-
公开(公告)号:US10713177B2
公开(公告)日:2020-07-14
申请号:US15260893
申请日:2016-09-09
申请人: Intel Corporation
发明人: Gilbert Neiger , Baiju V. Patel , Gur Hildesheim , Ron Rais , Andrew V. Anderson , Jason W. Brandt , David M. Durham , Barry E. Huntley , Raanan Sade , Ravi L. Sahita , Vedvyas Shanbhogue , Arumugam Thiyagarajah
IPC分类号: G06F12/1009 , G06F12/14 , G06F9/455
摘要: A processing system includes a processing core to execute a virtual machine (VM) comprising a guest operating system (OS) and a memory management unit, communicatively coupled to the processing core, comprising a storage device to store an extended page table entry (EPTE) comprising a mapping from a guest physical address (GPA) associated with the guest OS to an identifier of a memory frame, a first plurality of access right flags associated with accessing the memory frame in a first page mode referenced by an attribute of a memory page identified by the GPA, and a second plurality of access right flags associated with accessing the memory frame in a second page mode referenced by the attribute of the memory page identified by the GPA.
-
公开(公告)号:US20180060099A1
公开(公告)日:2018-03-01
申请号:US15251425
申请日:2016-08-30
申请人: INTEL CORPORATION
CPC分类号: G06F9/45558 , G06F11/221 , G06F11/3027 , G06F11/3055 , G06F12/1045 , G06F12/1475 , G06F2009/45579 , G06F2009/45583 , G06F2009/45591 , G06F2212/1008 , G06F2212/151 , G06F2212/152 , G06F2212/68
摘要: A processor may include a register to store a bus-lock-disable bit and an execution unit to execute instructions. The execution unit may receive an instruction that includes a memory access request. The execution may further determine that the memory access request requires acquiring a bus lock, and, responsive to detecting that the bus-lock-disable bit indicates that bus locks are disabled, signal a fault to an operating system.
-
公开(公告)号:US09898307B2
公开(公告)日:2018-02-20
申请号:US14976990
申请日:2015-12-21
申请人: Intel Corporation
发明人: Arumugam Thiyagarajah , Gaurav Khanna , Stalinselvaraj Jeyasingh , Sohil Mehta , Mukesh J. Jagasia
IPC分类号: G06F9/00 , G06F9/24 , G06F15/177 , G06F9/44
CPC分类号: G06F9/4406 , G06F9/4401 , G06F9/4403 , G06F9/45558 , G06F2009/45575 , G06F2009/45579
摘要: Apparatuses, methods and storage medium associated with virtual machine application processor startup, are disclosed herein. In embodiments, an apparatus for computing may include a plurality of processor cores; and a plurality of OS modules of an OS. The OS modules may include a BSP module and an AP module. The BSP module may be configured to write into a storage area a start state of an AP of a VM, while the VM is being started up; and the AP module may be configured to start the AP at the start state, directly in a protected mode of execution without first going through a real mode of execution. Other embodiments may be described and/or claimed.
-
公开(公告)号:US11144479B2
公开(公告)日:2021-10-12
申请号:US16686379
申请日:2019-11-18
申请人: Intel Corporation
发明人: Ravi L. Sahita , Gilbert Neiger , Vedvyas Shanbhogue , David M. Durham , Andrew V. Anderson , David A. Koufaty , Asit K. Mallick , Arumugam Thiyagarajah , Barry E. Huntley , Deepak K. Gupta , Michael Lemay , Joseph F. Cihula , Baiju V. Patel
IPC分类号: G06F12/00 , G06F12/14 , G06F12/1009 , G06F12/1027 , G06F9/455 , G06F21/78
摘要: This disclosure is directed to a system for address mapping and translation protection. In one embodiment, processing circuitry may include a virtual machine manager (VMM) to control specific guest linear address (GLA) translations. Control may be implemented in a performance sensitive and secure manner, and may be capable of improving performance for critical linear address page walks over legacy operation by removing some or all of the cost of page walking extended page tables (EPTs) for critical mappings. Alone or in combination with the above, certain portions of a page table structure may be selectively made immutable by a VMM or early boot process using a sub-page policy (SPP). For example, SPP may enable non-volatile kernel and/or user space code and data virtual-to-physical memory mappings to be made immutable (e.g., non-writable) while allowing for modifications to non-protected portions of the OS paging structures and particularly the user space.
-
公开(公告)号:US10705976B2
公开(公告)日:2020-07-07
申请号:US16023537
申请日:2018-06-29
申请人: Intel Corporation
发明人: Ravi Sahita , Barry E. Huntley , Vedvyas Shanbhogue , Dror Caspi , Baruch Chaikin , Gilbert Neiger , Arie Aharon , Arumugam Thiyagarajah
IPC分类号: G06F12/1036 , G06F12/14 , G06F9/455 , G06F12/109 , G06F21/53 , G06F21/78 , G06F12/1009 , G06F12/02
摘要: Examples include a processor including at least one untrusted extended page table (EPT), circuitry to execute a set of instructions of the instruction set architecture (ISA) of the processor to manage at least one secure extended page table (SEPT), and a physical address translation component to translate a guest physical address of a guest physical memory to a host physical address of a host physical memory using one of the at least one untrusted EPT and the at least one SEPT.
-
公开(公告)号:US11157303B2
公开(公告)日:2021-10-26
申请号:US16554885
申请日:2019-08-29
申请人: Intel Corporation
IPC分类号: G06F11/30 , G06F9/455 , G06F11/22 , G06F12/1045 , G06F12/14
摘要: A processor may include a register to store a bus-lock-disable bit and an execution unit to execute instructions. The execution unit may receive an instruction that includes a memory access request. The execution may further determine that the memory access request requires acquiring a bus lock, and, responsive to detecting that the bus-lock-disable bit indicates that bus locks are disabled, signal a fault to an operating system.
-
公开(公告)号:US10402218B2
公开(公告)日:2019-09-03
申请号:US15251425
申请日:2016-08-30
申请人: INTEL CORPORATION
IPC分类号: G06F11/30 , G06F9/455 , G06F11/22 , G06F12/14 , G06F12/1045
摘要: A processor may include a register to store a bus-lock-disable bit and an execution unit to execute instructions. The execution unit may receive an instruction that includes a memory access request. The execution may further determine that the memory access request requires acquiring a bus lock, and, responsive to detecting that the bus-lock-disable bit indicates that bus locks are disabled, signal a fault to an operating system.
-
公开(公告)号:US20180074969A1
公开(公告)日:2018-03-15
申请号:US15260893
申请日:2016-09-09
申请人: Intel Corporation
发明人: Gilbert Neiger , Baiju V. Patel , Gur Hildesheim , Ron Rais , Andrew V. Anderson , Jason W. Brandt , David M. Durham , Barry E. Huntley , Raanan Sade , Ravi L. Sahita , Vedvyas Shanbhogue , Arumugam Thiyagarajah
IPC分类号: G06F12/1009 , G06F12/14 , G06F9/455
CPC分类号: G06F12/1009 , G06F9/45545 , G06F9/45558 , G06F12/1441 , G06F12/145 , G06F12/1491 , G06F2009/45583 , G06F2009/45587 , G06F2212/151 , G06F2212/651
摘要: A processing system includes a processing core to execute a virtual machine (VM) comprising a guest operating system (OS) and a memory management unit, communicatively coupled to the processing core, comprising a storage device to store an extended page table entry (EPTE) comprising a mapping from a guest physical address (GPA) associated with the guest OS to an identifier of a memory frame, a first plurality of access right flags associated with accessing the memory frame in a first page mode referenced by an attribute of a memory page identified by the GPA, and a second plurality of access right flags associated with accessing the memory frame in a second page mode referenced by the attribute of the memory page identified by the GPA.
-
公开(公告)号:US20170177377A1
公开(公告)日:2017-06-22
申请号:US14976990
申请日:2015-12-21
申请人: Intel Corporation
发明人: Arumugam Thiyagarajah , Gaurav Khanna , Stalinselvaraj Jeyasingh , Sohil Mehta , Mukesh J. Jagasia
IPC分类号: G06F9/44
CPC分类号: G06F9/4406 , G06F9/4401 , G06F9/4403 , G06F9/45558 , G06F2009/45575 , G06F2009/45579
摘要: Apparatuses, methods and storage medium associated with virtual machine application processor startup, are disclosed herein. In embodiments, an apparatus for computing may include a plurality of processor cores; and a plurality of OS modules of an OS. The OS modules may include a BSP module and an AP module. The BSP module may be configured to write into a storage area a start state of an AP of a VM, while the VM is being started up; and the AP module may be configured to start the AP at the start state, directly in a protected mode of execution without first going through a real mode of execution. Other embodiments may be described and/or claimed.
-
公开(公告)号:US11436161B2
公开(公告)日:2022-09-06
申请号:US16686379
申请日:2019-11-18
申请人: Intel Corporation
发明人: Ravi L. Sahita , Gilbert Neiger , Vedvyas Shanbhogue , David M. Durham , Andrew V. Anderson , David A. Koufaty , Asit K. Mallick , Arumugam Thiyagarajah , Barry E. Huntley , Deepak K. Gupta , Michael Lemay , Joseph F. Cihula , Baiju V. Patel
IPC分类号: G06F12/00 , G06F12/14 , G06F9/455 , G06F12/1009 , G06F12/1027 , G06F21/78
摘要: This disclosure is directed to a system for address mapping and translation protection. In one embodiment, processing circuitry may include a virtual machine manager (VMM) to control specific guest linear address (GLA) translations. Control may be implemented in a performance sensitive and secure manner, and may be capable of improving performance for critical linear address page walks over legacy operation by removing some or all of the cost of page walking extended page tables (EPTs) for critical mappings. Alone or in combination with the above, certain portions of a page table structure may be selectively made immutable by a VMM or early boot process using a sub-page policy (SPP). For example, SPP may enable non-volatile kernel and/or user space code and data virtual-to-physical memory mappings to be made immutable (e.g., non-writable) while allowing for modifications to non-protected portions of the OS paging structures and particularly the user space.
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.018 秒)
