Compiling executable code into a less-trusted address space

Abstract

Unsafe application programs that implement managed code can be executed in a secure fashion. In particular, an operating system can be configured to execute an application program in user mode, but handle managed code compilation through a type-safe JIT compiler operating in kernel mode. The operating system can also designate a single memory location to be accessed through multiple address spaces with different permission sets. An application program operating in user mode can be executed in the read/execute address space, while the JIT compiler operates in a read/write address space. When encountering one or more pointers to intermediate language code, the application runtime can send one or more compilation requests to a kernel mode security component, which validates the requests. If validated, the JIT compiler will compile the requested intermediate language code, and the application program can access the compiled code from a shared memory heap.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS[0001]N / ABACKGROUND[0002]1. Background and Relevant Art[0003]As computerized systems have increased in popularity, so have the various application programs used on the computerized systems. In particular, there are now a wide range of applications programs configured for any number of purposes, whether to function as complex operating systems, databases, and so forth, or as a simple calculator. In many cases, software developers will write new application programs with a particular operating system in mind, using any number of appropriate languages. Once the software is complete, the developer will compile the application into machine-executable code, which can then be installed on a computer system with the appropriate operating system.[0004]One will appreciate, therefore, that there are a number of considerations that often must considered by developers of operating systems as well as of the individual application programs. Many of these inte...

AI Technical Summary

Benefits of technology

[0012]For example, a method of executing managed code so that untrusted program code can be compiled and executed in a manner that does not threaten or otherwise compromise system security can involve executing an application program in a first address space of a memory location. The method can also involve receiving one or more requests from the application program to compile one or more sets of intermediate language instructions. In addition, the method can involve compiling the one or more sets of intermediate language instructions into newly compiled code using a JIT compiler running in a second address space of the memory location. Furthermore, the method can involve passing the newly compiled code to a shared memory heap. The application program can then retrieve the newly compiled code from the shared memory heap into the first address space.

[0013]Similarly, another method of generating computer executable program code in a manner that uses JIT compilation while avoiding security violations can involve receiving application program code that includes executable code and code to be compiled. The method can also involve executing the executable code in a lower-privilege mode and in a first address space. In addition, the method can involve identifying one or more pointers in the executable code for at least some code to be compiled. Furthermore, the method can involve switching to a higher-privilege mode. Still further, the method can involve compiling the at least some code in a different address space using a compiler operating in the higher-privilege mode.

[0014]This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.

Problems solved by technology

In some cases, the security and stability requirements can cause some application programs to have slower execution and / or lower-performance.

Unfortunately, some recent trends in application program developing complicates various aspects of the above-mentioned security management approaches.

Thus, if the intermediate language code were not type-safe (or conforming to some other program code restrictions), a malicious party could trick the JIT compiler into generating harmful instructions that are executed.

Unfortunately, program code restrictions such as type-safety are often believed to conflict with speed and performance considerations.

This can be particularly problematic for video game applications, where speed and performance considerations are placed at a premium.

Images