-
公开(公告)号:US20220004499A1
公开(公告)日:2022-01-06
申请号:US17475757
申请日:2021-09-15
发明人: Claudio Imbrenda , Christian Borntraeger , Lisa Cranton Heller , Fadi Y. Busaba , Jonathan D. Bradbury
IPC分类号: G06F12/1009 , G06F9/455
摘要: According to one or more embodiments of the present invention, a computer implemented method includes receiving, at a secure interface control of a computer system, an access request for a data structure related to a secure entity in a secure domain of the computer system. The secure interface control can check for a virtual storage address associated with a location of the data structure. The secure interface control can request an address translation using a virtual address space of a non-secure entity of the computer system based on determining that the location of the data structure is associated with the virtual storage address. The secure interface control can access the data structure based on a result of the address translation.
-
公开(公告)号:US20200285589A1
公开(公告)日:2020-09-10
申请号:US16296301
申请日:2019-03-08
发明人: Claudio Imbrenda , Christian Borntraeger , Lisa Cranton Heller , Fadi Y. Busaba , Jonathan D. Bradbury
IPC分类号: G06F12/1009 , G06F9/455
摘要: According to one or more embodiments of the present invention, a computer implemented method includes receiving, at a secure interface control of a computer system, an access request for a data structure related to a secure entity in a secure domain of the computer system. The secure interface control can check for a virtual storage address associated with a location of the data structure. The secure interface control can request an address translation using a virtual address space of a non-secure entity of the computer system based on determining that the location of the data structure is associated with the virtual storage address. The secure interface control can access the data structure based on a result of the address translation.
-
13.发明申请公开(公告)号:US20200285494A1
公开(公告)日:2020-09-10
申请号:US16296316
申请日:2019-03-08
发明人: Fadi Y. Busaba , Lisa Cranton Heller , Jonathan D. Bradbury , Christian Borntraeger , Claudio Imbrenda
IPC分类号: G06F9/455
摘要: According to one or more embodiments of the present invention, a computer implemented method includes executing, by a virtual machine that is executing on a host server, a stream of instructions, wherein an instruction from the stream of instructions is to be intercepted to a hypervisor. The method further includes, based on a determination that the virtual machine is a secure virtual machine, preventing the hypervisor from directly accessing any data of the secure virtual machine. The method further includes performing by a secure interface control of the host server, based on a determination that the instruction is not interpretable by the secure interface control itself, extracting one or more parameter data associated with the instruction from the secure virtual machine, and storing the parameter data into a buffer that is accessible by the hypervisor. The instruction is subsequently intercepted into the hypervisor.
-
公开(公告)号:US20200285492A1
公开(公告)日:2020-09-10
申请号:US16296304
申请日:2019-03-08
IPC分类号: G06F9/455
摘要: A method for starting a secure guest includes receiving, by a hypervisor that is executing on a host server, a request to dispatch a virtual machine (VM) on the host server. The VM is dispatched on the host server by the hypervisor. The VM includes a reboot instruction. The reboot instruction is triggered by the hypervisor to restart the VM in a secure mode.
-
-
-
搜索结果
14 条记录 (耗时 0.131 秒)
