公开(公告)号：US20210311716A1

公开(公告)日：2021-10-07

申请号：US16938981

申请日：2020-07-26

Applicant: VMWARE, INC.

Inventor： Aravinda HARYADI ,  Ashish KAILA ,  Mukund GUNTI ,  Zhen YU ,  Kshitij Vijay PADALKAR

IPC: G06F8/65 ,  G06F9/455 ,  G06F8/61 ,  H04L29/08

Abstract: A desired image of a virtualization software is deployed in hosts that are located in a remote data center which is connected to a central data center over a first network having a lower bandwidth than that of a second network over which the hosts in the remote data center communicate with each other. The method of deploying the virtualization software in the hosts includes: upgrading the virtualization software in a first host of the plurality of hosts using portions of the desired image that are transmitted from the central data center to the remote data center over the first network; and upgrading the virtualization software in a second host of the plurality of hosts using portions of the desired image that are transmitted from the first host to the second host over the second network, without retransmitting the portions from the central data center to the remote data center.

公开(公告)号：US20200026857A1

公开(公告)日：2020-01-23

申请号：US16042338

申请日：2018-07-23

Applicant: VMware, Inc.

Inventor： Daniel MULLER ,  Samyuktha SUBRAMANIAN ,  Mukund GUNTI

IPC: G06F21/57 ,  G06F21/64 ,  H04L9/32 ,  G06F21/12

Abstract: An example method of authenticating software executing in a computer system includes: receiving, from the computer system over a network at a server computer, a trusted platform module (TPM) quote, an event log, and a metadata database, the TPM quote provided by a TPM in the computer system, the event log including first checksums for the software executing in the computer system, and the metadata database including second checksums of binary files stored in packages from which the software is installed; establishing a root of trust in the computer system at the server computer based on the TPM quote and the event log; and determining, at the server computer in response to establishing the root of trust, integrity of the software executing in the computer system by comparing the first checksums with the second checksums.

公开(公告)号：US20180032734A1

公开(公告)日：2018-02-01

申请号：US15223998

申请日：2016-07-29

Applicant: VMware, Inc.

Inventor： Mukund GUNTI ,  Timothy P. MANN

IPC: G06F21/57 ,  G06F9/44

CPC classification number: G06F21/575 ,  G06F9/4401 ,  G06F2221/033

Abstract: A computer system is securely booted by executing a boot firmware to locate a boot loader and verify the boot loader using a first key that is associated with the boot firmware. Upon verifying the boot loader, computer system executes the boot loader to verify a system software kernel and a secure boot verifier using a second key that is associated with the boot loader. The secure boot verifier is then executed to verify the remaining executable software modules to be loaded during boot using a third key that is associated with the secure boot verifier and a fourth key that is associated with a user of the computer system.

公开(公告)号：US20170372075A1

公开(公告)日：2017-12-28

申请号：US15191438

申请日：2016-06-23

Applicant: VMware, Inc.

Inventor： Xunjia LU ,  Xavier DEGUILLARD ,  Mukund GUNTI ,  Vishnu SEKHAR

IPC: G06F21/57 ,  G06F1/24 ,  G06F9/44 ,  H04L9/32

CPC classification number: G06F21/575 ,  G06F1/24 ,  G06F9/4403 ,  G06F9/4406 ,  G06F9/442

Abstract: A computer system is rebooted upon crash without running platform firmware and without retrieving all of the modules included in a boot image from an external source and reloading them into system memory. The reboot process includes the steps of stopping and resetting all of the processing units, except one of the processing units that detected the crash event, selecting the one processing unit to execute a reboot operation, and executing the reboot operation to reboot the computer system.

公开(公告)号：US20170372073A1

公开(公告)日：2017-12-28

申请号：US15191405

申请日：2016-06-23

Applicant: VMware, Inc.

Inventor： Mukund GUNTI ,  Timothy P. MANN

IPC: G06F21/57 ,  G06F9/44 ,  H04L9/32

CPC classification number: G06F21/575 ,  H04L9/3247

Abstract: A computer system is securely booted by executing a boot firmware to locate a boot loader and verify the boot loader using a first key that is associated with the boot firmware. Upon verifying the boot loader, computer system executes the boot loader to verify a system software kernel and a secure boot verifier using a second key that is associated with the boot loader. The secure boot verifier is then executed to verify the remaining executable software modules to be loaded during boot using a third key that is associated with the secure boot verifier.

公开(公告)号：US20170371388A1

公开(公告)日：2017-12-28

申请号：US15191444

申请日：2016-06-23

Applicant: VMware, Inc.

Inventor： Xunjia LU ,  Xavier DEGUILLARD ,  Mukund GUNTI ,  Vishnu SEKHAR

IPC: G06F1/24 ,  G06F21/57 ,  G06F9/44 ,  H04L9/32 ,  G06F1/32

CPC classification number: G06F1/24 ,  G06F1/3287 ,  G06F9/4401 ,  G06F9/4408 ,  G06F21/575 ,  H04L9/3236

Abstract: A computer system is rebooted after updating a boot image without running platform firmware with its power-on self-test of system hardware devices and without retrieving all of the modules included in a boot image from an external source and reloading them into system memory. The reboot process includes the steps of loading one or more updated modules of the boot image into the system memory, executing the boot loader module to load for execution modules of the boot image including a system software kernel and the updated modules, and transferring execution control to the system software kernel.