A hardware secure element is described. The hardware secure element includes a microprocessor and a memory, such as a non-volatile memory. The memory stores a plurality of software routines executable by the microprocessor. Each software routine starts at a respective memory start address. The hardware secure element also includes a receiver circuit and a hardware message handler module. The receiver circuit is configured to receive command data that includes a command. The hardware message handler module is configured to determine a software routine to be executed by the microprocessor as a function of the command, and also configured to provide address data to the microprocessor that indicates the software routine to be executed.

A method of redirecting an indirect call in a callback list associated with a list of functions that are registered, includes the steps of: upon registering the list of functions, determining a list of function pointers, each of which corresponds to an address in an associated callback; for each function pointer in the list of function pointers, adding a direct call instruction to the registration trampoline corresponding to the associated callback of the function pointer; and upon invoking the associated callback of one of the function pointers in the list of function pointers, invoking the corresponding direct call instruction in the registration trampoline.

Methods, systems and computer program products for determining a caller of a module in real-time is provided. Each listed target module is located and loaded into system memory. A link is established between each target module and the testing framework, which begins execution of an application that includes the plurality of target modules. In response to one of the plurality of target modules being called by the application, control is passed to the testing framework, which includes the passing to the testing framework original registers from the application and a register containing an entry point of the testing framework. The chain of load modules is inspected by following the linkage data provided in the registers, and the data is recorded. Control is returned from the testing framework to the target module.

A processing unit employs microcode wherein the jump table associated with the microcode is embedded in the microcode itself. When the microcode is compiled based on a set of programmer instructions, the compiler prepares the jump table for the microcode and stores the jump table in the same file or other storage unit as the microcode. When the processing unit is initialized to execute a program, such as an operating system, the processing unit retrieves the microcode corresponding to the program from memory, stores the microcode in a cache or other memory module for execution, and automatically loads the embedded jump table from the microcode to a specified set of jump table registers, thereby preparing the processing unit to process received packets.

A method for implementing LINUX kernel hot patch, an electronic device and a computer readable medium, the method includes: modifying header instruction code of a patched function in an atomic operation mode, and jumping directly or indirectly from a patched function address to a patching function address to activate a patching function. The method for implementing LINUX kernel hot patch can achieve the activation of the patching function without restarting the LINUX system.

A method redirecting an indirect call in a call table to direct call includes the steps of: recording frequencies of calls in a frequency table; updating a search trampoline to cache, as direct calls, calls of the call table that are most frequently made according to the recorded calls in the frequency table; receiving a request to perform one of the calls in the call table; performing a search of the search trampoline to determine whether or not the requested call is cached in the search trampoline; if the requested call is cached in the search trampoline, performing the requested call that is cached in the search trampoline; and if the requested call is not cached in the search trampoline, performing the requested call by accessing the call via the call table.

Calling a function may include: determining whether a call is a direct or an indirect call. In response to determining that the call is an indirect call, a first address stored in a function pointer may be obtained, wherein the function pointer is stored at a first address in a stack frame of a calling function. Whether to execute a nested function call code sequence may be determined based on whether a tag bit in the first address stored in the function pointer is set. In response to determining that the tag bit in the first address is set, a second address stored at a nested function address location may be obtained, wherein the nested function address location is at the first address, and control may be transferred to a called function, wherein the called function is stored at the second address.

A first function manager and a method performed therein for handling a call of a second function from a first function. According to the method the first function manager obtains information associated with one or more locations of the second function. The first function manager also determines an availability of the second function at the one or more locations, based on the obtained information and selects one of the one or more locations for forwarding the call of the second function from the first function. I further step, the first function manager forwards the call of the second function from the first function.

Systems of the present disclosure provide a versatile, reusable mock server to respond to Application-Programming-Interface (API) requests. The mock server receives an API request and a cookie associated with the API request. The API server identifies response instructions found in the cookie. The response instructions may include a static response value, a name of an API server for the mock server to imitate, or code for the mock server to execute in the process of generating a mock API response. The mock server generates a mock API response based on the response instructions and sends the mock API response in reply to the API request.

A segmentation firewall executing on a host enforces a segmentation policy. In a co-existence mode, the segmentation firewall operates in co-existence with a system firewall that enforces a security policy. The segmentation firewall is configured to either drop packets that do not match any permissive rule or pass packets that match a permissive rule to the system firewall to enable the system firewall to determine whether to drop or accept the passed packets. To enable efficient operation of the segmentation firewall when operating in co-existence with the system firewall, the segmentation firewall may include a plurality of rule chains and may be configured to exit a chain and bypass remaining rule chains upon an input packet matching a permissive rule of the segmentation policy.