	US 11,816,484 B2
	Hardware verification of dynamically generated code
Jeffrey E. Gonion, Campbell, CA (US); Michael D. Snyder, Cedar Park, TX (US); and Filip J. Pizlo, Capitola, CA (US)
Assigned to Apple Inc., Cupertino, CA (US)
Filed by Apple Inc., Cupertino, CA (US)
Filed on Jun. 15, 2021, as Appl. No. 17/348,565.
Claims priority of provisional application 63/108,148, filed on Oct. 30, 2020.
Prior Publication US 2022/0137968 A1, May 5, 2022
Int. Cl. G06F 9/30 (2018.01); G06F 9/455 (2018.01); H04L 9/08 (2006.01); G06F 21/53 (2013.01)

CPC G06F 9/30054 (2013.01) [G06F 9/45516 (2013.01); G06F 21/53 (2013.01); H04L 9/0894 (2013.01); G06F 2221/033 (2013.01)]

17 Claims

1. A method comprising:

monitoring, in a monitor circuit in a processor in a computer system, a dynamically-generated code sequence being executed in a dynamic code execution region of the computer system to ensure that the dynamically-generated code sequence meets execution criteria, wherein the execution criteria specify that:

none of a set of prohibited instructions is present in the dynamically-generated code sequence;

a branch target that is outside the dynamic code execution region is:

cryptographically signed with one of a set of one or more cryptographic keys; and

within one of one or more predefined address ranges outside of the dynamic code execution region;

detecting a violation of the execution criteria by the monitor circuit; and

forcing, by the monitor circuit, an exception based on detecting the violation.