公开(公告)号：US07257257B2

公开(公告)日：2007-08-14

申请号：US10644445

申请日：2003-08-19

申请人： Andrew V. Anderson ,  Steven M. Bennett ,  Scott H. Robinson

发明人： Andrew V. Anderson ,  Steven M. Bennett ,  Scott H. Robinson

IPC分类号： G06K9/00

CPC分类号： G06F11/1464 ,  G06F11/1451

摘要： A process is introduced that determines contour requirements from many factors. Based on the contour requirements, the process either generates at least one content-derived signature contour from either many content identifiers or at least one content-derived signature contour, or generates at least one optimized content-derived signature contour from contour-related data and either at least one content-derived signature contour or a derivation from at least one content-derived signature contour.

摘要翻译： 引入了一个从许多因素确定轮廓要求的过程。 基于轮廓要求，该过程或者从许多内容标识符或至少一个内容导出的签名轮廓生成至少一个内容导出签名轮廓，或者从轮廓相关数据生成至少一个优化的内容导出签名轮廓，以及 至少一个内容导出的签名轮廓或从至少一个内容导出的签名轮廓的派生。

公开(公告)号：US07188173B2

公开(公告)日：2007-03-06

申请号：US10262351

申请日：2002-09-30

申请人： Andrew V. Anderson ,  Scott H. Robinson

发明人： Andrew V. Anderson ,  Scott H. Robinson

IPC分类号： G06F15/16

CPC分类号： H04L63/12

摘要： A method and apparatus to enable efficient processing and transmission of network communications are described. A network transmission directed to one or more destination nodes within a network is received. One or more network transmission items are identified in the network transmission. One or more item signatures associated with the one or more network transmission items are generated. Finally, a determination is made whether the one or more network transmission items can be transmitted to the one or more destination nodes by further processing the one or more item signatures.

摘要翻译： 描述了一种能够有效地处理和传输网络通信的方法和装置。 接收到指向网络内的一个或多个目的地节点的网络传输。 在网络传输中识别一个或多个网络传输项目。 生成与一个或多个网络传输项目相关联的一个或多个项目签名。 最后，通过进一步处理一个或多个项目签名来确定是否可以将一个或多个网络传输项目发送到一个或多个目的地节点。

公开(公告)号：US07139808B2

公开(公告)日：2006-11-21

申请号：US10136756

申请日：2002-04-30

申请人： Andrew V. Anderson ,  Steven M. Bennett ,  Scott H. Robinson

发明人： Andrew V. Anderson ,  Steven M. Bennett ,  Scott H. Robinson

IPC分类号： G06F15/167 ,  G06F12/14

CPC分类号： H04L29/06 ,  H04L67/30 ,  H04L69/329

摘要： A method is presented that includes generating a content identifier for at least one article. The content identifier identifies the article. Also, determining if at least a portion of the at least one article is present on at least one device based on the content identifier. The at least one portion of the at least one article is stored if the at least one portion of the at least one article is determined to be not present on the at least one device. Also presented is a method including requesting at least one article by a content identifier representing the article. The at least one article is determined if it is present on at least one device based on the content identifier. At least one portion of the at least one article is returned if the at least one portion of the at least one article is determined to be present on the at least one device.

公开(公告)号：US10515023B2

公开(公告)日：2019-12-24

申请号：US15088739

申请日：2016-04-01

申请人： Ravi L. Sahita ,  Gilbert Neiger ,  Vedvyas Shanbhogue ,  David M. Durham ,  Andrew V. Anderson ,  David A. Koufaty ,  Asit K. Mallick ,  Arumugam Thiyagarajah ,  Barry E. Huntley ,  Deepak K. Gupta ,  Michael Lemay ,  Joseph F. Cihula ,  Baiju V. Patel

发明人： Ravi L. Sahita ,  Gilbert Neiger ,  Vedvyas Shanbhogue ,  David M. Durham ,  Andrew V. Anderson ,  David A. Koufaty ,  Asit K. Mallick ,  Arumugam Thiyagarajah ,  Barry E. Huntley ,  Deepak K. Gupta ,  Michael Lemay ,  Joseph F. Cihula ,  Baiju V. Patel

IPC分类号： G06F12/00 ,  G06F12/14 ,  G06F12/1009 ,  G06F9/455 ,  G06F12/1027 ,  G06F21/78

摘要： This disclosure is directed to a system for address mapping and translation protection. In one embodiment, processing circuitry may include a virtual machine manager (VMM) to control specific guest linear address (GLA) translations. Control may be implemented in a performance sensitive and secure manner, and may be capable of improving performance for critical linear address page walks over legacy operation by removing some or all of the cost of page walking extended page tables (EPTs) for critical mappings. Alone or in combination with the above, certain portions of a page table structure may be selectively made immutable by a VMM or early boot process using a sub-page policy (SPP). For example, SPP may enable non-volatile kernel and/or user space code and data virtual-to-physical memory mappings to be made immutable (e.g., non-writable) while allowing for modifications to non-protected portions of the OS paging structures and particularly the user space.

公开(公告)号：US09916257B2

公开(公告)日：2018-03-13

申请号：US13191327

申请日：2011-07-26

申请人： Rajesh M. Sankaran ,  Altug Koker ,  Philip R. Lantz ,  Asit K. Mallick ,  James B. Crossland ,  Aditya Navale ,  Gilbert Neiger ,  Andrew V. Anderson

发明人： Rajesh M. Sankaran ,  Altug Koker ,  Philip R. Lantz ,  Asit K. Mallick ,  James B. Crossland ,  Aditya Navale ,  Gilbert Neiger ,  Andrew V. Anderson

IPC分类号： G06F12/10 ,  G06F12/1027 ,  G06F12/1081

CPC分类号： G06F12/1027 ,  G06F12/1081 ,  G06F2212/1016 ,  G06F2212/1048 ,  G06F2212/303 ,  G06F2212/682 ,  G06F2212/683

摘要： Methods and apparatus are disclosed for efficient TLB (translation look-aside buffer) shoot-downs for heterogeneous devices sharing virtual memory in a multi-core system. Embodiments of an apparatus for efficient TLB shoot-downs may include a TLB to store virtual address translation entries, and a memory management unit, coupled with the TLB, to maintain PASID (process address space identifier) state entries corresponding to the virtual address translation entries. The PASID state entries may include an active reference state and a lazy-invalidation state. The memory management unit may perform atomic modification of PASID state entries responsive to receiving PASID state update requests from devices in the multi-core system and read the lazy-invalidation state of the PASID state entries. The memory management unit may send PASID state update responses to the devices to synchronize TLB entries prior to activation responsive to the respective lazy-invalidation state.

公开(公告)号：US09405570B2

公开(公告)日：2016-08-02

申请号：US13341891

申请日：2011-12-30

申请人： Ravi L. Sahita ,  David M. Durham ,  Gilbert Neiger ,  Andrew V. Anderson ,  Scott D. Rodgers

发明人： Ravi L. Sahita ,  David M. Durham ,  Gilbert Neiger ,  Andrew V. Anderson ,  Scott D. Rodgers

IPC分类号： G06F9/455

CPC分类号： G06F9/45558 ,  G06F2009/45583

摘要： Various embodiments of this disclosure may describe method, apparatus and system for reducing system latency caused by switching memory page permission views between programs while still protecting critical regions of the memory from attacks of malwares. Other embodiments may be disclosed and claimed.

摘要翻译： 本公开的各种实施例可以描述用于减少由程序之间切换存储​​器页面许可视图而引起的系统延迟的方法，装置和系统，同时仍保护存储器的关键区域免受恶意软件的攻击。 可以公开和要求保护其他实施例。

公开(公告)号：US08819699B2

公开(公告)日：2014-08-26

申请号：US11618446

申请日：2006-12-29

申请人： Erik C. Cota-Robles ,  Steven M. Bennett ,  Andrew V. Anderson ,  Sebastian Schoenberg

发明人： Erik C. Cota-Robles ,  Steven M. Bennett ,  Andrew V. Anderson ,  Sebastian Schoenberg

IPC分类号： G06F3/00 ,  G06F9/44 ,  G06F9/46 ,  G06F13/00

CPC分类号： G06F9/45558 ,  G06F2009/45566

摘要： Embodiments of apparatuses, methods, and systems for controlling virtual machines based on performance counters are disclosed. In one embodiment, an apparatus includes an event counter, a comparator, and virtualization control logic. The event counter is to keep an event count based on the number of occurrences of an event. The comparator is to determine whether the event count has reached a threshold value. The virtualization control logic is to transfer control of the apparatus from a guest to a host in response to the comparator determining that the event count has reached the threshold value.

摘要翻译： 公开了用于基于性能计数器来控制虚拟机的设备，方法和系统的实施例。 在一个实施例中，装置包括事件计数器，比较器和虚拟化控制逻辑。 事件计数器是根据事件的发生次数来保持事件计数。 比较器是确定事件计数是否达到阈值。 响应于比较器确定事件计数已经达到阈值，虚拟化控制逻辑是将设备从客户机的控制传送到主机。

公开(公告)号：US20130232488A1

公开(公告)日：2013-09-05

申请号：US13837737

申请日：2013-03-15

申请人： Steven M. Bennett ,  Andrew V. Anderson ,  Gilbert Neiger ,  Dion Rodgers ,  Richard A. Uhlig ,  Lawrence O. Smith ,  Barry E. Huntley

发明人： Steven M. Bennett ,  Andrew V. Anderson ,  Gilbert Neiger ,  Dion Rodgers ,  Richard A. Uhlig ,  Lawrence O. Smith ,  Barry E. Huntley

IPC分类号： G06F9/455

CPC分类号： G06F9/45533 ,  G06F9/3861 ,  G06F9/45545 ,  G06F9/4555 ,  G06F9/45558 ,  G06F9/4812 ,  G06F9/542 ,  G06F13/24 ,  G06F2009/45566

摘要： Embodiments of apparatuses and methods for processing virtualization events in a layered virtualization architecture are disclosed. In one embodiment, an apparatus includes a event logic and evaluation logic. The event logic is to recognize a virtualization event. The evaluation logic is to determine whether to transfer control from a child guest to a parent guest in response to the virtualization event.

摘要翻译： 公开了在分层虚拟化架构中处理虚拟化事件的装置和方法的实施例。 在一个实施例中，装置包括事件逻辑和评估逻辑。 事件逻辑是识别虚拟化事件。 评估逻辑是为了响应于虚拟化事件来确定是否将控制从子客户端传送到父访客。

公开(公告)号：US08370559B2

公开(公告)日：2013-02-05

申请号：US11864477

申请日：2007-09-28

申请人： Sebastian Schoenberg ,  Steven M. Bennett ,  Andrew V. Anderson

发明人： Sebastian Schoenberg ,  Steven M. Bennett ,  Andrew V. Anderson

IPC分类号： G06F12/14

CPC分类号： G06F9/45558 ,  G06F2009/45579

摘要： Embodiments of apparatuses, methods, and systems for executing a protected device model in a virtual machine are disclosed. In one embodiment, an apparatus includes recognition logic, memory management logic, control logic, and execution logic. The recognition logic is to recognize an indication, during execution of first code on a virtual machine, that the first code is attempting to access a device. The memory management logic is to prevent the virtual machine from accessing a portion of memory during execution of the first code, and to allow the virtual machine to access the portion of memory in response to the indication. The control logic is to transfer control of the apparatus from the first code to second code stored in the portion of memory, without exiting the virtual machine. The execution logic is to execute the second code to model the device.

摘要翻译： 公开了用于在虚拟机中执行受保护设备模型的装置，方法和系统的实施例。 在一个实施例中，装置包括识别逻辑，存储器管理逻辑，控制逻辑和执行逻辑。 识别逻辑是在虚拟机上执行第一代码期间识别出第一代码尝试访问设备的指示。 存储器管理逻辑是在执行第一代码期间防止虚拟机访问存储器的一部分，并且允许虚拟机响应于指示访问存储器的一部分。 控制逻辑是将装置的控制从第一代码传送到存储在存储器部分中的第二代码，而不退出虚拟机。 执行逻辑是执行第二个代码来对设备进行建模。

公开(公告)号：US08271978B2

公开(公告)日：2012-09-18

申请号：US12858461

申请日：2010-08-18

申请人： Steven M. Bennett ,  Andrew V. Anderson ,  Gilbert Neiger ,  Dion Rodgers ,  Richard A. Uhlig ,  Lawrence O. Smith ,  Barry E. Huntley

发明人： Steven M. Bennett ,  Andrew V. Anderson ,  Gilbert Neiger ,  Dion Rodgers ,  Richard A. Uhlig ,  Lawrence O. Smith ,  Barry E. Huntley

IPC分类号： G06F9/455 ,  G06F13/00 ,  G06F9/44 ,  G06F13/24 ,  G06F13/12

CPC分类号： G06F9/45533 ,  G06F9/3861 ,  G06F9/45545 ,  G06F9/4555 ,  G06F9/45558 ,  G06F9/4812 ,  G06F9/542 ,  G06F13/24 ,  G06F2009/45566

摘要： Embodiments of apparatuses and methods for processing virtualization events in a layered virtualization architecture are disclosed. In one embodiment, an apparatus includes a event logic and evaluation logic. The event logic is to recognize a virtualization event. The evaluation logic is to determine whether to transfer control from a child guest to a parent guest in response to the virtualization event.

摘要翻译： 公开了在分层虚拟化架构中处理虚拟化事件的装置和方法的实施例。 在一个实施例中，装置包括事件逻辑和评估逻辑。 事件逻辑是识别虚拟化事件。 评估逻辑是为了响应于虚拟化事件来确定是否将控制从子客户端传送到父访客。