Patent · US Active

Limited execution environment for monolithic kernel

US11093657B2 · kind B2 · utility

0Cited by

3References

12Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

James Bottomley · Bellevue, US
Joel Kelly Nider · Jerusalem, IL
Michael Rapoport · Haifa, IL

Key dates

Filing date	May 19, 2019
Grant date	Aug 17, 2021
Priority date	—
Expiry date	Sep 3, 2039

Classification

Technology area (CPC G)Physics
CPC primaryG06F2221/2149
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Embodiments of the present systems and methods may provide additional security mechanisms inside an operating system kernel itself by isolating parts of the kernel to protect them from attacks. For example, in an embodiment, a computer-implemented method implemented in a computer comprising a processor, memory accessible by the processor, and computer program instructions stored in the memory and executable by the processor, the method may comprise: creating a namespace in an operating system kernel-space in the memory of the computer, creating an address space for the namespace that maps only kernel objects owned by the namespace, and providing access to kernel objects owned by the namespace only to the least one user process using the combined page table.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.