公开(公告)号：US09354906B1

公开(公告)日：2016-05-31

申请号：US13468805

申请日：2012-05-10

申请人： Krzysztof Uchronski ,  Martin O'Brien ,  Jacob Gorm Hansen ,  Kiran Bondalapati ,  Ian Pratt ,  Gaurav Banga ,  Vikram Kapoor

发明人： Krzysztof Uchronski ,  Martin O'Brien ,  Jacob Gorm Hansen ,  Kiran Bondalapati ,  Ian Pratt ,  Gaurav Banga ,  Vikram Kapoor

IPC分类号： G06F9/46 ,  G06F12/00 ,  G06F9/455 ,  G06F12/10

CPC分类号： G06F9/45545 ,  G06F9/5027 ,  G06F9/5077 ,  G06F2009/45562 ,  G06F2009/45587 ,  G06F2209/5018

摘要： Managing the guest operating system's eviction of memory pages from a virtual machine. A guest operating system or a hypervisor may cause one or more memory pages within a guest physical frame to become unlikely or ineligible for selection as a candidate for eviction by the guest operating system. Each of the one or more memory pages may also reside, or be intended to reside, in the memory of one or more other virtual machines. In this way, memory pages that are shared across multiple virtual machines may become less likely to be evicted, thereby using memory more efficiently.

摘要翻译： 管理客户机操作系统从虚拟机中删除内存页面。 客户机操作系统或管理程序可能导致客户物理帧内的一个或多个存储器页面变得不太可能或不符合选择作为客户操作系统驱逐的候选者的资格。 一个或多个存储器页面中的每一个也可以驻留或者意图驻留在一个或多个其他虚拟机的存储器中。 以这种方式，跨多个虚拟机共享的内存页可能不太可能被驱逐，从而更有效地使用内存。

公开(公告)号：US09135038B1

公开(公告)日：2015-09-15

申请号：US13468742

申请日：2012-05-10

申请人： Krzysztof Uchronski ,  Martin O'Brien ,  Jacob Gorm Hansen ,  Kiran Bondalapati ,  Ian Pratt ,  Gaurav Banga ,  Vikram Kapoor

发明人： Krzysztof Uchronski ,  Martin O'Brien ,  Jacob Gorm Hansen ,  Kiran Bondalapati ,  Ian Pratt ,  Gaurav Banga ,  Vikram Kapoor

IPC分类号： G06F9/455

CPC分类号： G06F9/45533 ,  G06F9/45558 ,  G06F9/5027 ,  G06F9/5077 ,  G06F2009/45579 ,  G06F2009/45583 ,  G06F2209/5018

摘要： Reducing an amount of memory used by a virtual machine. A system includes multiple virtual machines that share common pages of memory. The number of private pages associated with each virtual machine is minimized by ensuring that pages that a guest operating system regards as now free or zeroed are efficiently mapped by the hypervisor to a shared zero page. Upon a hypervisor determining that one or more guest physical frame numbers are assigned to free memory pages, the hypervisor updates mapping data to map the one or more guest physical frame numbers to a shared zero page within the machine frame.

摘要翻译： 减少虚拟机使用的内存量。 一个系统包括多个共享共享页面的虚拟机。 通过确保客户机操作系统视为现在空闲或归零的页面被管理程序有效地映射到共享零页面，从而最小化与每个虚拟机相关联的私有页面的数量。 在管理程序确定将一个或多个客体物理帧号码分配给空闲存储器页面时，管理程序更新映射数据以将一个或多个客户物理帧号映射到机器帧内的共享零页面。

公开(公告)号：US09104544B1

公开(公告)日：2015-08-11

申请号：US13468843

申请日：2012-05-10

申请人： Krzysztof Uchronski ,  Martin O'Brien ,  Jacob Gorm Hansen ,  Kiran Bondalapati ,  Ian Pratt ,  Gaurav Banga ,  Vikram Kapoor

发明人： Krzysztof Uchronski ,  Martin O'Brien ,  Jacob Gorm Hansen ,  Kiran Bondalapati ,  Ian Pratt ,  Gaurav Banga ,  Vikram Kapoor

IPC分类号： G06F3/06 ,  G06F12/02

CPC分类号： G06F12/02 ,  G06F3/0608 ,  G06F3/0641 ,  G06F3/0671 ,  G06F9/45558 ,  G06F9/5027 ,  G06F9/5077 ,  G06F2009/45579 ,  G06F2009/45583 ,  G06F2209/5018

摘要： Mitigating eviction of the memory pages of virtualized machines. Upon detecting that a request to perform an I/O operation has been issued against a block stored a disk, a determination is made as to whether a pristine copy of the contents of the block is stored in memory. If a pristine copy of the contents of the block is stored in memory, then the request may be performed by updating mapping data that maps a page of memory to a location in memory at which the pristine copy is stored. In this way, the request is performed without performing the I/O operation against the block stored on disk. Various approaches for resharing memory, including memory of a template virtual machine, are discussed.

摘要翻译： 减轻虚拟化机器的内存页面。 在检测到针对存储的盘的块发出对I / O操作的请求时，确定块的内容的原始副本是否存储在存储器中。 如果块的内容的原始副本存储在存储器中，则可以通过更新将存储器页映射到存储原始副本的存储器中的位置的映射数据来执行请求。 以这种方式，执行请求而不对存储在磁盘上的块执行I / O操作。 讨论了重新共享内存的各种方法，包括模板虚拟机的内存。

公开(公告)号：US09792131B1

公开(公告)日：2017-10-17

申请号：US13468781

申请日：2012-05-10

申请人： Krzysztof Uchronski ,  Martin O'Brien ,  Jacob Gorm Hansen ,  Kiran Bondalapati ,  Ian Pratt ,  Gaurav Banga ,  Vikram Kapoor

发明人： Krzysztof Uchronski ,  Martin O'Brien ,  Jacob Gorm Hansen ,  Kiran Bondalapati ,  Ian Pratt ,  Gaurav Banga ,  Vikram Kapoor

IPC分类号： G06F9/455

CPC分类号： G06F9/455 ,  G06F9/45545 ,  G06F9/5027 ,  G06F9/5077 ,  G06F2009/45562 ,  G06F2009/45587 ,  G06F2209/5018

摘要： Approaches for creating a template virtual machine. An in-memory state of a virtual machine and/or a set of applications executing within the virtual machine are adjusted and/or configured based on the intended use of the template virtual machine. Thereafter, the virtual machine is established as a template virtual machine. The template virtual machine may be used to create one or more virtual machines using a copy-on-write memory process.

公开(公告)号：US08752047B2

公开(公告)日：2014-06-10

申请号：US13223091

申请日：2011-08-31

申请人： Gaurav Banga ,  Kiran Bondalapati ,  Ian Pratt ,  Vikram Kapoor

发明人： Gaurav Banga ,  Kiran Bondalapati ,  Ian Pratt ,  Vikram Kapoor

IPC分类号： G06F9/455 ,  G06F9/44 ,  G06F21/00

CPC分类号： G06F9/45533 ,  G06F9/45558 ,  G06F9/5077 ,  G06F21/53 ,  G06F2009/45587

摘要： Approaches for transferring data to a client by safely receiving the data in or more virtual machines. In response to the client determining that digital content, originating from an external source, is to be received or processed by the client, the client identifies, without human intervention, one or more virtual machines, executing or to be executed on the client, into which the digital content is to be stored. In doing so, the client may consult policy data to determine a placement policy, a containment policy, and a persistence policy for any virtual machine to receive the digital content. In this way, digital content, such as executable code or interpreted data, of unknown trustworthiness may be safely received by the client without the possibility of any malicious code therein from affecting any undesirable consequence upon the client.

摘要翻译： 通过在或多个虚拟机中安全接收数据来将数据传输到客户端的方法。 响应于客户端确定来自外部源的数字内容将被客户端接收或处理，客户端在没有人为干预的情况下识别一个或多个虚拟机，在客户机上执行或执行， 数字内容将被存储。 在这样做时，客户端可以查询策略数据以确定放置策略，收容策略和任何虚拟机接收数字内容的持久性策略。 以这种方式，客户端可以安全地接收到具有未知可信度的数字内容，例如可执行代码或解释数据，而不存在任何恶意代码在客户端上不会产生任何不良后果的可能性。

公开(公告)号：US20110296412A1

公开(公告)日：2011-12-01

申请号：US13115354

申请日：2011-05-25

申请人： Gaurav Banga ,  Ian Pratt ,  Kiran Bondalapati ,  Vikram Kapoor

发明人： Gaurav Banga ,  Ian Pratt ,  Kiran Bondalapati ,  Vikram Kapoor

IPC分类号： G06F9/455

CPC分类号： G06F9/5077 ,  G06F9/45545 ,  G06F9/5027 ,  G06F2009/45562 ,  G06F2009/45587 ,  G06F2209/5018

摘要： Approaches for executing untrusted software on a client without compromising the client using micro-virtualization to execute untrusted software in isolated contexts. A template for instantiating a virtual machine on a client is identified in response to receiving a request to execute an application. After the template is identified, without human intervention, a virtual machine is instantiated, using the template, in which the application is to be executed. The template may be selected from a plurality of templates based on the nature of the request, as each template describe characteristics of a virtual machine suitable for a different type of activity. Selected resources such as files are displayed to the virtual machines according to user and organization policies and controls. When the client determines that the application has ceased to execute, the client ceases execution of the virtual machine without human intervention.

摘要翻译： 在客户端上执行不受信任的软件的方法，而不会在使用微型虚拟化的情况下使用独立的上下文来执行不受信任的软件。 响应于接收到执行应用的请求，识别用于在客户机上实例化虚拟机的模板。 在模板被识别之后，没有人为干预，就会使用要在其中执行应用程序的模板来实例化一个虚拟机。 可以基于请求的性质从多个模板中选择模板，因为每个模板描述适合于不同类型活动的虚拟机的特征。 所选资源（如文件）将根据用户和组织策略和控件显示给虚拟机。 当客户端确定应用程序已停止执行时，客户端将在不进行人为干预的情况下停止执行虚拟机。

公开(公告)号：US10095662B1

公开(公告)日：2018-10-09

申请号：US13526409

申请日：2012-06-18

申请人： Kiran Bondalapati ,  Vikram Kapoor ,  Prakash Buddhiraja ,  Gaurav Banga ,  Ian Pratt

发明人： Kiran Bondalapati ,  Vikram Kapoor ,  Prakash Buddhiraja ,  Gaurav Banga ,  Ian Pratt

IPC分类号： G06F17/21

摘要： Approaches for synchronizing resources of a virtualized web browser. When a virtualized web browser is instructed to display a web page, a host module executing within a host operating instructs retrieves, from each of one or more virtual machines, contents for a portion of the web page. The virtualized web browser assembles the contents and displays the web page. A web browser executing in the host operating system may, but need not, retrieve any of the content displayed thereby. Instead, the content retrieved by the web browser executing in the host operating system may be retrieved by and rendered within a virtual machine. The behavior of the virtualized web browser may be configured using policy data.

公开(公告)号：US09727534B1

公开(公告)日：2017-08-08

申请号：US13526390

申请日：2012-06-18

申请人： Prakash Buddhiraja ,  Kiran Bondalapati ,  Vikram Kapoor ,  Gaurav Banga ,  Ian Pratt

发明人： Prakash Buddhiraja ,  Kiran Bondalapati ,  Vikram Kapoor ,  Gaurav Banga ,  Ian Pratt

IPC分类号： G06F17/21

CPC分类号： G06F17/21 ,  G06F17/30899 ,  H04L63/1441

摘要： Approaches for synchronizing cookie data across a virtualized web browser. When a user instructs a virtualized web browser, executing on a host operating system, to display a web page, a host module executing on the host operating system instructs a particular virtual machine to retrieve the web page within the particular virtual machine. The host module provides cookie data for the user to the guest module. The cookie data identifies one or more cookies deemed to be pertinent to the retrieval of the web page. The guest module provides, to the host module, screen data content for use in displaying the web page.

公开(公告)号：US09734131B1

公开(公告)日：2017-08-15

申请号：US13526403

申请日：2012-06-18

申请人： Kiran Bondalapati ,  Vikram Kapoor ,  Prakash Buddhiraja ,  Gaurav Banga ,  Ian Pratt

发明人： Kiran Bondalapati ,  Vikram Kapoor ,  Prakash Buddhiraja ,  Gaurav Banga ,  Ian Pratt

IPC分类号： G06F17/21

CPC分类号： G06F17/21 ,  G06F9/45533 ,  G06F17/30873

摘要： Approaches for synchronizing history data across a virtualized web browser. When a user instructs a virtualized web browser, executing on a host operating system, to display a web page, a host module executing on the host operating system may instruct a guest module executing within a particular virtual machine to retrieve the web page. The host module may provide to the guest module history data for the virtualized web browser. History data describes browsing history for the virtualized web browser, either in the current instance or for previous instances. The guest module performs operations in accordance with the history data. When the host module receives the screen data content from the guest module, the host module instructs the virtualized web browser to display the web page using the screen data content.

公开(公告)号：US09244705B1

公开(公告)日：2016-01-26

申请号：US13527542

申请日：2012-06-19

申请人： Kiran Bondalapati ,  Gaurav Banga ,  Vikram Kapoor ,  Ian Pratt

发明人： Kiran Bondalapati ,  Gaurav Banga ,  Vikram Kapoor ,  Ian Pratt

IPC分类号： G06F9/46 ,  G06F9/455

CPC分类号： G06F9/45504 ,  G06F9/45545 ,  G06F9/45558 ,  G06F9/5027 ,  G06F9/5077 ,  G06F2009/45562 ,  G06F2009/45587 ,  G06F2209/5018

摘要： Programmatically adjusting the operational state of one or more virtual machines based on policy. Resource consumption on a hardware device is monitored. A policy that considers at least a present level of resource consumption and an amount of available resources of the hardware device is consulted. An operational state of a particular virtual machine that resides on the hardware device is changed. The change in operational state may be performed to optimize performance of a virtual machine with which a user is interacting, to enforce behavior constraints upon the virtual machine, or to adjust its execution in view of the available resources on the device.

摘要翻译： 基于策略以编程方式调整一个或多个虚拟机的运行状态。 监视硬件设备上的资源消耗。 参考至少考虑了目前的资源消耗水平和硬件设备的可用资源量的策略。 驻留在硬件设备上的特定虚拟机的操作状态发生变化。 可以执行操作状态的改变以优化用户正在交互的虚拟机的性能，以强制对虚拟机的行为约束，或者根据设备上的可用资源调整其执行。