公开(公告)号：US20210224090A1

公开(公告)日：2021-07-22

申请号：US16744356

申请日：2020-01-16

Applicant: VMware, Inc.

Inventor： Andrei WARKENTIN ,  Cyprien LAPLACE ,  Regis DUCHESNE ,  Alexander FAINKICHEN ,  Shruthi Muralidhara HIRIYURU ,  Ye LI

IPC: G06F9/455

Abstract: An example method of interfacing with a hypervisor in a computing system is described, which includes a processor having at least three hierarchical privilege levels including a third privilege level more privileged than a second privilege level, the second privilege level more privileged than a first privilege level. The method includes: identifying an input/output (I/O) space instruction, not supported by the processor, to be performed for backdoor communication between the hypervisor and guest software executing in a virtual machine (VM) managed by the hypervisor, the hypervisor executing at the third privilege level; writing one or more parameters to one or more registers of the processor that are mapped to one or more unsupported registers used by the I/O space instruction; writing a value indicative of the I/O space instruction to a designated register of the processor; executing an instruction, by the guest software executing at the first or second privilege level, which is trapped to the third privilege level.

公开(公告)号：US20190391814A1

公开(公告)日：2019-12-26

申请号：US16013263

申请日：2018-06-20

Applicant: VMware, Inc.

Inventor： Andrei WARKENTIN ,  Cyprien LAPLACE ,  Alexander FAINKICHEN ,  Ye LI ,  Regis DUCHESNE

IPC: G06F9/38 ,  G06F9/455 ,  G06F12/10

Abstract: An example method of implementing firmware runtime services in a computer system having a processor with a plurality of hierarchical privilege levels, the method including: calling, from software executing at a first privilege level of the processor, a runtime service stub in a firmware of the computer system; executing, by the runtime service stub, an upcall instruction from the first privilege level to a second privilege level of the processor that is more privileged than the first privilege level; and executing, by a handler, a runtime service at the second privilege level in response to execution of the upcall instruction.

公开(公告)号：US20190213095A1

公开(公告)日：2019-07-11

申请号：US15865770

申请日：2018-01-09

Applicant: VMware, Inc.

Inventor： Andrei WARKENTIN ,  Cyprien LAPLACE ,  Regis DUCHESNE ,  Ye LI ,  Alexander FAINKICHEN

IPC: G06F11/30 ,  G06F13/10 ,  G06F9/455

Abstract: A method of detecting virtualization in a computing system, which includes a processor having at least three hierarchical privilege levels including a third privilege level more privileged than a second privilege level, the second privilege level more privileged than a first privilege level, is described. The method includes: executing a program on the processor at a privilege level less privileged than the third privilege level, the program including a load-exclusive instruction of the processor, followed by at least one instruction of the processor capable of being trapped to the third privilege level, followed by a store-exclusive instruction of the processor; and determining presence or absence of virtualization software at least a portion of which executes at the third privilege level in response to a return status of the store-exclusive instruction.

公开(公告)号：US20190026232A1

公开(公告)日：2019-01-24

申请号：US15655182

申请日：2017-07-20

Applicant: VMware, Inc.

Inventor： Andrei WARKENTIN ,  Alexander FAINKICHEN ,  Cyprien LAPLACE ,  Ye LI ,  Regis DUCHESNE

IPC: G06F12/1036 ,  H04L12/801 ,  H04L12/755 ,  H04L12/24

Abstract: An example method of scanning a guest virtual address (GVA) space generated by a guest operating system executing in a virtual machine of a virtualized computing system includes setting, in a scan of the GVA space by a hypervisor that manages the virtual machine, a current GVA to a first GVA in the GVA space; executing, on a processor allocated to the virtual machine, an address translation instruction, which is in an instruction set of the processor, to perform a first address translation of the current GVA; reading a register of the processor to determine a first error resulting from the first address translation; determining, in response to the first error, a level of a faulting page table in a first page table hierarchy generated by the guest operating system; and setting the current GVA to a second GVA based on the level of the faulting page table.

公开(公告)号：US20190004965A1

公开(公告)日：2019-01-03

申请号：US15639800

申请日：2017-06-30

Applicant: VMware, Inc.

Inventor： Andrei WARKENTIN ,  Cyprien LAPLACE ,  Regis DUCHESNE ,  Alexander FAINKICHEN ,  Ye LI

IPC: G06F12/1027 ,  G06F12/1009 ,  G06F9/44

Abstract: A method of re-mapping a boot loader image from a first to a second address space includes: determining a difference in a virtual address of the boot loader image in the first and second address spaces; building page tables for a third address space that maps a code section within the boot loader image at first and second address ranges separated by the difference and the code section causes execution to jump from a first instruction in the first address range to a second instruction in the second address range; executing an instruction of the code section in the first address space using pages tables for the first address space; executing the first instruction and then the second instruction using the page tables for the third address space; and executing an instruction of the boot loader image in the second address space using page tables for the second address space.