Securely redirecting system service routines

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Haim Cohen · Nes Ziona, IL
• Graham John Harper · Coventry, GB
• Mehmet Iyigun · Kirkland, US
• Kenneth D. Johnson · Seattle, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/79
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Securely redirecting a system service routine via a provider service table. A service call provider is loaded within an operating system executing in a lower trust security zone. The service call provider comprises metadata indicating a system service routine to be redirected to the service call provider. Based on the metadata, a provider service table is built within a higher trust security zone. The service table redirects the system service routine to the service call provider. Memory page(s) associated with the provider service table are hardware protected, and a read-only view is exposed to the operating system. The provider service table is associated with a user-mode process. A service call for a particular system service routine is received by the operation system from the user-mode process and, based on the provider service table being associated with the user-mode process, the service call is directed to the service call provider.