-
公开(公告)号:US08489800B2
公开(公告)日:2013-07-16
申请号:US12966805
申请日:2010-12-13
IPC分类号: G06F12/10
CPC分类号: G06F12/1491 , G06F9/45558 , G06F12/1036 , G06F12/109 , G06F2009/45583
摘要: Methods for providing shadow page tables that virtualize processor memory protection. In one embodiment, virtualization software maintains the following: (a) a mapping φ from guest domain identifier to a set of shadow L2 page tables that back guest L1 sections marked with a domain identifier; and (b) with each such shadow L2 page table, a set ω of back-pointers to “potentially referencing” shadow L1 descriptors.
摘要翻译: 提供虚拟化处理器内存保护的影子页表的方法。 在一个实施例中,虚拟化软件维护以下内容:(a)从来宾域标识符到一组阴影L2页表的映射phi,其返回标记有域标识符的访客L1部分; 和(b)对于每个这样的阴影L2页表,指向“潜在地参考”阴影L1描述符的反指针的集合ω。
-
2.发明授权Virtualizing processor memory protection with “L1 iterate and L2 drop/repopulate” 有权虚拟化处理器内存保护与“L1迭代和L2丢弃/重新填充”公开(公告)号:US08832351B2
公开(公告)日:2014-09-09
申请号:US12966766
申请日:2010-12-13
CPC分类号: G06F12/1483 , G06F12/1009 , G06F12/145 , G06F2212/151
摘要: In a computing system including a processor and virtualization software including a guest operating system (OS) that utilizes a guest domain access control register (DACR) containing domain access information and guest page tables including first level page tables (L1 page tables) and second level page tables (L2 page tables), which guest page tables contain: (a) domain identifiers used to obtain domain access information from the guest DACR and (b) access permission information, wherein the domain access information and the access permission information are combined to provide an effective guest access permission, in accordance with one embodiment, a method for providing shadow page tables and processor DACR settings that virtualize processor memory protection includes: the virtualization software providing a shadow page table wherein: (a) domain identifiers in the shadow page table are used to identify domain access information in the processor DACR that are mapped from the domain access information in the guest DACR; and (b) access permissions in the shadow page table that are mapped from the effective access permission information in the guest page tables and guest DACR; wherein a memory management unit (MMU) in the processor traverses the shadow page table, accesses the processor DACR, and combines the mapped domain access information in the processor with the mapped access permission in the shadow page table to reflect the guest intended effective access permissions while isolating the guest from the virtualization software.
摘要翻译: 在包括处理器和虚拟化软件的计算系统中,包括使用包含域访问信息的访客域访问控制寄存器(DACR)的访客操作系统(OS)和包括第一级页表(L1页表)和第二级的访客页表 访客页表包含的页表(L2页表):(a)用于从访客DACR获取域访问信息的域标识符和(b)访问许可信息,其中将域访问信息和访问许可信息组合到 提供有效的访客权限,根据一个实施例,提供虚拟化处理器存储器保护的影子页表和处理器DACR设置的方法包括:虚拟化软件提供影子页表,其中:(a)影子页面中的域标识符 表用于识别从域ac映射的处理器DACR中的域访问信息 在客人DACR中查询信息; 和(b)从访客页表和访客DACR中的有效访问权限信息映射的影子页表中的访问权限; 其中,所述处理器中的存储器管理单元(MMU)遍历所述影子页表,访问所述处理器DACR,并且将所述处理器中的所映射的域访问信息与所述映射页表中的映射访问许可组合以反映所述客户预期的有效访问权限 同时将guest虚拟机与虚拟化软件隔离。
-
3.发明授权Virtualizing processor memory protection with “L1 iterate and L2 swizzle” 有权虚拟化处理器内存保护与“L1迭代和L2 swizzle”公开(公告)号:US08621136B2
公开(公告)日:2013-12-31
申请号:US12966782
申请日:2010-12-13
CPC分类号: G06F12/145 , G06F12/1009 , G06F2212/151
摘要: Methods for providing shadow page tables that virtualize processor memory protection. In one embodiment, two shadow L2 page tables are maintained for each section, for example, each 1 MB section, of guest address space covered by a shadow L1 descriptor.
摘要翻译: 提供虚拟化处理器内存保护的影子页表的方法。 在一个实施例中,对于由阴影L1描述符覆盖的每个部分(例如,每个1MB部分)的访客地址空间来维护两个影子L2页面表。
-
公开(公告)号:US20090300645A1
公开(公告)日:2009-12-03
申请号:US12466343
申请日:2009-05-14
IPC分类号: G06F9/46
CPC分类号: G06F12/1009 , G06F8/40 , G06F9/455 , G06F9/54 , G06F12/0246 , G06F12/06 , G06F12/08 , G06F12/10 , G06F12/1036 , G06F12/109 , G06F2212/151 , G06F2212/152
摘要: In a computing system having virtualization software including a guest operating system (OS), a method for executing guest OS instructions that includes: replacing each of one or more guest OS instructions with: (a) a translated instruction, which translated instruction is a one-to-one translation, or (b) a trap instruction.
摘要翻译: 在具有包括客户操作系统(OS)的虚拟化软件的计算系统中,一种用于执行客户操作系统指令的方法,所述方法包括:用以下操作来替换一个或多个客户OS指令中的每一个:(a)翻译指令, 一对一翻译,或(b)陷阱指令。
-
公开(公告)号:US08074045B2
公开(公告)日:2011-12-06
申请号:US12466293
申请日:2009-05-14
CPC分类号: G06F12/1009 , G06F8/40 , G06F9/455 , G06F9/54 , G06F12/0246 , G06F12/06 , G06F12/08 , G06F12/10 , G06F12/1036 , G06F12/109 , G06F2212/151 , G06F2212/152
摘要: In a computing system having virtualization software including a guest operating system (OS), a method for providing page tables that includes: providing a guest page table used by the guest OS and a shadow page table used by the virtualization software wherein at least a portion of the guest page table and the shadow page table share computer memory; wherein: machine pages have a predetermined size; and the virtualization software maps guest OS physical pages to machine pages at a predetermined alignment.
摘要翻译: 在具有包括客户操作系统(OS)的虚拟化软件的计算系统中,提供页表的方法包括:提供由客户操作系统使用的访客页面表和虚拟化软件使用的影子页表,其中至少一部分 的访客页表和影子页表共享电脑内存; 其中:机器页面具有预定尺寸; 并且虚拟化软件以预定的对准方式将访客操作系统物理页面映射到机器页面。
-
公开(公告)号:US09009727B2
公开(公告)日:2015-04-14
申请号:US12466343
申请日:2009-05-14
CPC分类号: G06F12/1009 , G06F8/40 , G06F9/455 , G06F9/54 , G06F12/0246 , G06F12/06 , G06F12/08 , G06F12/10 , G06F12/1036 , G06F12/109 , G06F2212/151 , G06F2212/152
摘要: In a computing system having virtualization software including a guest operating system (OS), a method for executing guest OS instructions that includes: replacing each of one or more guest OS instructions with: (a) a translated instruction, which translated instruction is a one-to-one translation, or (b) a trap instruction.
摘要翻译: 在具有包括客户操作系统(OS)的虚拟化软件的计算系统中,一种用于执行客户操作系统指令的方法,所述方法包括:用以下操作来替换一个或多个客户OS指令中的每一个:(a)翻译指令, 一对一翻译,或(b)陷阱指令。
-
7.发明授权Virtual machine execution using virtualization software with shadow page tables and address space interspersed among guest operating system address space 有权使用虚拟化软件进行虚拟机执行,其中包含阴影页表和散布在客户机操作系统地址空间之间的地址空间公开(公告)号:US08245227B2
公开(公告)日:2012-08-14
申请号:US12466325
申请日:2009-05-14
CPC分类号: G06F12/1009 , G06F8/40 , G06F9/455 , G06F9/54 , G06F12/0246 , G06F12/06 , G06F12/08 , G06F12/10 , G06F12/1036 , G06F12/109 , G06F2212/151 , G06F2212/152
摘要: In a computing system having virtualization software including a guest operating system (OS), a method for operating wherein virtualization software address space is distributed in guest OS address space that includes: granting the guest OS execute, but not read or write, access, to pages in the virtualization software address space.
摘要翻译: 在具有包括客户操作系统(OS)的虚拟化软件的计算系统中,一种操作方法,其中虚拟化软件地址空间分布在客户OS地址空间中,其包括:授权客户操作系统执行但不读取或写入访问 虚拟化软件地址空间中的页面。
-
公开(公告)号:US08127107B2
公开(公告)日:2012-02-28
申请号:US12466258
申请日:2009-05-14
CPC分类号: G06F12/1009 , G06F8/40 , G06F9/455 , G06F9/54 , G06F12/0246 , G06F12/06 , G06F12/08 , G06F12/10 , G06F12/1036 , G06F12/109 , G06F2212/151 , G06F2212/152
摘要: In a computing system having virtualization software including a guest operating system (OS), a method for providing page tables that includes: providing a guest page table used by the guest OS and a shadow page table and a shadow page directory used by the virtualization software wherein: at least a portion of the guest page table and the shadow page directory are the same; and the portions that are the same are shared in computer memory by the guest page table and the shadow page directory.
摘要翻译: 在具有包括客户操作系统(OS)的虚拟化软件的计算系统中,提供页表的方法包括:提供由客户OS使用的访客页表以及虚拟化软件使用的影子页表和影子页目录 其中:所述访客页表和所述影子页目录的至少一部分相同; 并且相同的部分由访客页表和影子页目录在计算机存储器中共享。
-
公开(公告)号:US08086822B2
公开(公告)日:2011-12-27
申请号:US12466159
申请日:2009-05-14
CPC分类号: G06F12/1009 , G06F8/40 , G06F9/455 , G06F9/54 , G06F12/0246 , G06F12/06 , G06F12/08 , G06F12/10 , G06F12/1036 , G06F12/109 , G06F2212/151 , G06F2212/152
摘要: In a computing system having virtualization software including a guest operating system (OS), a method for providing page tables that includes: providing a guest page table used by the guest OS and a shadow page table used by the virtualization software wherein at least a portion of the guest page table and the shadow page table share computer memory.
摘要翻译: 在具有包括客户操作系统(OS)的虚拟化软件的计算系统中,提供页表的方法包括:提供由客户操作系统使用的访客页面表和虚拟化软件使用的影子页表,其中至少一部分 的访客页表和影子页表共享计算机内存。
-
公开(公告)号:US08464022B2
公开(公告)日:2013-06-11
申请号:US13289170
申请日:2011-11-04
IPC分类号: G06F12/00
CPC分类号: G06F12/1009 , G06F8/40 , G06F9/455 , G06F9/54 , G06F12/0246 , G06F12/06 , G06F12/08 , G06F12/10 , G06F12/1036 , G06F12/109 , G06F2212/151 , G06F2212/152
摘要: One or more embodiments provides a shadow page table used by a virtualization software wherein at least a portion of the shadow page table shares computer memory with a guest page table used by a guest operating system (OS) and wherein the virtualization software provides a mapping of guest OS physical pages to machine pages.
摘要翻译: 一个或多个实施例提供由虚拟化软件使用的影子页表,其中,影子页表的至少一部分与由客户操作系统(OS)使用的访客页表共享计算机存储器,并且其中虚拟化软件提供映射 访客操作系统物理页面到机器页面。
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.024 秒)
