
WO2001061473A1 (en) * 2000-02-16 2001-08-23 Watchguard Technologies, Inc. Computer security using dual functional security contexts
US20030037172A1 (en) * 2001-08-17 2003-02-20 John Lacombe Hardware implementation of an application-level watchdog timer
US6598169B1 (en) * 1999-07-26 2003-07-22 Microsoft Corporation System and method for accessing information made available by a kernel mode driver

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH07120286B2 (ja) * 1987-04-02 1995-12-20 株式会社日立製作所 浮動小数点関数擬似命令処理方法
JPH04156617A (ja) * 1990-10-19 1992-05-29 Nec Corp 割込み・例外制御方式
US5485409A (en) * 1992-04-30 1996-01-16 International Business Machines Corporation Automated penetration analysis system and method
JPH086819A (ja) * 1994-06-17 1996-01-12 Hitachi Ltd デバイスドライバプログラムのテスト装置およびその方法
US5864683A (en) * 1994-10-12 1999-01-26 Secure Computing Corporartion System for providing secure internetwork by connecting type enforcing secure computers to external network for limiting access to data based on user and process access rights
US5764969A (en) * 1995-02-10 1998-06-09 International Business Machines Corporation Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization
US7124302B2 (en) * 1995-02-13 2006-10-17 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
JPH10187265A (ja) * 1996-12-20 1998-07-14 Nec Shizuoka Ltd 情報処理装置の起動方法
US5893166A (en) * 1997-05-01 1999-04-06 Oracle Corporation Addressing method and system for sharing a large memory address space using a system space global memory section
US6226725B1 (en) * 1998-04-21 2001-05-01 Ibm Method and system in a data processing system for the dedication of memory storage locations
US7475398B2 (en) * 2000-08-01 2009-01-06 Wind River Systems, Inc. System and method for implementing a smart system call
US7024672B2 (en) * 2002-06-26 2006-04-04 Microsoft Corporation Process-mode independent driver model
US7383587B2 (en) * 2002-11-18 2008-06-03 Arm Limited Exception handling control in a secure processing system
US7076637B2 (en) * 2003-10-29 2006-07-11 Qualcomm Inc. System for providing transitions between operating modes of a device
US7120794B2 (en) * 2003-10-29 2006-10-10 Qualcomm Inc. System for invoking a privileged function in a device
JP4246672B2 (ja) * 2004-06-03 2009-04-02 株式会社リコー 画像形成装置および画像形成装置制御方法

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63298447A (ja) * 1987-05-29 1988-12-06 Hitachi Ltd マルチオペレ−ティングシステムコンソ−ル制御方式
EP0610677A2 (en) * 1993-02-12 1994-08-17 International Business Machines Corporation Bimodal communications device driver
US5764889A (en) * 1996-09-26 1998-06-09 International Business Machines Corporation Method and apparatus for creating a security environment for a user task in a client/server system
US6598169B1 (en) * 1999-07-26 2003-07-22 Microsoft Corporation System and method for accessing information made available by a kernel mode driver
WO2001061473A1 (en) * 2000-02-16 2001-08-23 Watchguard Technologies, Inc. Computer security using dual functional security contexts
US20030037172A1 (en) * 2001-08-17 2003-02-20 John Lacombe Hardware implementation of an application-level watchdog timer

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20240385913A1 (en) * 2023-05-17 2024-11-21 Red Hat, Inc. Targeted unprivileged port configuration

Also Published As

Publication number Publication date
CN1713141A (zh) 2005-12-28
JP2006012170A (ja) 2006-01-12
JP4898155B2 (ja) 2012-03-14
US7669050B2 (en) 2010-02-23
US20050289545A1 (en) 2005-12-29

Similar Documents

Publication Publication Date Title
CN100412791C (zh) 允许用户方式处理在特许执行方式下操作的方法和装置
Voulimeneas et al. You shall not (by) pass! practical, secure, and fast pku-based sandboxing
CN106462708B (zh) 认证变量的管理方法和装置
US9548986B2 (en) Sensitive data tracking using dynamic taint analysis
US8336095B2 (en) User space virtualization system
US20190370502A1 (en) Systems and methods for controlling access to secure debugging and profiling features of a computer system
WO2020097179A1 (en) Systems and methods for stalling host processor
US7934076B2 (en) System and method for limiting exposure of hardware failure information for a secured execution environment
US20250094144A1 (en) Rules processing systems and methods with just-in-time compilation for endpoint protection in kernel mode
US20070168574A1 (en) System and method for securing access to general purpose input/output ports in a computer system
EP1927065B1 (en) Method for computing platform data protection
US11100238B2 (en) Systems and methods for generating policy coverage information for security-enhanced information handling systems
CN118821118A (zh) 一种面向嵌入式固件的安全检测方法及装置
US11222122B2 (en) Method and system for runtime instrumentation of software methods
US20060149952A1 (en) Exception handling in a multiprocessor system
Peng et al. {ASTERINAS}: A Linux {ABI-Compatible},{Rust-Based} Framekernel {OS} with a Small and Sound {TCB}
CN110276214B (zh) 一种基于从机访问保护的双核可信soc架构及方法
CN101539880A (zh) 面向Windows Vista的计算机外部设备安全监控方法
US7950057B1 (en) Driver load manager and method
US20180260563A1 (en) Computer system for executing analysis program, and method of monitoring execution of analysis program
US7774758B2 (en) Systems and methods for secure debugging and profiling of a computer system
US8165847B2 (en) Implementing a programmable DMA master with write inconsistency determination
US20060080518A1 (en) Method for securing computers from malicious code attacks
JP2002538532A (ja) Icカードのアプリケーションに対するアクセス保護装置
US20170091465A9 (en) Secure emulation logic between page attribute table and test interface

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20080820

Termination date: 20150428

EXPY Termination of patent right or utility model