-
公开(公告)号:US10754794B2
公开(公告)日:2020-08-25
申请号:US15839331
申请日:2017-12-12
Applicant: Intel Corporation
Inventor: Rajesh P. Banginwar , Sumanth Naropanth , Sunil K. Notalapati Prabhakara , Surendra K. Singh , Arvind Mohan , Ravi L. Sahita , Rahil Malhotra , Aman Bakshi , Vasudevarao Kamma , Jyothi Nayak , Vivek Thakkar , Royston A. Pinto
Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.
-
Patent Agency Ranking
公开(公告)号:US20230030961A1
公开(公告)日:2023-02-02
申请号:US17937010
申请日:2022-09-30
Applicant: Intel Corporation
Inventor: Rajesh P. Banginwar , Sumanth Naropanth , Sunil K. Notalapati Prabhakara , Surendra K. Singh , Arvind Mohan , Ravi L. Sahita , Rahil Malhotra , Aman Bakshi , Vasudevarao Kamma , Jyothi Nayak , Vivek Thakkar , Royston A. Pinto
Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.
-
公开(公告)号:US20160364341A1
公开(公告)日:2016-12-15
申请号:US14739560
申请日:2015-06-15
Applicant: INTEL CORPORATION
Inventor: Rajesh P. Banginwar , Sumanth Naropanth , Sunil K. Notalapati Prabhakara , Surendra K. Singh , Arvind Mohan , Ravi L. Sahita , Rahil Malhotra , Aman Bakshi , Vasudevarao Kamma , Jyothi Nayak , Vivek Thakkar , Royston A. Pinto
CPC classification number: G06F12/145 , G06F9/45545 , G06F9/45558 , G06F9/485 , G06F21/53 , G06F21/57 , G06F2009/45583 , G06F2009/45587 , G06F2212/1052 , G06F2221/2149
Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.
Abstract translation: 数据处理系统(DPS)使用平台保护技术(PPT)来保护属于某些软件模块的部分或全部代码和数据。 PPT可以包括虚拟机监视器(VMM),以使得不可信应用和可信应用在单个操作系统(OS)之上运行,同时防止不受信任的应用访问可信应用所使用的存储器。 VMM可以使用第一扩展页表(EPT)来将访客物理地址(GPA)转换为不可信应用的第一主机物理地址(HPA)。 VMM可以使用第二EPT将GPA转换为用于可信应用的第二HPA。 第一和第二EPT可以将相同的GPA映射到不同的HPA。 描述和要求保护其他实施例。
-
公开(公告)号:US11467982B2
公开(公告)日:2022-10-11
申请号:US16985898
申请日:2020-08-05
Applicant: Intel Corporation
Inventor: Rajesh P. Banginwar , Sumanth Naropanth , Sunil K. Notalapati Prabhakara , Surendra K. Singh , Arvind Mohan , Ravi L. Sahita , Rahil Malhotra , Aman Bakshi , Vasudevarao Kamma , Jyothi Nayak , Vivek Thakkar , Royston A. Pinto
Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.
-
公开(公告)号:US20180113817A1
公开(公告)日:2018-04-26
申请号:US15839331
申请日:2017-12-12
Applicant: Intel Corporation
Inventor: Rajesh P. Banginwar , Sumanth Naropanth , Sunil K. Notalapati Prabhakara , Surendra K. Singh , Arvind Mohan , Ravi L. Sahita , Rahil Malhotra , Aman Bakshi , Vasudevarao Kamma , Jyothi Nayak , Vivek Thakkar , Royston A. Pinto
CPC classification number: G06F12/145 , G06F9/45545 , G06F9/45558 , G06F9/485 , G06F12/023 , G06F12/109 , G06F12/1491 , G06F21/53 , G06F21/57 , G06F2009/45583 , G06F2009/45587 , G06F2212/1052 , G06F2212/151 , G06F2212/651 , G06F2221/2149
Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.
-
公开(公告)号:US09842065B2
公开(公告)日:2017-12-12
申请号:US14739560
申请日:2015-06-15
Applicant: INTEL CORPORATION
Inventor: Rajesh P. Banginwar , Sumanth Naropanth , Sunil K. Notalapati Prabhakara , Surendra K. Singh , Arvind Mohan , Ravi L. Sahita , Rahil Malhotra , Aman Bakshi , Vasudevarao Kamma , Jyothi Nayak , Vivek Thakkar , Royston A. Pinto
CPC classification number: G06F12/145 , G06F9/45545 , G06F9/45558 , G06F9/485 , G06F21/53 , G06F21/57 , G06F2009/45583 , G06F2009/45587 , G06F2212/1052 , G06F2221/2149
Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.
-
-
-
-
-
Search Results
6
records
(took 0.022 seconds)
