公开(公告)号：US20140289511A1

公开(公告)日：2014-09-25

申请号：US13848347

申请日：2013-03-21

Applicant: VMware, Inc.

Inventor： Harvey TUCH ,  Mark ZEREN ,  Craig F. NEWELL

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  G06F21/33 ,  G06F21/6218 ,  G06F21/6281 ,  H04L9/3265 ,  H04L9/3268 ,  H04L63/0272 ,  H04L63/102 ,  H04L63/168

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by initiating an SSL handshake with a client certificate request for a client SSL certificate embedded in the configuration profile. Validation against the embedded client SSL certificate implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.

Abstract translation: 运行在无线通信设备上的应用管理代理限制对设备功能的访问（例如，应用和设备特征），除非应用管理代理已经确定特定配置简档已经安装在设备上（之后应用管理代理允许访问 到设备功能，并且设备的操作系统实施配置简档中指定的策略设置）。 应用程序管理代理通过启动与配置配置文件中嵌入的客户端SSL证书的客户端证书请求的SSL握手来确认配置配置文件的存在。 对嵌入式客户端SSL证书的验证隐含地确认配置配置文件的存在并验证配置配置文件的内容。

公开(公告)号：US20160291986A1

公开(公告)日：2016-10-06

申请号：US14675381

申请日：2015-03-31

Applicant: VMWARE, INC.

Inventor： Andrei WARKENTIN ,  Alexander FAINKICHEN ,  Harvey TUCH

IPC: G06F9/44

CPC classification number: G06F9/4411

Abstract: A mapping table is passed to system software upon loading of the system software in a computer system. The mapping table is generated from a user-defined configuration file and maps device identifiers of various devices implemented in the computer system, as assigned by the device manufacturers, to device identifiers that are recognizable by the system software. The mapping is used by the system software when it performs binding of device drivers to devices so that devices that have been given generic and sometimes obscure names by the device manufacturers can still be associated with and bound to device drivers loaded by the system software.

Abstract translation: 在计算机系统中加载系统软件时，将映射表传递给系统软件。 映射表是从用户定义的配置文件生成的，并将在设备制造商分配的计算机系统中实现的各种设备的设备标识符映射到系统软件可识别的设备标识符。 当系统软件执行设备驱动程序到设备的绑定时，系统软件将使用该映射，以便设备制造商给予通用且有时是模糊的名称的设备仍然可以与系统软件加载的设备驱动程序相关联并绑定到设备驱动程序。

公开(公告)号：US20150370591A1

公开(公告)日：2015-12-24

申请号：US14312207

申请日：2014-06-23

Applicant: VMware, Inc.

Inventor： Harvey TUCH ,  Andrei WARKENTIN

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45587 ,  G06F2009/45591

Abstract: In a virtualized computer system operable in more than two hierarchical privilege levels, components of a hypervisor, which include a virtual machine kernel and virtual machine monitors (VMMs), are assigned to different privilege levels. The virtual machine kernel operates at a low privilege level to be able to exploit certain features provided by the low privilege level, and the VMMs operate at a high privilege level to support execution of virtual machines. Upon determining that a context switch from the virtual machine kernel to a VMM is to be performed, the computer system exits the low privilege level, and enters the high privilege level to execute a trampoline that supports context switches to VMMs, such as state changes, and then the VMM. The trampoline is deactivated after execution control is switched to the VMM.

Abstract translation: 在可在多于两个分层特权级别中操作的虚拟化计算机系统中，包括虚拟机内核和虚拟机监视器（VMM）的管理程序的组件被分配给不同的权限级别。 虚拟机内核在低权限级别下运行，以便能够利用低权限级别提供的某些功能，并且VMM以高权限级别运行以支持虚拟机的执行。 在确定将要执行从虚拟机内核到VMM的上下文切换时，计算机系统退出低权限级别，并且进入高权限级别以执行支持到VMM的上下文切换的蹦床，例如状态改变， 然后是VMM。 执行控制切换到VMM后，蹦床停用。

公开(公告)号：US20150222637A1

公开(公告)日：2015-08-06

申请号：US14689787

申请日：2015-04-17

Applicant: VMware, Inc.

Inventor： Perry HUNG ,  Harvey TUCH ,  Craig F. NEWELL ,  Haim TEBEKA

IPC: H04L29/06 ,  G06F9/445 ,  H04L29/08

CPC classification number: G06F8/54 ,  G06F8/61 ,  G06F9/44521 ,  G06F9/54 ,  G06F21/31 ,  G06F21/53 ,  G06F21/54 ,  G06F21/602 ,  G06F21/604 ,  G06F2221/2107 ,  G06F2221/2143 ,  G06F2221/2149 ,  H04L63/0272 ,  H04L63/10 ,  H04L63/20 ,  H04L67/146 ,  H04W12/00 ,  H04W12/02

Abstract: In an example, a method of creating a secured workspace in a mobile device includes installing an application management agent on the mobile device, wherein the application management agent is configured to communicate with a remote server to obtain a security policy. The method further includes installing a wrapped enterprise application to the mobile device. The wrapped enterprise application includes code injected therein that, when executed by the mobile device, causes the mobile device to intercept at least a portion of instructions being executed by the wrapped enterprise application and to interpose alternative instructions that comply with the security policy. The method further includes communicating among the wrapped enterprise application, the application management agent, and other wrapped enterprise applications through pasteboard and uniform resource locator (URL) handlers provided by an operating system of the mobile device.

Abstract translation: 在一个示例中，在移动设备中创建安全工作空间的方法包括在移动设备上安装应用管理代理，其中应用管理代理被配置为与远程服务器通信以获得安全策略。 该方法还包括将包装的企业应用安装到移动设备。 包装的企业应用程序包括在其中注入的代码，当由移动设备执行时，该移动设备使得移动设备拦截由被包装的企业应用执行的指令的至少一部分，并且插入符合安全策略的替代指令。 该方法还包括通过粘贴板和由移动设备的操作系统提供的统一资源定位器（URL）处理程序之间的封装的企业应用程序，应用程序管理代理程序和其他封装的企业应用程序之间进行通信。

公开(公告)号：US20140289510A1

公开(公告)日：2014-09-25

申请号：US13848333

申请日：2013-03-21

Applicant: VMware, Inc.

Inventor： Harvey TUCH ,  Mark ZEREN ,  Craig F. NEWELL

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/102 ,  G06F21/57 ,  G06F21/6281 ,  H04L9/3265 ,  H04L9/3268 ,  H04L63/0272 ,  H04L63/0823 ,  H04L67/34 ,  H04L2209/127 ,  H04L2209/80 ,  H04W12/06

Abstract: An application management agent running on a wireless communications device restricts access to device functionality (e.g., applications and device features) unless the application management agent has determined that a particular configuration profile has been installed on the device (after which the application management agent permits access to device functionality, and an operating system of the device enforces policy settings specified in the configuration profile). The application management agent confirms the presence of the configuration profile by using a validation certificate to validate against a root certificate embedded in a configuration profile installed on the device. The configuration profile is configured to be non-removable, so it cannot be remove or updated, except by another configuration profile signed by the same authority. Validation against the embedded root certificate thereby implicitly confirms the presence of the configuration profile and validates the content of the configuration profile.

Abstract translation: 运行在无线通信设备上的应用管理代理限制对设备功能的访问（例如，应用和设备特征），除非应用管理代理已经确定特定配置简档已经安装在设备上（之后应用管理代理允许访问 到设备功能，并且设备的操作系统实施配置简档中指定的策略设置）。 应用程序管理代理通过使用验证证书来验证配置配置文件的存在，以验证嵌入在设备上安装的配置文件中的根证书。 配置配置文件配置为不可移动，因此不能删除或更新，除了由同一个权限签署的其他配置配置文件外。 针对嵌入式根证书的验证从而隐含地确认配置配置文件的存在并验证配置配置文件的内容。

公开(公告)号：US20220066787A1

公开(公告)日：2022-03-03

申请号：US17403399

申请日：2021-08-16

Applicant: VMware, Inc.

Inventor： Andrei WARKENTIN ,  Harvey TUCH ,  William LAM

IPC: G06F9/4401 ,  G06F9/455 ,  G06F8/61

Abstract: Examples provide for automatically provisioning hosts in a cloud environment. A cloud daemon generates a cloud host-state configuration, for a given cloud instance of a host, stored on a cloud metadata service prior to first boot of the given cloud instance of the host. A first boot of a plurality of cloud instances of hosts is performed using a stateless, master boot image lacking host-specific configuration data. On completion of the first boot of a given cloud instance of a host, the cloud host-state configuration is installed on the master boot image to generate a self-configured boot image including host-specific configuration data for the given cloud instance of the host. A second boot is performed on the given cloud instance of the host by executing the self-configured boot image to automatically provision the given cloud instance of the host in the cloud environment.

公开(公告)号：US20170060765A1

公开(公告)日：2017-03-02

申请号：US14838541

申请日：2015-08-28

Applicant: VMware, Inc.

Inventor： Cyprien LAPLACE ,  Harvey TUCH ,  Andrei WARKENTIN ,  Adrian DRZEWIECKI

IPC: G06F12/10

CPC classification number: G06F12/0292 ,  G06F12/04 ,  G06F12/06 ,  G06F2212/151 ,  G06F2212/656

Abstract: A computer system provides a mechanism for assuring a safe, non-preemptible access to a private data area (PRDA) belonging to a CPU. PRDA accesses generally include obtaining an address of a PRDA and performing operations on the PRDA using the obtained address. Safe, non-preemptible access to a PRDA generally ensures that a context accesses the PRDA of the CPU on which the context is executing, but not the PRDA of another CPU. While a context executes on a first CPU, the context obtains the address of the PRDA. After the context is migrated to a second CPU, the context performs one or more operations on the PRDA belonging to the second CPU using the address obtained while the context executed on the first CPU. In another embodiment, preemption and possible migration of a context from one CPU to another CPU is delayed while a context executes non-preemptible code.

Abstract translation: 计算机系统提供一种用于确保对属于CPU的专用数据区（PRDA）的安全的，不可抢占的访问的机制。 PRDA访问通常包括获得PRDA的地址并使用获得的地址对PRDA执行操作。 对PRDA的安全，不可抢占的访问通常确保上下文访问上下文正在执行的CPU的PRDA，而不是另一个CPU的PRDA。 当上下文在第一个CPU上执行时，上下文获取PRDA的地址。 在将上下文迁移到第二CPU之后，上下文使用在第一CPU上执行的上下文获得的地址对属于第二CPU的PRDA执行一个或多个操作。 在另一个实施例中，上下文从一个CPU到另一个CPU的抢占和可能的迁移被延迟，而上下文执行不可抢占的代码。

公开(公告)号：US20160378696A1

公开(公告)日：2016-12-29

申请号：US14754569

申请日：2015-06-29

Applicant: VMware, Inc.

Inventor： Andrei WARKENTIN ,  Harvey TUCH ,  Alexander FAINKICHEN

IPC: G06F13/16 ,  G06F13/42

CPC classification number: G06F13/1694 ,  G06F13/4282

Abstract: Devices are emulated as PCI devices so that existing PCI drivers can be used for the devices. This is accomplished by creating a shim PCI device with a emulated PCI configuration space, accessed via a emulated PCI Extended Configuration Access Mechanism (ECAM) space which is emulated by accesses to trapped unbacked memory addresses. When system software accesses the PCI ECAM space to probe for PCI configuration data or program base address registers of the PCI ECAM space, an exception is raised and the exception is handled by a secure monitor that is executing at a higher privilege level than the system software. The secure monitor in handling the exception emulates the PCI configuration space access of the emulated PCI device corresponding to the ECAM address accessed, such that system software may discover the device and bind and appropriately configure a PCI driver to it with the right IRQ and memory base ranges.

Abstract translation: 器件被仿真为PCI器件，以便现有的PCI驱动器可用于器件。 这是通过创建具有模拟PCI配置空间的片上PCI设备来实现的，该配置空间通过仿真的PCI扩展配置访问机制（ECAM）空间来访问，该空间由被捕获的未回读存储器地址的访问模拟。 当系统软件访问PCI ECAM空间以探测PCI ECAM空间的PCI配置数据或程序基址寄存器时，会发生异常，并且由比系统软件更高的权限级别执行的安全监视器处理异常 。 处理异常时的安全监视器模拟对应于所访问的ECAM地址的仿真PCI设备的PCI配置空间访问，以便系统软件可以发现设备并使用正确的IRQ和存储器基础来绑定并适当地配置PCI驱动程序 范围。

公开(公告)号：US20150370590A1

公开(公告)日：2015-12-24

申请号：US14312175

申请日：2014-06-23

Applicant: VMware, Inc.

Inventor： Harvey TUCH ,  Andrei WARKENTIN

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F9/48 ,  G06F2009/45587

Abstract: In a virtualized computer system operable in more than two hierarchical privilege levels, components of a hypervisor, which include a virtual machine kernel and virtual machine monitors (VMMs), are assigned to different privilege levels. The virtual machine kernel operates at a low privilege level to be able to exploit certain features provided by the low privilege level, and the VMMs operate at a high privilege level to support execution of virtual machines. Upon determining that a context switch from the virtual machine kernel to a VMM is to be performed, the computer system exits the low privilege level, and enters the high privilege level to execute a trampoline that supports context switches to VMMs, such as state changes, and then the VMM. The trampoline is deactivated after execution control is switched to the VMM.

Abstract translation: 在可在多于两个分层特权级别中操作的虚拟化计算机系统中，包括虚拟机内核和虚拟机监视器（VMM）的管理程序的组件被分配给不同的权限级别。 虚拟机内核在低权限级别下运行，以便能够利用低权限级别提供的某些功能，并且VMM以高权限级别运行以支持虚拟机的执行。 在确定将要执行从虚拟机内核到VMM的上下文切换时，计算机系统退出低权限级别，并且进入高权限级别以执行支持到VMM的上下文切换的蹦床，例如状态改变， 然后是VMM。 执行控制切换到VMM后，蹦床停用。

公开(公告)号：US20140359240A1

公开(公告)日：2014-12-04

申请号：US14462364

申请日：2014-08-18

Applicant: VMware, Inc.

Inventor： Harvey TUCH ,  Prashanth P. BUNGALE ,  Scott W. DEVINE ,  Lawrence S. ROGEL

IPC: G06F12/14

CPC classification number: G06F12/1483 ,  G06F12/1009 ,  G06F12/145 ,  G06F2212/151

Abstract: A computing system includes a guest domain access control register (DACR), and guest first and second level page tables, the page tables containing domain identifiers used to obtain domain access information and access permission information, and the domain access information and the access permission information providing an effective guest access permission. The computing system provides a shadow page table, in which domain identifiers are used to identify domain access information in a processor DACR that are mapped from domain access information in the guest DACR, and in which access permissions are mapped from effective access permission information in the guest page tables and guest DACR. A memory management unit in the processor traverses the shadow page table, accesses the processor DACR, and combines the mapped domain access information in the processor with the mapped access permission in the shadow page table to reflect the guest intended effective access permissions.

Abstract translation: 计算系统包括访客域访问控制寄存器（DACR）和访客第一和第二级页表，包含用于获取域访问信息和访问许可信息的域标识符的页表，以及域访问信息和访问许可信息 提供有效的访客权限。 计算系统提供了一个影子页表，其中使用域标识符来识别处理器DACR中的域访问信息，该处理器DACR是从客户机DACR中的域访问信息映射的，并且访问权限被映射到 访客页表和客人DACR。 处理器中的存储器管理单元遍历影子页表，访问处理器DACR，并将处理器中映射的域访问信息与影子页表中的映射的访问权限组合，以反映客户预期的有效访问权限。