公开(公告)号：US10002084B1

公开(公告)日：2018-06-19

申请号：US15383572

申请日：2016-12-19

Applicant: VMware, Inc.

Inventor： Andrei Warkentin ,  Cyprien Laplace ,  Ye Li

IPC: G06F12/14 ,  G06F12/1027 ,  G06F9/455 ,  G06F12/1009

Abstract: An example method of memory management in a virtualized computing system includes: generating a page table hierarchy that includes address translations to first pages of memory that store kernel software and second pages of the memory that store user software; configuring a processor to: 1) implement a first address translation scheme, which uses a first virtual address width, for a hypervisor privilege level; 2) implement a second address translation scheme, which uses a second virtual address width, for supervisor and user privilege levels, where the first virtual address width is larger than the second virtual address width; and 3) use the page table hierarchy for each of the first and second address translation schemes; and executing the kernel software at the hypervisor privilege level and the user software at the user privilege level.

公开(公告)号：US20180095771A1

公开(公告)日：2018-04-05

申请号：US15282893

申请日：2016-09-30

Applicant: VMware, Inc.

Inventor： Andrei Warkentin ,  Harvey Tuch ,  William Lam

IPC: G06F9/44 ,  G06F9/455

CPC classification number: G06F9/4416 ,  G06F9/45558 ,  G06F2009/4557 ,  G06F2009/45595

Abstract: Examples provide for automatically provisioning hosts in a cloud environment. A cloud daemon generates a cloud host-state configuration, for a given cloud instance of a host, stored on a cloud metadata service prior to first boot of the given cloud instance of the host. A first boot of a plurality of cloud instances of hosts is performed using a stateless, master boot image lacking host-specific configuration data. On completion of the first boot of a given cloud instance of a host, the cloud host-state configuration is installed on the master boot image to generate a self-configured boot image including host-specific configuration data for the given cloud instance of the host. A second boot is performed on the given cloud instance of the host by executing the self-configured boot image to automatically provision the given cloud instance of the host in the cloud environment.

公开(公告)号：US09383935B1

公开(公告)日：2016-07-05

申请号：US14572505

申请日：2014-12-16

Applicant: VMware, Inc.

Inventor： Andrei Warkentin ,  Harvey Tuch

IPC: G06F12/10 ,  G06F3/06 ,  G06F9/44

CPC classification number: G06F3/0632 ,  G06F3/0604 ,  G06F3/0673 ,  G06F9/4401 ,  G06F9/4403 ,  G06F11/00

Abstract: In a computer system with multiple central processing units (CPUs), initialization of a memory management unit (MMU) for a secondary CPU is performed using an exception generated by the MMU. In general, this technique leverages the exception handling features of the secondary CPU to switch the CPU from executing secondary CPU initialization code with the MMU “off” to executing secondary CPU initialization code with the MMU “on.” Advantageously, in contrast to conventional techniques for MMU initialization, this exception-based technique does not require identity mapping of the secondary CPU initialization code to ensure proper execution of the secondary CPU initialization code.

Abstract translation: 在具有多个中央处理单元（CPU）的计算机系统中，使用由MMU生成的异常来执行用于辅助CPU的存储器管理单元（MMU）的初始化。 一般来说，这种技术利用辅助CPU的异常处理功能，将CPU从执行辅助CPU初始化代码的MMU“关闭”切换到执行次级CPU初始化代码，MMU“打开”。有利的是，与传统技术 对于MMU初始化，这种基于异常的技术不需要辅助CPU初始化代码的身份映射，以确保辅助CPU初始化代码的正确执行。

公开(公告)号：US12190122B2

公开(公告)日：2025-01-07

申请号：US17403399

申请日：2021-08-16

Applicant: VMware, Inc.

Inventor： Andrei Warkentin ,  Harvey Tuch ,  William Lam

IPC: G06F9/4401 ,  G06F8/61 ,  G06F9/455

Abstract: Examples provide for automatically provisioning hosts in a cloud environment. A cloud daemon generates a cloud host-state configuration, for a given cloud instance of a host, stored on a cloud metadata service prior to first boot of the given cloud instance of the host. A first boot of a plurality of cloud instances of hosts is performed using a stateless, master boot image lacking host-specific configuration data. On completion of the first boot of a given cloud instance of a host, the cloud host-state configuration is installed on the master boot image to generate a self-configured boot image including host-specific configuration data for the given cloud instance of the host. A second boot is performed on the given cloud instance of the host by executing the self-configured boot image to automatically provision the given cloud instance of the host in the cloud environment.

公开(公告)号：US12175257B2

公开(公告)日：2024-12-24

申请号：US17715288

申请日：2022-04-07

Applicant: VMware, Inc.

Inventor： Andrei Warkentin ,  Sunil Kotian

IPC: G06F9/4401

Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system (OS). A host device boots a host provisioning image, which executes a host provisioning agent. The host provisioning agent launches a server component that serves a DPU management OS. A provisioning command is transmitted to a DPU device installed to the host device. The server component transmits the DPU management OS from the host device to the DPU device. A host OS is executed once an indication that the DPU device is executing on the DPU management OS is received.

公开(公告)号：US12118362B2

公开(公告)日：2024-10-15

申请号：US17559346

申请日：2021-12-22

Applicant: VMware, Inc.

Inventor： Cyprien Laplace ,  Sunil Kumar Kotian ,  Andrei Warkentin ,  Regis Duchesne ,  Alexander Fainkichen ,  Shruthi Muralidhara Hiriyuru ,  Ye Li

IPC: G06F9/30 ,  G06F9/38 ,  G06F9/455

CPC classification number: G06F9/3861 ,  G06F9/45558

Abstract: An example method of exception handling in a computer system is described. The computer system includes a physical central processing unit (PCPU) and a system memory, the system memory storing a first stack, a second stack, and a double fault stack associated with the PCPU. The method includes: storing, by an exception handler executing in the computer system, an exception frame on the double fault stack in response to a stack overflow condition of the first stack; switching, by the exception handler, a first stack pointer of the PCPU from pointing to the first stack to pointing to the double fault stack; setting a current stack pointer of the PCPU to the first stack pointer; and executing software on the PCPU with the current stack pointer pointing to the double fault stack.

公开(公告)号：US20240163260A1

公开(公告)日：2024-05-16

申请号：US17984419

申请日：2022-11-10

Applicant: VMware, Inc.

Inventor： Andrei Warkentin ,  Adithya Uligere Narasimhamurthy ,  Alexander Fainkichen ,  Jared McNeil

IPC: H04L9/40 ,  G06F21/57

CPC classification number: H04L63/0428 ,  G06F21/572 ,  G06F2221/034

Abstract: Systems and methods are described for secure management of a data processing unit (“DPU”). In an example, a baseboard management controller (“BMC”) can provision a DPU. Provisioning can include configuring a local storage device for DPU storage and locking access to the DPU storage with an encrypted access key. To boot the DPU, the BMC can initiate DPU firmware on the DPU. The DPU firmware can retrieve the access key from the BMC and unlock the DPU storage with the access key. The DPU firmware can be configured to then delete the access key. Once the DPU storage is unlocked, the DPU firmware can load an operating system of the DPU. The BMC can be the only entity that retains the access key. To perform a secure wipe, instructions can be provided to the BMC to delete the access key, which renders the DPU storage and all data therein inaccessible.

公开(公告)号：US11803304B2

公开(公告)日：2023-10-31

申请号：US17578680

申请日：2022-01-19

Applicant: VMware, Inc.

Inventor： Andrei Warkentin ,  Sunil Kotian

IPC: G06F12/06 ,  G06F3/06 ,  G06F9/455

CPC classification number: G06F3/0608 ,  G06F3/0655 ,  G06F3/0679 ,  G06F9/45558 ,  G06F2009/45583

Abstract: Disclosed are various examples of providing efficient bit compression for direct mapping of physical memory addresses. In some examples, a hypervisor operating system component generates a mask of used address space bits indicated by memory map entries for a computing device. A longest range of unused address space bits is identified using the mask. The memory map entries are transformed to omit the longest range of unused address space bits.

公开(公告)号：US11741021B2

公开(公告)日：2023-08-29

申请号：US17577584

申请日：2022-01-18

Applicant: VMware, Inc.

Inventor： Srihari Venkatesan ,  Sunil Kotian ,  Andrei Warkentin ,  Kalaiselvi Sengottuvel

IPC: G06F12/00 ,  G06F12/14 ,  G06F12/109 ,  G06F13/42 ,  G06F9/455 ,  G06F12/02

CPC classification number: G06F12/145 ,  G06F9/45558 ,  G06F12/0238 ,  G06F12/109 ,  G06F12/1433 ,  G06F13/4221 ,  G06F2009/45583 ,  G06F2009/45587

Abstract: Disclosed are various embodiments for various approaches for implementing trust domains to provide boundaries between PCIe devices connected to the same PCIe switch. A first trust identifier can be assigned to a first virtual machine hosted by the computing device. The first trust identifier can also be assigned to a first PCIe device assigned to the first virtual machine. Later, it can be determined that a second PCIe device connected to the PCIe switch is assigned a second trust identifier assigned to a second virtual machine. An Address Control Services (ACS) direct translated bit for peer-to-peer memory requests in the PCIe switch can be disabled in response to a determination that the second PCIe device is associated with the second trust identifier assigned to the second virtual machine.

公开(公告)号：US11726852B2

公开(公告)日：2023-08-15

申请号：US17577627

申请日：2022-01-18

Applicant: VMware, Inc.

Inventor： Andrei Warkentin ,  Sunil Kotian ,  Jared McNeill ,  Shruthi Hiriyuru ,  Alexander Fainkichen

IPC: G06F11/00 ,  G06F11/07 ,  G06F9/455 ,  G06F11/14

CPC classification number: G06F11/0757 ,  G06F9/45541 ,  G06F11/0772 ,  G06F11/1417 ,  G06F11/1484

Abstract: A hardware-assisted paravirtualized hardware watchdog is described that is used to detect and recover from computer malfunctions. A computing device determines that a hardware-implemented watchdog of the computing device does not comply with predetermined watchdog criteria, where the hardware-implemented watchdog is configured to send a reset signal when a first predetermined amount of time elapses without receipt of a first refresh signal. If the hardware-implemented watchdog does not comply with the predetermined watchdog criteria, a runtime watchdog service is initialized using a second predetermined amount of time. The runtime watchdog service is directed to periodically send the refresh signal to the hardware-implemented watchdog before an expiration of the first predetermined amount of time that causes the hardware-implemented watchdog to expire. The hardware-implemented watchdog is directed to send the reset signal when the second predetermined amount of time elapses without receipt of a second refresh signal.