CPC G06F 9/30054 (2013.01) [G06F 9/45516 (2013.01); G06F 21/53 (2013.01); H04L 9/0894 (2013.01); G06F 2221/033 (2013.01)] | 20 Claims |
1. A method comprising:
receiving, in a kernel executing in a kernel mode of execution that differs from a user mode of execution, a request to move a dynamically-generated code sequence from a buffer in memory to a dynamic code execution region in the memory, wherein the buffer is writeable but not executable in the user mode, and wherein the dynamic code execution region is executable but not writeable in the user mode;
verifying, in the kernel executing in the kernel mode, that the dynamically-generated code sequence stored in the buffer meets one or more criteria for execution in a computer system, wherein the one or more criteria include an absence of a subset of instructions that are not permitted in dynamically-generated code; and
based on a successful verification, moving, by the kernel executing in the kernel mode, the dynamically-generated code sequence from the buffer to the dynamic code execution region.
|