公开(公告)号：US10754794B2

公开(公告)日：2020-08-25

申请号：US15839331

申请日：2017-12-12

Applicant: Intel Corporation

Inventor： Rajesh P. Banginwar ,  Sumanth Naropanth ,  Sunil K. Notalapati Prabhakara ,  Surendra K. Singh ,  Arvind Mohan ,  Ravi L. Sahita ,  Rahil Malhotra ,  Aman Bakshi ,  Vasudevarao Kamma ,  Jyothi Nayak ,  Vivek Thakkar ,  Royston A. Pinto

IPC: G06F12/14 ,  G06F9/48 ,  G06F21/53 ,  G06F9/455 ,  G06F21/57 ,  G06F12/109 ,  G06F12/02

Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.

公开(公告)号：US20170212825A1

公开(公告)日：2017-07-27

申请号：US15403120

申请日：2017-01-10

Applicant: Intel Corporation

Inventor： Paul Caprioli ,  Matthew C. Merten ,  Muawya M. Al-Otoom ,  Omar M. Shaikh ,  Abhay S. Kanhere ,  Suresh Srinivas ,  Koichi Yamada ,  Vivek Thakkar ,  Pawel Osciak

IPC: G06F11/34 ,  G06F9/455 ,  G06F11/36 ,  G06F11/07 ,  G06F9/45

CPC classification number: G06F11/3466 ,  G06F8/40 ,  G06F8/52 ,  G06F9/3017 ,  G06F9/3842 ,  G06F9/4552 ,  G06F11/073 ,  G06F11/3616 ,  G06F11/3652

Abstract: A hardware profiling mechanism implemented by performance monitoring hardware enables page level automatic binary translation. The hardware during runtime identifies a code page in memory containing potentially optimizable instructions. The hardware requests allocation of a new page in memory associated with the code page, where the new page contains a collection of counters and each of the counters corresponds to one of the instructions in the code page. When the hardware detects a branch instruction having a branch target within the code page, it increments one of the counters that has the same position in the new page as the branch target in the code page. The execution of the code page is repeated and the counters are incremented when branch targets fall within the code page. The hardware then provides the counter values in the new page to a binary translator for binary translation.

公开(公告)号：US20160364341A1

公开(公告)日：2016-12-15

申请号：US14739560

申请日：2015-06-15

Applicant: INTEL CORPORATION

Inventor： Rajesh P. Banginwar ,  Sumanth Naropanth ,  Sunil K. Notalapati Prabhakara ,  Surendra K. Singh ,  Arvind Mohan ,  Ravi L. Sahita ,  Rahil Malhotra ,  Aman Bakshi ,  Vasudevarao Kamma ,  Jyothi Nayak ,  Vivek Thakkar ,  Royston A. Pinto

IPC: G06F12/14 ,  G06F9/48 ,  G06F21/53 ,  G06F9/455

CPC classification number: G06F12/145 ,  G06F9/45545 ,  G06F9/45558 ,  G06F9/485 ,  G06F21/53 ,  G06F21/57 ,  G06F2009/45583 ,  G06F2009/45587 ,  G06F2212/1052 ,  G06F2221/2149

Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.

Abstract translation: 数据处理系统（DPS）使用平台保护技术（PPT）来保护属于某些软件模块的部分或全部代码和数据。 PPT可以包括虚拟机监视器（VMM），以使得不可信应用和可信应用在单个操作系统（OS）之上运行，同时防止不受信任的应用访问可信应用所使用的存储器。 VMM可以使用第一扩展页表（EPT）来将访客物理地址（GPA）转换为不可信应用的第一主机物理地址（HPA）。 VMM可以使用第二EPT将GPA转换为用于可信应用的第二HPA。 第一和第二EPT可以将相同的GPA映射到不同的HPA。 描述和要求保护其他实施例。

公开(公告)号：US11467982B2

公开(公告)日：2022-10-11

申请号：US16985898

申请日：2020-08-05

Applicant: Intel Corporation

Inventor： Rajesh P. Banginwar ,  Sumanth Naropanth ,  Sunil K. Notalapati Prabhakara ,  Surendra K. Singh ,  Arvind Mohan ,  Ravi L. Sahita ,  Rahil Malhotra ,  Aman Bakshi ,  Vasudevarao Kamma ,  Jyothi Nayak ,  Vivek Thakkar ,  Royston A. Pinto

IPC: G06F12/14 ,  G06F9/48 ,  G06F21/53 ,  G06F9/455 ,  G06F21/57 ,  G06F12/109 ,  G06F12/02

Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.

公开(公告)号：US20180113817A1

公开(公告)日：2018-04-26

申请号：US15839331

申请日：2017-12-12

Applicant: Intel Corporation

Inventor： Rajesh P. Banginwar ,  Sumanth Naropanth ,  Sunil K. Notalapati Prabhakara ,  Surendra K. Singh ,  Arvind Mohan ,  Ravi L. Sahita ,  Rahil Malhotra ,  Aman Bakshi ,  Vasudevarao Kamma ,  Jyothi Nayak ,  Vivek Thakkar ,  Royston A. Pinto

IPC: G06F12/14 ,  G06F9/48 ,  G06F9/455 ,  G06F21/53

CPC classification number: G06F12/145 ,  G06F9/45545 ,  G06F9/45558 ,  G06F9/485 ,  G06F12/023 ,  G06F12/109 ,  G06F12/1491 ,  G06F21/53 ,  G06F21/57 ,  G06F2009/45583 ,  G06F2009/45587 ,  G06F2212/1052 ,  G06F2212/151 ,  G06F2212/651 ,  G06F2221/2149

Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.

公开(公告)号：US09842065B2

公开(公告)日：2017-12-12

申请号：US14739560

申请日：2015-06-15

Applicant: INTEL CORPORATION

Inventor： Rajesh P. Banginwar ,  Sumanth Naropanth ,  Sunil K. Notalapati Prabhakara ,  Surendra K. Singh ,  Arvind Mohan ,  Ravi L. Sahita ,  Rahil Malhotra ,  Aman Bakshi ,  Vasudevarao Kamma ,  Jyothi Nayak ,  Vivek Thakkar ,  Royston A. Pinto

IPC: G06F12/14 ,  G06F9/48 ,  G06F21/53 ,  G06F9/455

CPC classification number: G06F12/145 ,  G06F9/45545 ,  G06F9/45558 ,  G06F9/485 ,  G06F21/53 ,  G06F21/57 ,  G06F2009/45583 ,  G06F2009/45587 ,  G06F2212/1052 ,  G06F2221/2149

Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.

公开(公告)号：US20230030961A1

公开(公告)日：2023-02-02

申请号：US17937010

申请日：2022-09-30

Applicant: Intel Corporation

Inventor： Rajesh P. Banginwar ,  Sumanth Naropanth ,  Sunil K. Notalapati Prabhakara ,  Surendra K. Singh ,  Arvind Mohan ,  Ravi L. Sahita ,  Rahil Malhotra ,  Aman Bakshi ,  Vasudevarao Kamma ,  Jyothi Nayak ,  Vivek Thakkar ,  Royston A. Pinto

IPC: G06F12/14 ,  G06F9/48 ,  G06F21/53 ,  G06F9/455 ,  G06F21/57 ,  G06F12/109

Abstract: A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.