| 摘要 |
Executable computer code sections can be effectively evicted from secondary memory (e.g., instruction cache) during execution time in order to reduce the observable changes to the state of the secondary memory, thereby enhancing the security of computing systems that use secondary memory in addition the primary (main) memory to support execution of computer code. In particular, codes sections considered to be critical to security can be identified and effectively mapped to the same section of an instruction cache (I-cache) as provided in more modern computing systems in order to improve the efficiency of execution, thereby allowing use of the I-cache in a more secure manner.
|
