-
公开(公告)号:US20050235123A1
公开(公告)日:2005-10-20
申请号:US10827763
申请日:2004-04-19
申请人: Vincent Zimmer , Michael Rothman
发明人: Vincent Zimmer , Michael Rothman
CPC分类号: G06F9/5016 , G06F9/45537 , G06F12/126
摘要: An embodiment of the present invention enables the virtualizing of virtual memory in a virtual machine environment within a virtual machine monitor (VMM). Memory required for direct memory access (DMA) for device drivers, for example, is pinned by the VMM and prevented from being swapped out. The VMM may dynamically allocated memory resources to various virtual machines running in the platform. Other embodiments may be described and claimed.
摘要翻译: 本发明的一个实施例能够在虚拟机监视器(VMM)内的虚拟机环境中虚拟虚拟存储器。 例如,用于设备驱动程序的直接存储器访问(DMA)所需的存储器被VMM固定,并被阻止被交换出去。 VMM可以动态地将内存资源分配给在平台中运行的各种虚拟机。 可以描述和要求保护其他实施例。
-
公开(公告)号:US20050223291A1
公开(公告)日:2005-10-06
申请号:US10807758
申请日:2004-03-24
申请人: Vincent Zimmer , Michael Rothman
发明人: Vincent Zimmer , Michael Rothman
CPC分类号: G06F11/1433 , G06F9/4401
摘要: Methods and apparatus to provide an execution mode transition are disclosed. One example method includes receiving in an operating system runtime environment a firmware code update to be implemented in a multiprocessor system, storing the firmware code update, and issuing an interprocessor interrupt to each processor of the multiprocessor system. The method further includes storing state information for each processor of the multiprocessor system, transitioning from an operating system runtime environment to a pre-operating system environment, and implementing the firmware code update in the pre-operating system environment. The state information is then read and restored to each processor to transition from the pre-operating system environment to an operating system runtime environment.
摘要翻译: 公开了提供执行模式转换的方法和装置。 一个示例性方法包括在操作系统运行时环境中接收要在多处理器系统中实现的固件代码更新,存储固件代码更新,以及向多处理器系统的每个处理器发出处理器间中断。 该方法还包括存储多处理器系统的每个处理器的状态信息,从操作系统运行时环境转换到预操作系统环境,以及在操作前的系统环境中实现固件代码更新。 然后,状态信息被读取并恢复到每个处理器以从操作系统环境转换到操作系统运行时环境。
-
公开(公告)号:US20050216759A1
公开(公告)日:2005-09-29
申请号:US10811719
申请日:2004-03-29
申请人: Michael Rothman , Vincent Zimmer
发明人: Michael Rothman , Vincent Zimmer
CPC分类号: H04L63/1408 , G06F21/56 , G06F21/564 , G06F21/575 , H04L63/1441
摘要: A method, system and article of manufacture to virus scan input/output (I/O) traffic of a computer system. A virus scanner is initialized during a pre-boot phase of a computer system. Data read from an input/output (I/O) device of the computer system is scrubbed by the virus scanner using a virus signature database before the data is loaded. A platform policy is enacted if a virus is detected in the data.
摘要翻译: 计算机系统的病毒扫描输入/输出(I / O)流量的方法,系统和制品。 在计算机系统的预引导阶段初始化病毒扫描程序。 在数据加载之前,病毒扫描器将使用病毒库进行数据读取,从计算机系统的输入/输出(I / O)设备读取数据。 如果在数据中检测到病毒,则会制定平台策略。
-
公开(公告)号:US20050198487A1
公开(公告)日:2005-09-08
申请号:US10794690
申请日:2004-03-03
申请人: Vincent Zimmer , Michael Rothman
发明人: Vincent Zimmer , Michael Rothman
IPC分类号: G06F9/00
CPC分类号: G06F9/4411
摘要: A method and related apparatuses involve extensible framework interface (EFI) byte code images packaged within extensible markup language (XML) documents. In one embodiment, a processing system obtains an XML document, extracts an EFI byte code (EBC) image from the XML document, and then executes the EBC image. For instance, such a process may be used to obtain configuration code such as an EFI driver from a remote system. Processes are disclosed for retrieving and loading configuration code in pre-boot and runtime environments. Additional embodiments relate to XML files containing EBC images, processing systems that use EBC images from XML documents as configuration code, and processing system that provide XML documents with EBC images to other processing systems. Other embodiments are described and claimed.
摘要翻译: 一种方法和相关设备涉及在可扩展标记语言(XML)文档中打包的可扩展框架接口(EFI)字节码图像。 在一个实施例中,处理系统获得XML文档,从XML文档中提取EFI字节码(EBC)图像,然后执行EBC图像。 例如,这样的过程可以用于从远程系统获得诸如EFI驱动器的配置代码。 公开了用于在预引导和运行时环境中检索和加载配置代码的过程。 附加实施例涉及包含EBC图像的XML文件,使用来自XML文档的EBC图像作为配置代码的处理系统以及向其他处理系统提供具有EBC图像的XML文档的处理系统。 描述和要求保护其他实施例。
-
公开(公告)号:US20050177710A1
公开(公告)日:2005-08-11
申请号:US10775863
申请日:2004-02-09
申请人: Michael Rothman , Vincent Zimmer
发明人: Michael Rothman , Vincent Zimmer
IPC分类号: G06F9/445
CPC分类号: G06F9/44505 , G06F9/4401
摘要: A method and related apparatuses provide a virtual runtime interface for modifying basic input/output system (BIOS) settings. A processing system may provide the virtual runtime interface after the processing system has booted an operating system (OS). User input that specifies a modified BIOS setting may be received through the virtual runtime interface. To provide the virtual runtime interface, the system may transition from an OS context to a system management mode (SMM) context, and may determine whether the amount of time spent in the SMM context approaches an SMM time limit. If the amount of time spent in the SMM context approaches the SMM time limit, the system may automatically transition from the SMM context back to the OS context. Other embodiments are described and claimed.
摘要翻译: 方法和相关装置提供用于修改基本输入/输出系统(BIOS)设置的虚拟运行时界面。 处理系统可以在处理系统引导操作系统(OS)之后提供虚拟运行时界面。 可以通过虚拟运行时界面接收指定修改的BIOS设置的用户输入。 为了提供虚拟运行时接口,系统可以从OS上下文转换到系统管理模式(SMM)上下文,并且可以确定在SMM上下文中花费的时间量是否接近SMM时间限制。 如果在SMM上下文中花费的时间量接近SMM时间限制,则系统可能会自动从SMM上下文转换到OS上下文。 描述和要求保护其他实施例。
-
56.发明申请Method to qualify access to a block storage device via augmentation of the device's controller and firmware flow 有权通过增加设备的控制器和固件流来限制访问块存储设备的方法公开(公告)号:US20050144405A1
公开(公告)日:2005-06-30
申请号:US10746754
申请日:2003-12-24
申请人: Mark Doran , Vincent Zimmer , Michael Rothman
发明人: Mark Doran , Vincent Zimmer , Michael Rothman
CPC分类号: G06F3/0644 , G06F3/0623 , G06F3/0676
摘要: A method to qualify access to a block storage device via augmentation of the device's controller and firmware flow. The method employs one or more block exclusion vectors (BEVs) that include attributes specifying allowed access operations for corresponding block address ranges. Logic in accordance with the BEVs is programmed into the controller for the block storage device, such as a disk drive controller for a disk drive. In response to an access request, a block address range corresponding to the storage block(s) requested to be accessed is determined. Based on the BEV entries, a determination is made to whether the determined logical block address range is covered by a corresponding BEV entry. If so, the attributes of the BEV are used to determine whether the access operation is allowed. The method may be used to secure access to firmware stored on a disk drive, thus enabling a system configuration that does not require a conventional firmware storage device.
摘要翻译: 一种通过增加设备的控制器和固件流来限制访问块存储设备的方法。 该方法采用一个或多个块排除向量(BEV),其包括指定相应块地址范围的允许访问操作的属性。 根据BEV的逻辑被编程到用于块存储设备的控制器中,例如用于磁盘驱动器的磁盘驱动器控制器。 响应于访问请求,确定与请求访问的存储块相对应的块地址范围。 基于BEV条目,确定所确定的逻辑块地址范围是否被相应的BEV条目覆盖。 如果是,则使用BEV的属性来确定是否允许访问操作。 该方法可以用于保护对存储在磁盘驱动器上的固件的访问,从而实现不需要常规固件存储设备的系统配置。
-
57.发明申请Methods and apparatus for securely configuring a machine in a pre-operating system environment 审中-公开在操作系统环境中安全配置机器的方法和装置公开(公告)号:US20050114682A1
公开(公告)日:2005-05-26
申请号:US10723011
申请日:2003-11-26
申请人: Vincent Zimmer , Michael Rothman
发明人: Vincent Zimmer , Michael Rothman
CPC分类号: G06F21/572 , G06F21/51 , G06F21/575 , G06F2221/2115 , H04L9/0877 , H04L9/3234 , H04L2209/127 , H04L2209/42
摘要: Methods and apparatus for securely configuring a machine in a pre-operating system environment are disclosed. A server determines if configuration updates are available to be transmitted to various clients that are enabled to receive configuration updates in a pre-operating system environment. The server broadcasts a message indicating the availability of a configuration update and requests an attestation from each of the responding clients. The attestation may be a conventional attestation if the client is a managed client or the attestation may be a pseudo-anonymous attestation if the client is an independent client. The server verifies the authenticity of the attestation by querying a Trusted Third Party and transmits the configuration update after the client's identity has been verified. The client receives the configuration update, applies the update, and then continues its booting process.
摘要翻译: 公开了用于在操作前系统环境中安全地配置机器的方法和装置。 服务器确定配置更新是否可用于发送到能够在预操作系统环境中接收配置更新的各种客户端。 服务器广播指示配置更新可用性的消息,并请求每个响应客户端的认证。 如果客户是受管理的客户端,认证可能是常规认证,如果客户是独立客户,认证可能是伪匿名认证。 服务器通过查询受信任的第三方来验证认证的真实性,并在验证客户端的身份后发送配置更新。 客户端接收配置更新,应用更新,然后继续其启动过程。
-
58.发明申请公开(公告)号:US20050114645A1
公开(公告)日:2005-05-26
申请号:US10719788
申请日:2003-11-20
申请人: Vincent Zimmer , Michael Rothman , Mark Doran , Andrew Fish
发明人: Vincent Zimmer , Michael Rothman , Mark Doran , Andrew Fish
IPC分类号: G06F9/445 , G06F15/177
CPC分类号: G06F9/4418
摘要: A method to Suspend-and-Resume across various operational environment contexts is disclosed. An environmental context is saved in a disk partition corresponding to the saved environment. The system is suspended. Upon resume, a selected environmental context is selected for boot or resume. This method of switching contexts may also be used for trusted execution, manageability, and other purposes.
摘要翻译: 公开了一种在各种操作环境环境中挂起和恢复的方法。 环境上下文保存在与保存的环境对应的磁盘分区中。 系统暂停。 在恢复时,选择一个选定的环境上下文以进行引导或恢复。 这种切换上下文的方法也可以用于可信执行,可管理性和其他目的。
-
59.发明申请公开(公告)号:US20050071833A1
公开(公告)日:2005-03-31
申请号:US10675877
申请日:2003-09-29
申请人: Michael Rothman , Vincent Zimmer , Michael Kinney , Mark Doran
发明人: Michael Rothman , Vincent Zimmer , Michael Kinney , Mark Doran
CPC分类号: G06F9/4401
摘要: A method and system to utilize platform-based optimization routines by a computer system. An application executing on the computer system initializes a user library bound to the application. The user library requests that an optimized library be copied into the user space of the computer system. The optimized library includes functions optimized for the hardware configuration of the computer system and is advertised by the firmware of the computer system. The entry points of the optimized functions are exported to the application, the optimized functions corresponding to non-optimized functions of the application. In one embodiment, the optimized library is validated before being copied into user space.
摘要翻译: 一种利用计算机系统利用基于平台的优化程序的方法和系统。 在计算机系统上执行的应用程序初始化绑定到应用程序的用户库。 用户库请求将优化的库复制到计算机系统的用户空间中。 优化的库包括针对计算机系统的硬件配置优化的功能,并由计算机系统的固件发布。 优化功能的入口点导出到应用程序,优化的功能对应于应用程序的非优化功能。 在一个实施例中,优化的库在被复制到用户空间之前被验证。
-
60.发明申请公开(公告)号:US20050071665A1
公开(公告)日:2005-03-31
申请号:US10675508
申请日:2003-09-30
申请人: Vincent Zimmer , Michael Rothman
发明人: Vincent Zimmer , Michael Rothman
CPC分类号: G06F21/31 , G06F9/441 , G06F21/575
摘要: Methods and apparatus to associate boot objects with trust credentials are disclosed. In one example a method of booting a processor system includes accepting a selection of a desired operating system to be booted, accepting a user credential associated with a user who has selected the desired operating system to be booted, and determining if the user credential corresponds to the desired operating system to be booted. Additionally, the example disclosed method includes enabling booting of the desired operating system if the user credential corresponds to the desired operating system.
摘要翻译: 公开了将引导对象与信任凭证相关联的方法和装置。 在一个示例中,引导处理器系统的方法包括接受要引导的期望操作系统的选择,接受与已经选择了要引导的期望操作系统的用户相关联的用户凭证,以及确定用户凭证是否对应于 所需的操作系统要引导。 另外,所揭示的示例方法包括如果用户凭证对应于期望的操作系统,则启用所需操作系统的引导。
-
-
-
-
-
-
-
-
-
搜索结果
204 条记录 (耗时 0.032 秒)
