-
公开(公告)号:US20230092808A1
公开(公告)日:2023-03-23
申请号:US17840652
申请日:2022-06-15
Applicant: MEDIATEK INC.
Inventor: Chih-Hsiang Hsiao , Pei-Lun Suei , Yu-Chi Chu
Abstract: A system for model protection includes a processor. The processor is arranged to execute a guest virtual machine (VM), a primary VM, and a hypervisor. The guest VM includes a model, and is arranged to send at least one command to a command hub. The primary VM is arranged to refer to the at least one command sent from the command hub to manage and configure a protection setting for a protected model derived from the model. The hypervisor is arranged to receive a safety setting command sent by the primary VM, and manage and configure the safety protection component according to the safety setting command, to set a read-only mode of the protected model.
-
公开(公告)号:US20230087520A1
公开(公告)日:2023-03-23
申请号:US17853950
申请日:2022-06-30
Applicant: MEDIATEK INC.
Inventor: Chih-Hsiang Hsiao , Pei-Lun Suei , Yu-Chi Chu
IPC: G06F9/455
Abstract: A system for kernel protection includes a processor and a transmission interface. The processor is arranged to execute at least one guest virtual machine (VM), at least one primary VM, and a hypervisor. The at least one guest VM is arranged to send at least one command to a command hub. The at least one primary VM is arranged to manage and configure a safety setting according to the at least one command from the command hub and at least one policy, and manage and configure a safety protection component according to the safety setting. The hypervisor is arranged to manage and configure the safety protection component according to a ground rule and at least one safety setting command from the at least one primary VM. The transmission interface is arranged to bind the at least one primary VM to the hypervisor.
-
Patent Agency Ranking
公开(公告)号:US12265838B2
公开(公告)日:2025-04-01
申请号:US17840652
申请日:2022-06-15
Applicant: MEDIATEK INC.
Inventor: Chih-Hsiang Hsiao , Pei-Lun Suei , Yu-Chi Chu
Abstract: A system for model protection includes a processor. The processor is arranged to execute a guest virtual machine (VM), a primary VM, and a hypervisor. The guest VM includes a model, and is arranged to send at least one command to a command hub. The primary VM is arranged to refer to the at least one command sent from the command hub to manage and configure a protection setting for a protected model derived from the model. The hypervisor is arranged to receive a safety setting command sent by the primary VM, and manage and configure the safety protection component according to the safety setting command, to set a read-only mode of the protected model.
-
公开(公告)号:US20240244034A1
公开(公告)日:2024-07-18
申请号:US18239729
申请日:2023-08-29
Applicant: MEDIATEK INC.
Inventor: Chih-Hsiang Hsiao , Pei-Lun Suei , Yu-Chi Chu , Yingshiuan Pan
CPC classification number: H04L63/0209 , G06F9/45558 , G06F2009/45583 , G06F2009/45587
Abstract: A computing system includes a memory, an MPU, and a processor. The MPU is arranged to: receive permission information of the memory; and perform a protection operation through a dynamic firewall. The processor is arranged to execute a root manager and a hypervisor. The root manager is arranged to provide the permission information to the MPU. The hypervisor is arranged to: receive the permission information from the MPU; set the dynamic firewall according to the permission information; and provide the dynamic firewall to the MPU.
-
公开(公告)号:US20230090251A1
公开(公告)日:2023-03-23
申请号:US17849694
申请日:2022-06-26
Applicant: MEDIATEK INC.
Inventor: Chih-Hsiang Hsiao , Pei-Lun Suei , Yu-Chi Chu
Abstract: A system for application (APP) protection includes a processor. The processor is arranged to execute a guest virtual machine (VM), at least one primary VM, a hypervisor, and a host VM, wherein at least one APP protection with at least one identification (ID) of the at least one APP running on the guest VM is downloaded to the guest VM. The hypervisor includes an install service module and a launcher module. The host VM is arranged to: receive at least one install command from the guest VM, and generate an install service command to the install service module; verify the at least one APP protection by the at least one ID and generate at least one verification result; obtain the at least one ID from the at least one primary VM according to the at least one verification result; and generate a launch command to the launcher module.
-
公开(公告)号:US20240419478A1
公开(公告)日:2024-12-19
申请号:US18743104
申请日:2024-06-14
Applicant: MEDIATEK INC.
Inventor: Chih-Hsiang Hsiao , Ze-Yu Wang , Yi-De Wu , Yu-Chi Chu
IPC: G06F9/455 , G06F9/4401
Abstract: A virtual machine (VM) operating system (OS) device assignment system includes a processor, wherein the processor is configured to execute a host VM, a hypervisor, a device assigner, and a guest VM. The host VM is arranged to generate a driving signal for driving a booting of the guest VM. The hypervisor is arranged to generate a first trigger signal according to the driving signal, for triggering assignment of at least one device. The device assigner is arranged to modify a descriptor to generate a modified descriptor for assigning the at least one device among a plurality of devices to the guest VM, and install the modified descriptor into a protected memory, wherein an OS of the guest VM is configured according to the modified descriptor.
-
公开(公告)号:US20230091722A1
公开(公告)日:2023-03-23
申请号:US17978995
申请日:2022-11-02
Applicant: MEDIATEK INC.
Inventor: Chih-Hsiang Hsiao , Hung-Wen Chien , Yu-Chi Chu , Pei-Lun Suei
IPC: G06F3/06
Abstract: A computing system includes a processor, and the processor is arranged to execute: a guest virtual machine (VM), a hypervisor, and a primary VM, wherein an operating system (OS) runs on the guest VM, and an application (APP) runs on the OS. The kernel of the OS includes a protection service module and a memory management unit (MMU) manager. The protection service module is arranged to receive at least one virtual address and a first size information sent by a client of the APP. The primary VM includes a protection manager, and the protection manager is arranged to obtain a physical address array and a second size information according to the at least one virtual address and the first size information sent by the protection service through the hypervisor.
-
-
-
-
-
-
Search Results
7
records
(took 0.008 seconds)
