1. A method comprising:
initializing a bytecode driver and setting an extensible policy mechanism to protect at least one root data structure including a page table;
interpreting a bytecode of a pre-boot driver associated with a memory access in a byte code interpreter and mapping between a virtual address and a physical address of a memory page of the memory access, wherein the physical address is to be accessed using a page directory entry of a page directory and a page table entry of the page table; and
controlling access to the memory page based on a plurality of protection bits of the page table entry of the page table.
2. The method of claim 1, further comprising setting the extensible policy mechanism to protect a data structure of the pre-boot driver responsive to a request of the pre-boot driver, wherein the pre-boot driver is cryptographically signed.
3. The method of claim 2, further comprising allocating the memory page to an exclusion list by writing a predetermined code in the plurality of protection bits of the associated page table entry.
4. The method of claim 3, further comprising preventing access to the memory page by code other than the pre-boot driver if the memory page is allocated in the exclusion list.
5. The method of claim 4, further comprising preventing access to the memory page by the pre-boot driver if the pre-boot driver is not cryptographically signed.
6. The method of claim 1, further comprising performing the mapping between the virtual address and the physical address with a non-1:1 mapping to provide a false address to malware.
7. An article comprising a machine-accessible storage medium including instructions that when executed cause a system to:
initialize a bytecode driver and set an extensible policy mechanism to protect at least one root data structure including a page table;
interpret a bytecode of a pre-boot driver associated with a memory access in a byte code interpreter and map between a virtual address and a physical address of a memory page of the memory access, wherein the physical address is to be accessed using a page directory entry of a page directory and a page table entry of the page table; and
control access to the memory page based on a plurality of protection bits of the page table entry of the page table.
8. The article of claim 7, further comprising instructions that when executed enable the system to set the extensible policy mechanism to protect a data structure of the pre-boot driver responsive to a request of the pre-boot driver, wherein the pre-boot driver is cryptographically signed.
9. The article of claim 8, further comprising instructions that when executed enable the system to allocate the memory page to an exclusion list by writing a predetermined code in the plurality of protection bits of the associated page table entry.
10. The article of claim 9, further comprising instructions that when executed enable the system to prevent access to the memory page by code other than the pre-boot driver if the memory page is allocated in the exclusion list.
11. The article of claim 7, further comprising instructions that when executed enable the system to perform the mapping between the virtual address and the physical address with a non-1:1 mapping to provide a false address to malware.
12. A system comprising:
a processor; and
a memory coupled to the processor to store instructions to cause the processor to initialize a bytecode driver and set an extensible policy mechanism to protect at least one root data structure including a page table, interpret a bytecode of a pre-boot driver associated with a memory access to a memory page via a byte code interpreter, and prior to allowing the memory access, determine whether the pre-boot driver is allowed to access to the memory page based on a plurality of protection bits of a page table entry of a page table associated with the memory page.
13. The system of claim 12, wherein the memory further includes instructions to set the extensible policy mechanism to protect a data structure of the pre-boot driver responsive to a request of the pre-boot driver, wherein the pre-boot driver is cryptographically signed.
14. The system of claim 13, wherein the memory further includes instructions to allocate the memory page to an exclusion list by writing a predetermined code in the plurality of protection bits of the associated page table entry.
15. The system of claim 12, wherein the memory further includes instructions to perform mapping between a virtual address and a physical address of the memory page with a non-1:1 mapping to provide a false address to malware.
The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.
What is claimed is:
1. A method to detect parasite oocysts in feces, said method comprising:
(a) contacting a sample of feces with a solid support capable of binding oocysts;
(b) allowing the sample to dry onto the solid support;
(c) washing the sample on the solid support with an aqueous wash solution;
(d) adding an aqueous elution solution to the sample and eluting DNA from the sample into the aqueous elution solution by heating;
(e) PCR amplifying oocyst-specific DNA with primers specific to the oocyst being detected; and
(f) detecting the presence of a PCR amplification product resulting from amplification of oocyst-specific DNA in the sample, wherein the presence of said product indicates the presence of oocysts in said feces.
2. A method according to claim 1, wherein the sample of feces is solubilized in an aqueous solution before contacting the sample with a solid support capable of binding oocysts.
3. A method according to claim 1; wherein the aqueous wash solution comprises distilled water.
4. A method according to claim 1, wherein the aqueous elution solution comprises distilled water.
5. A method according to claim 1, wherein the heating step comprises heating to approximately 95 C.
6. A method according to claim 1, wherein the solid support capable of binding oocysts comprises paper.
7. A method according to claim 1, wherein the solid support comprises one or more compounds capable of binding inhibitors of PCR amplification.
8. The method of claim 1, wherein the parasite oocysts are enteric apicomplexa oocysts.
9. The method of claim 8, wherein the enteric apicomplexa oocysts are selected from the group consisting of Cryptosporidium oocysts and Toxoplasma oocysts.
10. A method to detect parasite cysts in feces, said method comprising:
(a) contacting a sample of feces with a solid support capable of binding oocysts;
(b) allowing the sample to dry onto the solid support;
(c) washing the sample on the solid support with an aqueous wash solution;
(d) adding an aqueous elution solution to the sample and eluting DNA from the sample into the aqueous elution solution by heating;
(e) PCR amplifying oocyst-specific DNA with primers specific to the oocyst being detected; and
(f) detecting the presence of a PCR amplification product resulting from amplification of oocyst-specific DNA in the sample, wherein the presence of said product indicates the presence of cysts in said feces.
11. A method according to claim 10, wherein the sample of feces is solubilized in an aqueous solution before contacting the sample with a solid support capable of binding cysts.
12. A method according to claim 10, wherein the aqueous wash solution comprises distilled water.
13. A method according to claim 10, wherein the aqueous elution solution comprises distilled water.
14. A method according to claim 10, wherein the heating step comprises heating to approximately 95 C.
15. A method according to claim 10, wherein the solid support capable of binding cysts comprises paper.
16. A method according to claim 10, wherein the solid support comprises one or more compounds capable of binding inhibitors of PCR amplification.
17. The method of claim 10, wherein the parasite cysts are Giardia cysts.