US 11,709,675 B2
Software verification of dynamically generated code
Filip J. Pizlo, Capitola, CA (US); Michael L. Saboff, San Jose, CA (US); Bernard J. Semeria, Palo Alto, CA (US); Jacques Fortier, San Francisco, CA (US); Ivan Krstić, San Francisco, CA (US); Yusuke Suzuki, Santa Clara, CA (US); Saam J. Barati, Oakland, CA (US); and Yin Zin Mark Lam, Milpitas, CA (US)
Assigned to Apple Inc., Cupertino, CA (US)
Filed by Apple Inc., Cupertino, CA (US)
Filed on Jun. 15, 2021, as Appl. No. 17/348,576.
Claims priority of provisional application 63/108,148, filed on Oct. 30, 2020.
Prior Publication US 2022/0138313 A1, May 5, 2022
Int. Cl. G06F 21/00 (2013.01); G06F 9/30 (2018.01); G06F 9/455 (2018.01); H04L 9/08 (2006.01); G06F 21/53 (2013.01)
CPC G06F 9/30054 (2013.01) [G06F 9/45516 (2013.01); G06F 21/53 (2013.01); H04L 9/0894 (2013.01); G06F 2221/033 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, in a kernel executing in a kernel mode of execution that differs from a user mode of execution, a request to move a dynamically-generated code sequence from a buffer in memory to a dynamic code execution region in the memory, wherein the buffer is writeable but not executable in the user mode, and wherein the dynamic code execution region is executable but not writeable in the user mode;
verifying, in the kernel executing in the kernel mode, that the dynamically-generated code sequence stored in the buffer meets one or more criteria for execution in a computer system, wherein the one or more criteria include an absence of a subset of instructions that are not permitted in dynamically-generated code; and
based on a successful verification, moving, by the kernel executing in the kernel mode, the dynamically-generated code sequence from the buffer to the dynamic code execution region.