CONTROL-FLOW INTEGRITY WITH MANAGED CODE AND UNMANAGED CODE

• Main Authors: CAPRIOLI, Paul, KANHERE, Abhay S
• Format: Patent
• Language: English; French; German
• Published: 31.01.2018
• Subjects: CALCULATING; COMPUTING; COUNTING; ELECTRIC DIGITAL DATA PROCESSING; PHYSICS

A data processing system (DPS) supports control-flow integrity (CFI). The DPS comprises a processing element with a CFI enforcement mechanism that supports one or more CFI instructions. The DPS also comprises at least one machine-accessible medium responsive to the processing element. Managed code in the machine-accessible medium is configured (a) to execute in a managed runtime environment (MRE) in the data processing system, and (b) to transfer control out from the MRE to unmanaged code, in response to a transfer control statement in the managed code. The machine-accessible medium also comprises a binary translator which, when executed, converts unmanaged code in the data processing system into hardened unmanaged code (HUC) by including CFI features in the HUC. The CFI features comprise one or more CFI instructions to utilize the CFI enforcement mechanism of the processing element for transfers of control initiated by the HUC. Other embodiments are described and claimed.