中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

36 records (took 0.014 seconds)

    HYPERCALL IMPLEMENTATION IN A VIRTUALIZED COMPUTER SYSTEM
    11.
    发明申请
    HYPERCALL IMPLEMENTATION IN A VIRTUALIZED COMPUTER SYSTEM 有权

    公开(公告)号:US20210224089A1

    公开(公告)日:2021-07-22

    申请号:US16744351

    申请日:2020-01-16

    Applicant: VMware, Inc.

    Inventor: Cyprien LAPLACE Regis DUCHESNE Andrei WARKENTIN Ye LI Alexander FAINKICHEN

    IPC: G06F9/455

    Abstract: An example method of interfacing with a hypervisor in a computing system is described. The computing system includes a processor having at least three hierarchical privilege levels including a third privilege level more privileged than a second privilege level, the second privilege level more privileged than a first privilege level. The method includes configuring, by the hypervisor executing at the third privilege level, the processor to trap reads to a debug communication channel (DCC) status register of the processor to the third privilege level; trapping, at the hypervisor, a read to the DCC status register by guest software executing in a virtual machine (VM) managed by the hypervisor, the guest software executing at the first or second privilege level; reading, at the hypervisor, a plurality of registers of the processor to obtain data stored by the guest software; and returning execution from the hypervisor to the guest software.

    UNIFYING HARDWARE TRUSTED EXECUTION ENVIRONMENT TECHNOLOGIES USING VIRTUAL SECURE ENCLAVE DEVICE
    12.
    发明申请
    UNIFYING HARDWARE TRUSTED EXECUTION ENVIRONMENT TECHNOLOGIES USING VIRTUAL SECURE ENCLAVE DEVICE 有权

    公开(公告)号:US20210133315A1

    公开(公告)日:2021-05-06

    申请号:US16671106

    申请日:2019-10-31

    Applicant: VMware, Inc.

    Inventor: Ye LI David OTT Cyprien LAPLACE Andrei WARKENTIN Regis DUCHESNE

    IPC: G06F21/53 G06F9/455 G06F21/60

    Abstract: System and method for creating and managing trusted execution environments (TEEs) using different underlying hardware TEE mechanisms use a virtual secure enclave device which runs in a virtualized environment in a computer system. The device enables an enclave command transmitted to the virtual secure enclave device to be retrieved and parsed to extract an enclave operation to be executed. A TEE backend module is used to interact with a particular hardware TEE mechanism among those available in the computer system. The module ensures the enclave operation for the software process is executed by the particular hardware TEE mechanism, or the TEE scheme based on a particular hardware TEE mechanism.

    IMPLEMENTING PER-PROCESSOR MEMORY AREAS WITH NON-PREEMPTIBLE OPERATIONS USING VIRTUAL ALIASES
    14.
    发明申请
    IMPLEMENTING PER-PROCESSOR MEMORY AREAS WITH NON-PREEMPTIBLE OPERATIONS USING VIRTUAL ALIASES 审中-公开

    公开(公告)号:US20190286558A1

    公开(公告)日:2019-09-19

    申请号:US16420549

    申请日:2019-05-23

    Applicant: VMware, Inc.

    Inventor: Cyprien LAPLACE Harvey TUCH Andrei WARKENTIN Adrian DRZEWIECKI

    IPC: G06F12/02 G06F12/06 G06F12/04 G06F9/455

    Abstract: A computer system provides a mechanism for assuring a safe, non-preemptible access to a private data area (PRDA) belonging to a CPU. PRDA accesses generally include obtaining an address of a PRDA and performing operations on the PRDA using the obtained address. Safe, non-preemptible access to a PRDA generally ensures that a context accesses the PRDA of the CPU on which the context is executing, but not the PRDA of another CPU. While a context executes on a first CPU, the context obtains the address of the PRDA. After the context is migrated to a second CPU, the context performs one or more operations on the PRDA belonging to the second CPU using the address obtained while the context executed on the first CPU. In another embodiment, preemption and possible migration of a context from one CPU to another CPU is delayed while a context executes non-preemptible code.

    CREATING A COMMUNICATION CHANNEL BETWEEN DIFFERENT PRIVILEGE LEVELS USING WAIT-FOR-EVENT INSTRUCTION IN SYSTEMS OPERABLE AT MULTIPLE HIERARCHICAL PRIVILEGE LEVELS
    15.
    发明申请
    CREATING A COMMUNICATION CHANNEL BETWEEN DIFFERENT PRIVILEGE LEVELS USING WAIT-FOR-EVENT INSTRUCTION IN SYSTEMS OPERABLE AT MULTIPLE HIERARCHICAL PRIVILEGE LEVELS 有权
    在多个分层特权水平下运行的系统中的等待指令创建不同特权级别之间的通信通道

    公开(公告)号:US20160170816A1

    公开(公告)日:2016-06-16

    申请号:US14572516

    申请日:2014-12-16

    Applicant: VMware, Inc.

    Inventor: Andrei WARKENTIN Harvey TUCH

    IPC: G06F9/54 G06F9/455

    CPC classification number: G06F9/544 G06F9/45558 G06F2009/45587 G06F2009/45591

    Abstract: In a computer system operable at multiple hierarchical privilege levels, a “wait-for-event” (WFE) communication channel between components operating at different privilege levels is established. Initially, a central processing unit (CPU) is configured to to “trap” WFE instructions issued by a client, such as an operating system, operating at one privilege level to an agent, such as a hypervisor, operating at a more privileged level. After storing a predefined special sequence in a storage component (e.g., a register), the client executes a WFE instruction. As part of trapping the WFE instruction, the agent reads and interprets the special sequence from the storage component and may respond to the special sequence by storing another special sequence in a storage component that is accessible to the client. Advantageously, the client may leverage this WFE communication channel to establish low-overhead watchdog functionality for the client.

    Abstract translation: 在可操作于多个分级特权级别的计算机系统中,建立以不同权限级别操作的组件之间的“等待事件”(WFE)通信信道。 最初,中央处理单元(CPU)被配置为“以特殊级别操作的代理(例如虚拟机管理程序)”捕获由诸如操作系统的客户端发出的WFE指令。 在将预定义的特殊序列存储在存储组件(例如,寄存器)中之后,客户机执行WFE指令。 作为捕获WFE指令的一部分,代理从存储组件读取和解释特殊序列,并且可以通过将另一个特殊序列存储在客户端可访问的存储组件中来响应特殊序列。 有利地,客户端可以利用该WFE通信信道为客户端建立低开销看门狗功能。

    GUEST TIME SCALING FOR A VIRTUAL MACHINE IN A VIRTUALIZED COMPUTER SYSTEM
    16.
    发明公开
    GUEST TIME SCALING FOR A VIRTUAL MACHINE IN A VIRTUALIZED COMPUTER SYSTEM 审中-公开

    公开(公告)号:US20230195484A1

    公开(公告)日:2023-06-22

    申请号:US17553607

    申请日:2021-12-16

    Applicant: VMware, Inc.

    Inventor: Andrei WARKENTIN Ye LI Alexander FAINKICHEN Regis DUCHESNE Cyprien LAPLACE Shruthi Muralidhara HIRIYURU Sunil Kumar KOTIAN

    IPC: G06F9/455

    CPC classification number: G06F9/45558 G06F2009/45583

    Abstract: An example method of managing guest time for a virtual machine (VM) supported by a hypervisor of a virtualized host computer includes: configuring, by the hypervisor, a central processing unit (CPU) of the host computer to trap, to the hypervisor, access by guest code in the VM to a physical counter and timer of the CPU; configuring, by the hypervisor, the guest code in the VM to use the physical counter and timer of the CPU rather than a virtual counter and timer of the CPU; trapping, at the hypervisor, an access to the physical counter and timer by the guest code; and executing, by the hypervisor, the access to the physical counter and timer on behalf of the guest code while compensating for an adjustment of a system count of the physical counter and timer to maintain the guest time as scaled with respect to frequency of the physical counter and timer.

    NON-UNIFIED CACHE COHERENCY MAINTENANCE FOR VIRTUAL MACHINES
    17.
    发明申请
    NON-UNIFIED CACHE COHERENCY MAINTENANCE FOR VIRTUAL MACHINES 审中-公开

    公开(公告)号:US20190227934A1

    公开(公告)日:2019-07-25

    申请号:US15878062

    申请日:2018-01-23

    Applicant: VMware, Inc.

    Inventor: Ye LI Cyprien LAPLACE Andrei WARKENTIN Alexander FAINKICHEN Regis DUCHESNE

    IPC: G06F12/0815 G06F12/0808

    Abstract: An example method of maintaining cache coherency in a virtualized computing system includes: trapping access to a memory page by guest software in a virtual machine at a hypervisor managing the virtual machine, where the memory page is not mapped in a second stage page table managed by the hypervisor; performing cache coherency maintenance for instruction and data caches of a central processing unit (CPU) in the virtualized computing system in response to the trap; mapping the memory page in the second stage page table with execute permission; and resuming execution of the virtual machine.

    MULTIPROCESSOR INITIALIZATION VIA FIRMWARE CONFIGURATION
    20.
    发明申请
    MULTIPROCESSOR INITIALIZATION VIA FIRMWARE CONFIGURATION 审中-公开

    公开(公告)号:US20170364365A1

    公开(公告)日:2017-12-21

    申请号:US15183192

    申请日:2016-06-15

    Applicant: VMware, Inc.

    Inventor: Andrei WARKENTIN Harvey TUCH Cyprien LAPLACE Alexander FAINKICHEN

    IPC: G06F9/44

    Abstract: An example method of initializing a plurality of processors in a hardware platform of computing device for use by system software executing on the hardware platform includes: parsing a descriptor table that has been loaded into memory from firmware to identify an original boot protocol for initializing at least one secondary processor of the plurality of processors; creating at least one mailbox structure in the memory associated with the at least one secondary processor; causing the at least one secondary processor to execute secondary processor initialization code stored in the memory, the secondary processor initialization code implementing a mailbox-based boot protocol that uses the at least one mailbox structure to initialize the at least one secondary processor; and modifying the descriptor table to identify the mailbox-based boot protocol for initializing the at least one secondary processor in place of the original boot protocol.

Patent Agency Ranking