公开(公告)号：US07124273B2

公开(公告)日：2006-10-17

申请号：US10084282

申请日：2002-02-25

申请人： Andy Glew ,  Michael A. Kozuch ,  Erich S. Boleyn ,  Lawrence O. Smith, III ,  Gilbert Neiger ,  Richard Uhlig

发明人： Andy Glew ,  Michael A. Kozuch ,  Erich S. Boleyn ,  Lawrence O. Smith, III ,  Gilbert Neiger ,  Richard Uhlig

IPC分类号： G06F12/00

CPC分类号： G06F12/1036

摘要： A method and an apparatus are used to efficiently translate memory addresses. The translation scheme yields a translated address, a memory type for the translated address, and a fault bit for the translation.

公开(公告)号：US07921293B2

公开(公告)日：2011-04-05

申请号：US11340181

申请日：2006-01-24

申请人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock ,  Gilbert Neiger ,  Richard A. Uhlig ,  Bradley G. Burgess ,  David I. Poisner ,  Clifford D. Hall ,  Andy Glew ,  Lawrence O. Smith, III ,  Robert George

发明人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock ,  Gilbert Neiger ,  Richard A. Uhlig ,  Bradley G. Burgess ,  David I. Poisner ,  Clifford D. Hall ,  Andy Glew ,  Lawrence O. Smith, III ,  Robert George

IPC分类号： H04L9/00 ,  G06F21/00

CPC分类号： G06F21/57

摘要： An apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment are described. The method includes disregarding a received load secure region instruction when a currently active load secure region operation is detected. Otherwise, a memory protection element is directed, in response to the received load secure region instruction, to form a secure memory environment. Once directed, unauthorized read/write access to one or more protected memory regions are prohibited. Finally, a cryptographic hash value of the one or more protected memory regions is stored within a digest information repository as a secure software identification value. Once stored, outside agents may request access to a digitally signed software identification value to establish security verification of secure software within the secure memory environment.

摘要翻译： 描述了在多处理器环境内单方面加载安全操作系统的装置和方法。 该方法包括当检测到当前活动的负载安全区域操作时忽略接收的负载安全区域指令。 否则，响应于接收到的负载安全区域指令，引导存储器保护元件以形成安全存储器环境。 一旦定向，就禁止对一个或多个受保护的存储器区域进行未经授权的读/写访问。 最后，一个或多个受保护的存储器区域的加密散列值作为安全的软件识别值存储在摘要信息库中。 一旦存储，外部代理可以请求访问数字签名的软件标识值以建立安全存储器环境内的安全软件的安全验证。

公开(公告)号：US07024555B2

公开(公告)日：2006-04-04

申请号：US10043843

申请日：2001-11-01

申请人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock ,  Gilbert Neiger ,  Richard A. Uhlig ,  Bradley G. Burgess ,  David I. Poisner ,  Clifford D. Hall ,  Andy Glew ,  Lawrence O. Smith, III ,  Robert George

发明人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock ,  Gilbert Neiger ,  Richard A. Uhlig ,  Bradley G. Burgess ,  David I. Poisner ,  Clifford D. Hall ,  Andy Glew ,  Lawrence O. Smith, III ,  Robert George

IPC分类号： G06F1/26

CPC分类号： G06F21/57

摘要： An apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment are described. The method includes disregarding a received load secure region instruction when a currently active load secure region operation is detected. Otherwise, a memory protection element is directed, in response to the received load secure region instruction, to form a secure memory environment. Once directed, unauthorized read/write access to one or more protected memory regions are prohibited. Finally, a cryptographic hash value of the one or more protected memory regions is stored within a digest information repository as a secure software identification value. Once stored, outside agents may request access to a digitally signed software identification value in order to establish security verification of secure software within the secure memory environment.

公开(公告)号：US20130326519A1

公开(公告)日：2013-12-05

申请号：US13995317

申请日：2011-12-30

申请人： Andrew V. Anderson ,  Gilbert Neiger ,  Scott D. Rodgers ,  Lawrence O. Smith, III ,  Richard A. Uhlig ,  Steven M. Bennett

发明人： Andrew V. Anderson ,  Gilbert Neiger ,  Scott D. Rodgers ,  Lawrence O. Smith, III ,  Richard A. Uhlig ,  Steven M. Bennett

IPC分类号： G06F9/455

CPC分类号： G06F9/45533

摘要： Embodiments of apparatuses and methods for processing virtual machine control structure shadowing are disclosed. In one embodiment, an apparatus includes instruction hardware, execution hardware, and control logic. The instruction hardware is to receive instructions. A first instruction is to transfer the processor from a root mode to a non-root mode. The non-root mode is for executing guest software in a virtual machine, where the processor is the return to root mode upon the detection of a virtual machine exit event. A second instruction is to access a data structure for controlling a virtual machine. The execution hardware is to execute the instructions. The control logic is to cause the processor to access a shadow data structure instead of the data structure, without returning to the root mode for the access to be performed, when the second instruction is executed in the non-root mode.

摘要翻译： 公开了用于处理虚拟机控制结构阴影的装置和方法的实施例。 在一个实施例中，装置包括指令硬件，执行硬件和控制逻辑。 指令硬件是接收指令。 第一条指令是将处理器从根模式转移到非根模式。 非根模式用于在虚拟机中执行客户软件，其中处理器在检测虚拟机退出事件时返回到根模式。 第二条指令是访问用于控制虚拟机的数据结构。 执行硬件是执行指令。 当以非根模式执行第二指令时，控制逻辑是使处理器不用返回到执行访问的根模式而不是数据结构而不是数据结构。

公开(公告)号：US07581219B2

公开(公告)日：2009-08-25

申请号：US11095855

申请日：2005-03-30

申请人： Gilbert Neiger ,  Steven M. Bennett ,  Dion Rodgers ,  Richard A. Uhlig ,  Lawrence O. Smith, III

发明人： Gilbert Neiger ,  Steven M. Bennett ,  Dion Rodgers ,  Richard A. Uhlig ,  Lawrence O. Smith, III

IPC分类号： G06F9/455 ,  G06F21/00 ,  G06F9/46

CPC分类号： G06F21/53 ,  G06F12/1491 ,  G06F21/57 ,  G06F2221/2105

摘要： Techniques for handling certain virtualization events occurring within a virtual machine environment. More particularly, at least one embodiment of the invention pertains to handling events related to the sub-operating system mode using a dedicated virtual machine monitor (VMM) called the system management mode VMM (SVMM), which exists in a separate portion of memory from a main virtual machine monitor (MVMM) used to handle virtualization events other than those related to the sub-operating system mode. In at least one embodiment, a technique for initializing and managing transitions to and from the SVMM is disclosed.

摘要翻译： 用于处理在虚拟机环境中发生的某些虚拟化事件的技术。 更具体地，本发明的至少一个实施例涉及使用称为系统管理模式VMM（SVMM）的专用虚拟机监视器（VMM）处理与子操作系统模式相关的事件，所述专用虚拟机监视器（VMM）存在于存储器的单独部分中 主虚拟机监视器（MVMM）用于处理与子操作系统模式相关的虚拟化事件。 在至少一个实施例中，公开了用于初始化和管理到SVMM的转换的技术。

公开(公告)号：US5404473A

公开(公告)日：1995-04-04

申请号：US204612

申请日：1994-03-01

申请人： David B. Papworth ,  Michael A. Fetterman ,  Andrew F. Glew ,  Lawrence O. Smith, III ,  Michael M. Hancock ,  Beth Schultz

发明人： David B. Papworth ,  Michael A. Fetterman ,  Andrew F. Glew ,  Lawrence O. Smith, III ,  Michael M. Hancock ,  Beth Schultz

IPC分类号： G06F9/308 ,  G06F9/32 ,  G06F9/38 ,  G06F13/00

CPC分类号： G06F9/30018 ,  G06F9/325 ,  G06F9/3842

摘要： In a pipelined processor, an apparatus for handling string operations. When a string operation is received by the processor, the length of the string as specified by the programmer is stored in a register. Next, an instruction sequencer issues an instruction that computes the register value minus a pre-determined number of iterations to be issued into the pipeline. Following the instruction, the pre-determined number of iterations are issued to the pipeline. When the instruction returns with the calculated number, the instruction sequencer then knows exactly how many iterations should be executed. Any extra iterations that had initially been issued are canceled by the execution unit, and additional iterations are issued as necessary. A loop counter in the instruction sequencer is used to track the number of iterations.

摘要翻译： 在流水线处理器中，用于处理字符串操作的装置。 当处理器接收到字符串操作时，由编程器指定的字符串的长度存储在寄存器中。 接下来，指令定序器发出计算寄存器值减去要发布到流水线中的预定数量的迭代的指令。 按照该指令，将预先确定的迭代次数发布到流水线。 当指令以计算出的数字返回时，指令定序器将准确地知道应该执行多少次迭代。 最初发布的任何额外的迭代将被执行单元取消，并根据需要发出额外的迭代。 指令定序器中的循环计数器用于跟踪迭代次数。