公开(公告)号：US07024555B2

公开(公告)日：2006-04-04

申请号：US10043843

申请日：2001-11-01

申请人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock ,  Gilbert Neiger ,  Richard A. Uhlig ,  Bradley G. Burgess ,  David I. Poisner ,  Clifford D. Hall ,  Andy Glew ,  Lawrence O. Smith, III ,  Robert George

发明人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock ,  Gilbert Neiger ,  Richard A. Uhlig ,  Bradley G. Burgess ,  David I. Poisner ,  Clifford D. Hall ,  Andy Glew ,  Lawrence O. Smith, III ,  Robert George

IPC分类号： G06F1/26

CPC分类号： G06F21/57

摘要： An apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment are described. The method includes disregarding a received load secure region instruction when a currently active load secure region operation is detected. Otherwise, a memory protection element is directed, in response to the received load secure region instruction, to form a secure memory environment. Once directed, unauthorized read/write access to one or more protected memory regions are prohibited. Finally, a cryptographic hash value of the one or more protected memory regions is stored within a digest information repository as a secure software identification value. Once stored, outside agents may request access to a digitally signed software identification value in order to establish security verification of secure software within the secure memory environment.

公开(公告)号：US07921293B2

公开(公告)日：2011-04-05

申请号：US11340181

申请日：2006-01-24

申请人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock ,  Gilbert Neiger ,  Richard A. Uhlig ,  Bradley G. Burgess ,  David I. Poisner ,  Clifford D. Hall ,  Andy Glew ,  Lawrence O. Smith, III ,  Robert George

发明人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock ,  Gilbert Neiger ,  Richard A. Uhlig ,  Bradley G. Burgess ,  David I. Poisner ,  Clifford D. Hall ,  Andy Glew ,  Lawrence O. Smith, III ,  Robert George

IPC分类号： H04L9/00 ,  G06F21/00

CPC分类号： G06F21/57

摘要： An apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment are described. The method includes disregarding a received load secure region instruction when a currently active load secure region operation is detected. Otherwise, a memory protection element is directed, in response to the received load secure region instruction, to form a secure memory environment. Once directed, unauthorized read/write access to one or more protected memory regions are prohibited. Finally, a cryptographic hash value of the one or more protected memory regions is stored within a digest information repository as a secure software identification value. Once stored, outside agents may request access to a digitally signed software identification value to establish security verification of secure software within the secure memory environment.

摘要翻译： 描述了在多处理器环境内单方面加载安全操作系统的装置和方法。 该方法包括当检测到当前活动的负载安全区域操作时忽略接收的负载安全区域指令。 否则，响应于接收到的负载安全区域指令，引导存储器保护元件以形成安全存储器环境。 一旦定向，就禁止对一个或多个受保护的存储器区域进行未经授权的读/写访问。 最后，一个或多个受保护的存储器区域的加密散列值作为安全的软件识别值存储在摘要信息库中。 一旦存储，外部代理可以请求访问数字签名的软件标识值以建立安全存储器环境内的安全软件的安全验证。

公开(公告)号：US07124273B2

公开(公告)日：2006-10-17

申请号：US10084282

申请日：2002-02-25

申请人： Andy Glew ,  Michael A. Kozuch ,  Erich S. Boleyn ,  Lawrence O. Smith, III ,  Gilbert Neiger ,  Richard Uhlig

发明人： Andy Glew ,  Michael A. Kozuch ,  Erich S. Boleyn ,  Lawrence O. Smith, III ,  Gilbert Neiger ,  Richard Uhlig

IPC分类号： G06F12/00

CPC分类号： G06F12/1036

摘要： A method and an apparatus are used to efficiently translate memory addresses. The translation scheme yields a translated address, a memory type for the translated address, and a fault bit for the translation.

公开(公告)号：US08386788B2

公开(公告)日：2013-02-26

申请号：US12615475

申请日：2009-11-10

申请人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock

发明人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock

IPC分类号： H04L29/06

CPC分类号： G06F9/45533 ,  G06F9/445 ,  G06F21/57 ,  G06F21/575 ,  G06F2009/45583 ,  G06F2009/45587

摘要： A method and apparatus is provided for securing a region in a memory of a computer. According to one embodiment, the method comprises halting of all but one of a plurality of processors in a computer. The halted processors entering into a special halted state. Content is loaded into the region only after the halting of all but the one of the plurality of processors and the region is protected from access by the halted processors. The method further comprises placing the non-halted processor into a known privileged state, and causing the halted processors to exit the halted state after the non-halted processor has been placed into the known privileged state.

摘要翻译： 提供了一种用于将区域固定在计算机的存储器中的方法和装置。 根据一个实施例，该方法包括在计算机中停止多个处理器中的所有处理器中的所有处理器。 停止的处理器进入特殊的停止状态。 只有在除了多个处理器中的一个处理器之外的所有处理器停止之后，内容被加载到该区域中，并且该区域被保护以免被暂停的处理器访问。 该方法还包括将非暂停处理器置于已知特权状态，并且在非停止处理器已经被置于已知特权状态之后使得暂停的处理器退出停止状态。

公开(公告)号：US20130212313A1

公开(公告)日：2013-08-15

申请号：US13837648

申请日：2013-03-15

申请人： Eric C. Cota-Robles ,  Andy Glew ,  Stalinselvaraj Jeyasingh ,  Alain Kagi ,  Michael A. Kozuch ,  Gilbert Neiger ,  Richard Uhlig

发明人： Eric C. Cota-Robles ,  Andy Glew ,  Stalinselvaraj Jeyasingh ,  Alain Kagi ,  Michael A. Kozuch ,  Gilbert Neiger ,  Richard Uhlig

IPC分类号： G06F12/10

CPC分类号： G06F12/1027 ,  G06F9/30076 ,  G06F12/1036 ,  G06F2212/151

摘要： One embodiment of the present invention is a technique to invalidate entries in a translation lookaside buffer (TLB). A TLB in a processor has a plurality of TLB entries. Each TLB entry is associated with a virtual machine extension (VMX) tag word indicating if the associated TLB entry is invalidated according to a processor mode when an invalidation operation is performed. The processor mode is one of execution in a virtual machine (VM) and execution not in a virtual machine. The invalidation operation belongs to a non-empty set of invalidation operations composed of a union of (1) a possibly empty set of operations that invalidate a variable number of TLB entries, (2) a possibly empty set of operations that invalidate exactly one TLB entry, (3) a possibly empty set of operations that invalidate the plurality of TLB entries, (4) a possibly empty set of operations that enable and disable use of virtual memory, and (5) a possibly empty set of operations that configure physical address size, page size or other virtual memory system behavior in a manner that changes the manner in which a physical machine interprets the TLB entries.

摘要翻译： 本发明的一个实施例是使翻译后备缓冲器（TLB）中的条目无效的技术。 处理器中的TLB具有多个TLB条目。 当执行无效操作时，每个TLB条目与虚拟机扩展（VMX）标签字相关联，指示相关联的TLB条目是否根据处理器模式而无效。 处理器模式是虚拟机（VM）中的执行之一，而不是虚拟机中的执行。 无效操作属于一个无效的无效操作集合，它由（1）可能为空的操作集合组合，使一组可变数量的TLB条目无效，（2）一组可能的空白操作，使一个TLB无效 条目，（3）使多个TLB条目无效的可能的一组操作，（4）启用和禁用虚拟存储器的使用的可能的一组可能的空操作，以及（5）配置物理的可能的一组操作 地址大小，页面大小或其他虚拟内存系统行为，以改变物理机器解释TLB条目的方式。

公开(公告)号：US20120117300A1

公开(公告)日：2012-05-10

申请号：US12959109

申请日：2010-12-02

申请人： Erik C. Cota-Robles ,  Andy Glew ,  Stalinselvaraj Jeyasingh ,  Alain Kagi ,  Michael A. Kozuch ,  Gilbert Neiger ,  Richard Uhlig

发明人： Erik C. Cota-Robles ,  Andy Glew ,  Stalinselvaraj Jeyasingh ,  Alain Kagi ,  Michael A. Kozuch ,  Gilbert Neiger ,  Richard Uhlig

IPC分类号： G06F12/08

CPC分类号： G06F12/1027 ,  G06F9/30076 ,  G06F12/1036 ,  G06F2212/151

摘要： One embodiment of the present invention is a technique to invalidate entries in a translation lookaside buffer (TLB). A TLB in a processor has a plurality of TLB entries. Each TLB entry is associated with a virtual machine extension (VMX) tag word indicating if the associated TLB entry is invalidated according to a processor mode when an invalidation operation is performed. The processor mode is one of execution in a virtual machine (VM) and execution not in a virtual machine. The invalidation operation belongs to a non-empty set of invalidation operations composed of a union of (1) a possibly empty set of operations that invalidate a variable number of TLB entries, (2) a possibly empty set of operations that invalidate exactly one TLB entry, (3) a possibly empty set of operations that invalidate the plurality of TLB entries, (4) a possibly empty set of operations that enable and disable use of virtual memory, and (5) a possibly empty set of operations that configure physical address size, page size or other virtual memory system behavior in a manner that changes the manner in which a physical machine interprets the TLB entries.

摘要翻译： 本发明的一个实施例是使翻译后备缓冲器（TLB）中的条目无效的技术。 处理器中的TLB具有多个TLB条目。 当执行无效操作时，每个TLB条目与虚拟机扩展（VMX）标签字相关联，指示相关联的TLB条目是否根据处理器模式而无效。 处理器模式是虚拟机（VM）中的执行之一，而不是虚拟机中的执行。 无效操作属于一个无效的无效操作集合，它由（1）可能为空的操作集合组合，使一组可变数量的TLB条目无效，（2）一组可能的空白操作，使一个TLB无效 条目，（3）使多个TLB条目无效的可能的一组操作，（4）启用和禁用虚拟存储器的使用的可能的一组可能的空操作，以及（5）配置物理的可能的一组操作 地址大小，页面大小或其他虚拟内存系统行为，以改变物理机器解释TLB条目的方式。

公开(公告)号：US08407476B2

公开(公告)日：2013-03-26

申请号：US12615519

申请日：2009-11-10

申请人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock

发明人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock

IPC分类号： H04L29/06

CPC分类号： G06F9/45533 ,  G06F9/445 ,  G06F21/57 ,  G06F21/575 ,  G06F2009/45583 ,  G06F2009/45587

摘要： An article of manufacture is provided for securing a region in a memory of a computer. According to one embodiment, the article of manufacture comprises a machine-accessible medium including data that, when accessed by a machine, causes the machine to: halt all but one of a plurality of processing elements in a computer, where the halted processing elements enter into a special halted state; load content into the region only after the halting of all but the one of the plurality of processing elements and the region is protected from access by the halted processing elements; place the non-halted processing element into a known privileged state; and cause the halted processing elements to exit the halted state after the non-halted processing element has been placed into the known privileged state.

摘要翻译： 提供了一种用于将区域固定在计算机的存储器中的制造物品。 根据一个实施例，制品包括机器可访问介质，其包括当由机器访问时使机器停止计算机中的多个处理元件中除了一个处理元件之外的所有其中停止的处理元件进入的数据 进入特殊的停止状态; 只有在除了多个处理元件中的一个处理元件之外的所有处理器停止之后才将内容加载到该区域中，并且该区域被保护以防止被暂停的处理元件的访问; 将未停止的处理元素置于已知的特权状态; 并且在非停止处理元件已经被置于已知的特权状态之后使得暂停的处理元件退出停止状态。

公开(公告)号：US20100058076A1

公开(公告)日：2010-03-04

申请号：US12615519

申请日：2009-11-10

申请人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock

发明人： Michael A. Kozuch ,  James A. Sutton, II ,  David Grawrock

IPC分类号： G06F12/14

CPC分类号： G06F9/45533 ,  G06F9/445 ,  G06F21/57 ,  G06F21/575 ,  G06F2009/45583 ,  G06F2009/45587

摘要： An article of manufacture is provided for securing a region in a memory of a computer. According to one embodiment, the article of manufacture comprises a machine-accessible medium including data that, when accessed by a machine, causes the machine to: halt all but one of a plurality of processing elements in a computer, where the halted processing elements enter into a special halted state; load content into the region only after the halting of all but the one of the plurality of processing elements and the region is protected from access by the halted processing elements; place the non-halted processing element into a known privileged state; and cause the halted processing elements to exit the halted state after the non-halted processing element has been placed into the known privileged state.

摘要翻译： 提供了一种用于将区域固定在计算机的存储器中的制造物品。 根据一个实施例，制品包括机器可访问介质，其包括当由机器访问时使机器停止计算机中的多个处理元件中除了一个处理元件之外的所有其中停止的处理元件进入的数据 进入特殊的停止状态; 只有在除了多个处理元件中的一个处理元件之外的所有处理器停止之后才将内容加载到该区域中，并且该区域被保护以防止被暂停的处理元件的访问; 将未停止的处理元素置于已知的特权状态; 并且在非停止处理元件已经被置于已知的特权状态之后使得暂停的处理元件退出停止状态。

公开(公告)号：US08543772B2

公开(公告)日：2013-09-24

申请号：US12959109

申请日：2010-12-02

申请人： Eric C. Cota-Robles ,  Andy Glew ,  Stalinselvaraj Jeyasingh ,  Alain Kagi ,  Michael A. Kozuch ,  Gilbert Neiger ,  Richard Uhlig

发明人： Eric C. Cota-Robles ,  Andy Glew ,  Stalinselvaraj Jeyasingh ,  Alain Kagi ,  Michael A. Kozuch ,  Gilbert Neiger ,  Richard Uhlig

IPC分类号： G06F12/08

CPC分类号： G06F12/1027 ,  G06F9/30076 ,  G06F12/1036 ,  G06F2212/151

摘要： One embodiment of the present invention is a technique to invalidate entries in a translation lookaside buffer (TLB). A TLB in a processor has a plurality of TLB entries. Each TLB entry is associated with a virtual machine extension (VMX) tag word indicating if the associated TLB entry is invalidated according to a processor mode when an invalidation operation is performed. The processor mode is one of execution in a virtual machine (VM) and execution not in a virtual machine. The invalidation operation belongs to a non-empty set of invalidation operations composed of a union of (1) a possibly empty set of operations that invalidate a variable number of TLB entries, (2) a possibly empty set of operations that invalidate exactly one TLB entry, (3) a possibly empty set of operations that invalidate the plurality of TLB entries, (4) a possibly empty set of operations that enable and disable use of virtual memory, and (5) a possibly empty set of operations that configure physical address size, page size or other virtual memory system behavior in a manner that changes the manner in which a physical machine interprets the TLB entries.

摘要翻译： 本发明的一个实施例是使翻译后备缓冲器（TLB）中的条目无效的技术。 处理器中的TLB具有多个TLB条目。 当执行无效操作时，每个TLB条目与虚拟机扩展（VMX）标签字相关联，指示相关联的TLB条目是否根据处理器模式而无效。 处理器模式是虚拟机（VM）中的执行之一，而不是虚拟机中的执行。 无效操作属于一个无效的无效操作集合，它由（1）可能为空的操作集合组合，使一组可变数量的TLB条目无效，（2）一组可能的空白操作，使一个TLB无效 条目，（3）使多个TLB条目无效的可能的一组操作，（4）启用和禁用虚拟存储器的使用的可能的一组可能的空操作，以及（5）配置物理的可能的一组操作 地址大小，页面大小或其他虚拟内存系统行为，以改变物理机器解释TLB条目的方式。

公开(公告)号：US07793286B2

公开(公告)日：2010-09-07

申请号：US10324591

申请日：2002-12-19

申请人： Steven M. Bennett ,  Gilbert Neiger ,  Erik C. Cota-Robles ,  Stalinselvaraj Jeyasingh ,  Alain Kagi ,  Michael A. Kozuch ,  Richard A. Uhlig

发明人： Steven M. Bennett ,  Gilbert Neiger ,  Erik C. Cota-Robles ,  Stalinselvaraj Jeyasingh ,  Alain Kagi ,  Michael A. Kozuch ,  Richard A. Uhlig

IPC分类号： G06F9/46 ,  G06F9/455

CPC分类号： G06F9/45558 ,  G06F2009/4557

摘要： Methods and systems are provided to control transitions between a virtual machine (VM) and Virtual Machine Monitor (VMM). A processor uses state action indicators to load and/or store associated elements of machine state before completing the transition. The state action indicators may be stored in a Virtual Machine Control Structure (VMCS), predetermined, and/or calculated dynamically. In some embodiments, the values loaded can be directly acquired from the VMCS, predetermined and/or calculated dynamically. In some embodiments, the values stored may be acquired directly from machine state, predetermined and/or calculated dynamically.

摘要翻译： 提供了方法和系统来控制虚拟机（VM）和虚拟机监视器（VMM）之间的转换。 在完成转换之前，处理器使用状态动作指示器来加载和/或存储机器状态的相关元件。 状态动作指示符可以存储在虚拟机控制结构（VMCS）中，预定的和/或动态地计算。 在一些实施例中，可以从VMCS直接获取加载的值，预先确定和/或动态地计算。 在一些实施例中，存储的值可以直接从机器状态获取，预定和/或动态地计算。