Aside from malicious software gaining access and corrupting sections of computer memory, even legitimate software can inadvertently overwrite and damage its own memory content. Memory protection units exist that enable programmers to cordon off sensitive sections of memory. However, there is currently no mechanism to protect sensitive memory from code running in the same address space as that of the memory. Further, software that runs in privileged mode can change protection status of memory regions by modifying registers of the memory protection unit itself.
This disclosure provides a mechanism for protected memory to be accessible by code segments that are specifically authorized to do so. Per the techniques described herein, a protected memory region includes addresses of protected memory and addresses of code-space that is authorized to access such protected memory. An instruction that requests access to protected memory is tested for authorization. If such authorization succeeds, execution of the instruction continues uninterrupted, else an exception is thrown.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Rivera, Jose German, "Fine-grained memory protection", Technical Disclosure Commons, (December 19, 2018)