A compute instance is instrumented to detect certain kernel memory allocation functions, in particular functions that allocate heap memory and/or make allocated memory executable. Dynamic shell code exploits can then be detected when code executing from heap memory allocates additional heap memory and makes that additional heap memory executable.

A device may load a process under test into virtual memory associated with the device. The virtual memory may include a plurality of memory pages. The device may insert a malware inspection element and a memory tracking element into the process under test and may provide a notification of an event associated with the process under test to a memory tracking element. The device may identify, using the memory tracking element, one or more memory pages of the plurality of memory pages. The one or more memory pages may be assigned to, and used by, the process under test. The device may generate, based on identifying the one or more memory pages, a memory map, associated with the process under test, that may include information identifying the one or more memory pages as being assigned to, and used by, the process under test.

A computer device reads an indicator from a configuration file that identifies a granularity of units of data at which to track validity. The granularity is one of a plurality of granularities ranging from one unit of data to many units of data. The computer device generates a machine-readable file configured to cause a processing device of a memory system to track validity at the identified granularity using a plurality of data validity counters with each data validity counter in the plurality of data validity counters tracking validity of a group of units of data at the identified granularity. The computer device transfers the machine-readable file to a memory of the memory system.

Provided is a control method of controlling locking or unlocking of storage using a blockchain. The control method includes: determining, when first request information indicating a lock/unlock request, that is a lock request or an unlock request, is received from a terminal, whether a keyholder identified by reading keyholder information stored in the blockchain matches an owner of the terminal that has transmitted the first request information, the keyholder information indicating a person having the authority to lock or unlock the storage; performing lock/unlock processing when the keyholder is determined to match the owner, the lock/unlock processing being processing for causing the storage to lock or unlock in accordance with the first request information; and performing first storage processing after the lock/unlock processing is performed, the first storage processing being processing of storing, in the blockchain, transaction data indicating that the lock/unlock processing has been performed.

In a controller that operates a control program which executes sequence control or the like together with a data processing program which executes a complex arithmetic operation or the like, I/O resource information is shared with a shared memory, and an access right to the I/O resource information by the data processing program is controlled using read-in prohibited information and write-in permitted information.

A safety isolation method and apparatus, and a computer system are disclosed. The safety isolation apparatus includes a request detection module and a selection module. The request detection module is configured to: receive an access request from an access device, where the access request carries operation information of the access device and safety level-related information of the access device, the safety level-related information of the access device indicates a safety level of the access device, and the operation information indicates an operation of the access device. The selection module is configured to: if the operation of the access device is a write operation or RFO operation, and the safety level of the access device meets a safety isolation condition, isolate the access request. The foregoing solution can implement safe data interaction between devices at a plurality of safety levels, to improve system performance.

An information processing device include: a memory; and a processor coupled to the memory and configured to: receive an access request directed to an access target and sets the access request in any one of a plurality of pending entries each of which includes latency information; issue a command that corresponds to the access request; control issuance of the command on a basis of the latency information of the any one of the pending entries; set a value that indicates latency for the access request in the latency information of the any one of the pending entries; and subtract a predetermined value from the latency information of the any one of the pending entries for each unit of time.

A device may load a process under test into virtual memory associated with the device. The virtual memory may include a plurality of memory pages. The device may insert a malware inspection element and a memory tracking element into the process under test and may provide a notification of an event associated with the process under test to a memory tracking element. The device may identify, using the memory tracking element, one or more memory pages of the plurality of memory pages. The one or more memory pages may be assigned to, and used by, the process under test. The device may generate, based on identifying the one or more memory pages, a memory map, associated with the process under test, that may include information identifying the one or more memory pages as being assigned to, and used by, the process under test.

An apparatus comprises processing circuitry to issue memory access requests specifying a target address identifying a location to be accessed in a memory system; and a memory protection unit (MRU) comprising permission checking circuitry to check whether a memory access request issued by the processing circuitry satisfies access permissions specified in a memory protection table stored in the memory system. The memory protection table comprises memory protection entries each specifying access permissions for a corresponding address region of variable size within an address space, where the variable size can be a number of bytes other than a power of 2.

An apparatus includes a database with device profiles, and a device programmer. The device programmer includes instructions. The instructions, when read and executed by a processor, cause the device programmer to identify a device identifier of an electronic device. The device programmer is further caused to, based upon the device identifier, access device data from the database. The device programmer is further caused to, based upon the device data, determine an area of memory of the electronic device that can be written. The device programmer is further caused to, based on the determination of the area of memory of the electronic device that can be written, write data to the area of memory.