-
公开(公告)号:US09830178B2
公开(公告)日:2017-11-28
申请号:US14198685
申请日:2014-03-06
Applicant: Intel Corporation
Inventor: Jun Nakajima
CPC classification number: G06F9/45533 , G06F9/441 , G06F9/4843
Abstract: The present application is directed to dynamic reassignment for multi-OS devices. An example device may comprise equipment, at least two operating systems, a kernel for each OS to provide an interface between the OS and the equipment and a virtual machine manager (VMM). OS selection agents in each OS may interact with a kernel mode controller (KMC) in the VMM. For example, the OS selection agent may transmit a message instructing the KMC to transition the foreground OS to the background and transition a background OS to the foreground. The KMC may transmit signals to the kernels of the foreground and background operating systems causing at least one driver in the foreground OS kernel to save a current equipment state and release control over the equipment while also causing at least one driver in the background OS kernel to restore an equipment state and to take control over the equipment.
-
公开(公告)号:US09747123B2
公开(公告)日:2017-08-29
申请号:US14866187
申请日:2015-09-25
Applicant: Intel Corporation
Inventor: Jun Nakajima , Asit K. Mallick , Harshawardhan Vipat , Madhukar Tallam , Manohar R. Castelino
IPC: G06F9/455
CPC classification number: G06F9/45558 , G06F2009/45575 , G06F2009/45579 , G06F2009/45583
Abstract: Technologies for multi-level virtualization include a computing device having a processor that supports a root virtualization mode and a non-root virtualization mode. A non-root hypervisor determines whether it is executed under control of a root hypervisor, and if so, registers a callback handler and trigger conditions with the root hypervisor. The non-root hypervisor hosts one or more virtual machines. In response to a virtual machine exit, the root hypervisor determines whether a callback handler has been registered for the virtual machine exit reason and, if so, evaluates the trigger conditions associated with the callback handler. If the trigger conditions are satisfied, the root hypervisor invokes the callback handler. The callback handler may update a virtual virtualization support object based on changes made by the root hypervisor to a virtualization support object. The root hypervisor may invoke the callback handler in the non-root virtualization mode. Other embodiments are described and claimed.
-
公开(公告)号:US12248807B2
公开(公告)日:2025-03-11
申请号:US17134339
申请日:2020-12-26
Applicant: INTEL CORPORATION
Inventor: Ravi Sahita , Dror Caspi , Vincent Scarlata , Sharon Yaniv , Baruch Chaikin , Vedvyas Shanbhogue , Jun Nakajima , Arumugam Thiyagarajah , Sean Christopherson , Haidong Xia , Vinay Awasthi , Isaku Yamahata , Wei Wang , Thomas Adelmeyer
Abstract: Techniques for migration of a source protected virtual machine from a source platform to a destination platform are descried. A method of an aspect includes enforcing that bundles of state, of a first protected virtual machine (VM), received at a second platform over a stream, during an in-order phase of a migration of the first protected VM from a first platform to the second platform, are imported to a second protected VM of the second platform, in a same order that they were exported from the first protected VM. Receiving a marker over the stream marking an end of the in-order phase. Determining that all bundles of state exported from the first protected VM prior to export of the marker have been imported to the second protected VM. Starting an out-of-order phase of the migration based on the determination that said all bundles of the state exported have been imported.
-
公开(公告)号:US20180097809A1
公开(公告)日:2018-04-05
申请号:US15283208
申请日:2016-09-30
Applicant: Intel Corporation
Inventor: Somnath Chakrabarti , Mona Vij , Carlos V. Rozas , Brandon Baker , Vincent R. Scarlata , Malini K. Bhandaru , Ning Sun , Jun Nakajima , Francis X. McKeen , Simon P. Johnson
IPC: H04L29/06
CPC classification number: H04L63/10 , H04L63/08 , H04L63/126 , H04L67/10
Abstract: Particular embodiments described herein provide for receiving a request from a first cloud component in a cloud network, wherein the request is to access a key and the key allows the first cloud component to access located trusted execution environment of a second cloud component in the cloud network and allow the request on the condition that the first cloud component is authenticated. A more specific example includes determining a type for the first cloud component, and comparing the determined type of the first cloud component with a component type associated with the key. The example may also include blocking the request if the determined type of the first cloud component does not match the component type associated with the key.
-
公开(公告)号:US09781209B2
公开(公告)日:2017-10-03
申请号:US14830862
申请日:2015-08-20
Applicant: Intel Corporation
Inventor: Mesut A. Ergin , Jr-Shian Tsai , Janet Tseng , Ren Wang , Jun Nakajima , Tsung-Yuan Tai
IPC: H04L12/50 , H04L29/08 , H04L12/725 , H04L12/721 , H04L12/713 , H04L12/835 , H04L12/26
CPC classification number: H04L67/1097 , H04L43/103 , H04L45/306 , H04L45/38 , H04L45/586 , H04L47/30
Abstract: Various embodiments are generally directed to techniques for improving the efficiency of exchanging packets between pairs of VMs within a communications server. An apparatus may include a processor component; a network interface to couple the processor component to a network; a virtual switch to analyze contents of at least one packet of a set of packets to be exchanged between endpoint devices through the network and the communications server, and to route the set of packets through one or more virtual servers of multiple virtual servers based on the contents; and a transfer component of a first virtual server of the multiple virtual servers to determine whether to route the set of packets to the virtual switch or to transfer the set of packets to a second virtual server of the multiple virtual servers in a manner that bypasses the virtual switch based on a routing rule.
-
Patent Agency Ranking
公开(公告)号:US09454497B2
公开(公告)日:2016-09-27
申请号:US14460530
申请日:2014-08-15
Applicant: Intel Corporation
Inventor: Jun Nakajima , Jr-Shian Tsai , Ravi L. Sahita , Mesut A. Ergin , Edwin Verplanke , Rashmin N. Patel , Alexander W. Min , Ren Wang , Tsung-Yuan C. Tai
CPC classification number: G06F12/1475 , G06F9/455 , G06F9/45558 , G06F9/50 , G06F21/44 , G06F21/606 , G06F2009/45583 , G06F2009/45587 , G06F2212/1052 , H04L49/70
Abstract: Technologies for secure inter-virtual-machine shared memory communication include a computing device with hardware virtualization support. A virtual machine monitor (VMM) authenticates a view switch component of a target virtual machine. The VMM adds configures a secure memory view to access a shared memory segment. The shared memory segment may include memory pages of a source virtual machine or the VMM. The view switch component switches to the secure memory view without generating a virtual machine exit event, using the hardware virtualization support. The view switch component may switch to the secure memory view by modifying an extended page table (EPT) pointer. The target virtual machine accesses the shared memory segment via the secure memory view. The target virtual machine and the source virtual machine may coordinate ownership of memory pages using a secure view control structure stored in the shared memory segment. Other embodiments are described and claimed.
Abstract translation: 用于安全的虚拟机间共享存储器通信的技术包括具有硬件虚拟化支持的计算设备。 虚拟机监视器(VMM)验证目标虚拟机的视图切换组件。 VMM添加配置安全内存视图以访问共享内存段。 共享内存段可以包括源虚拟机或VMM的存储器页面。 视图切换组件切换到安全存储器视图,而不会使用硬件虚拟化支持生成虚拟机退出事件。 视图切换组件可以通过修改扩展页表(EPT)指针来切换到安全存储器视图。 目标虚拟机通过安全内存视图访问共享内存段。 目标虚拟机和源虚拟机可以使用存储在共享存储器段中的安全视图控制结构来协调存储器页的所有权。 描述和要求保护其他实施例。
-
公开(公告)号:US10713195B2
公开(公告)日:2020-07-14
申请号:US14997478
申请日:2016-01-15
Applicant: Intel Corporation
Inventor: Jr-Shian Tsai , Ravi L Sahita , Mesut A Ergin , Rajesh M Sankaran , Gilbert Neiger , Jun Nakajima , Edwin Verplanke , Barry E Huntley , Tsung-Yuan C Tai
Abstract: Embodiments of an invention interrupts between virtual machines are disclosed. In an embodiment, a processor includes an instruction unit and an execution unit, both implemented at least partially in hardware of the processor. The instruction unit is to receive an instruction to send an interrupt to a target virtual machine. The execution unit is to execute the instruction on a sending virtual machine without exiting the sending virtual machine. Execution of the instruction includes using a handle specified by the instruction to find a posted interrupt descriptor.
-
公开(公告)号:US20170206177A1
公开(公告)日:2017-07-20
申请号:US14997478
申请日:2016-01-15
Applicant: Intel Corporation
Inventor: Jr-Shian Tsai , Ravi L. Sahita , Mesut A. Ergin , Rajesh M. Sankaran , Gilbert Neiger , Jun Nakajima , Edwin Verplanke , Barry E. Huntley , Tsung-Yuan C. Tai
CPC classification number: G06F13/24 , G06F9/45558 , G06F2009/45575 , G06F2009/45579
Abstract: Embodiments of an invention interrupts between virtual machines are disclosed. In an embodiment, a processor includes an instruction unit and an execution unit, both implemented at least partially in hardware of the processor. The instruction unit is to receive an instruction to send an interrupt to a target virtual machine. The execution unit is to execute the instruction on a sending virtual machine without exiting the sending virtual machine. Execution of the instruction includes using a handle specified by the instruction to find a posted interrupt descriptor.
-
公开(公告)号:US20170090963A1
公开(公告)日:2017-03-30
申请号:US14866187
申请日:2015-09-25
Applicant: Intel Corporation
Inventor: Jun Nakajima , Asit K. Mallick , Harshawardhan Vipat , Madhukar Tallam , Manohar R. Castelino
IPC: G06F9/455
CPC classification number: G06F9/45558 , G06F2009/45575 , G06F2009/45579 , G06F2009/45583
Abstract: Technologies for multi-level virtualization include a computing device having a processor that supports a root virtualization mode and a non-root virtualization mode. A non-root hypervisor determines whether it is executed under control of a root hypervisor, and if so, registers a callback handler and trigger conditions with the root hypervisor. The non-root hypervisor hosts one or more virtual machines. In response to a virtual machine exit, the root hypervisor determines whether a callback handler has been registered for the virtual machine exit reason and, if so, evaluates the trigger conditions associated with the callback handler. If the trigger conditions are satisfied, the root hypervisor invokes the callback handler. The callback handler may update a virtual virtualization support object based on changes made by the root hypervisor to a virtualization support object. The root hypervisor may invoke the callback handler in the non-root virtualization mode. Other embodiments are described and claimed.
-
公开(公告)号:US20230161613A1
公开(公告)日:2023-05-25
申请号:US17535458
申请日:2021-11-24
Applicant: Intel Corporation
Inventor: Jaishankar Rajendran , Jun Nakajima , Prashant Kodali , Karthik Varadarajan , Premanand Sakarda , Zhiyuan Lv , Vaibhav Shankar
IPC: G06F9/455
CPC classification number: G06F9/45558 , G06F9/45545
Abstract: Techniques and mechanisms for a host passthrough to be performed based on the execution of a hardware identification instruction with a virtual machine (VM). In an embodiment, a hypervisor process sets a value of a control parameter corresponding to a resource of the VM. The control parameter indicates whether the VM resource is authorized to avail of a host passthrough functionality of a processor which executes the hypervisor process. The control parameter is evaluated, based on a central processing unit identification (CPUID) instruction of a guest operating system which is executed with the VM, to determine whether the CPUID instruction is to result in a host passthrough or a VM exit. In another embodiment, a shared memory resource is searched to determine whether execution of the CPUID instruction is to retrieve information without the use of either the host passthrough or the VM exit.
-
-
-
-
-
-
-
-
-
Search Results
12
records
(took 0.018 seconds)
