公开(公告)号：US10725932B2

公开(公告)日：2020-07-28

申请号：US16204965

申请日：2018-11-29

Applicant: QUALCOMM INCORPORATED

Inventor： Thomas Zeng ,  Samar Asbe ,  Adam Openshaw

IPC: G06F12/00 ,  G06F12/1027 ,  G06F9/455

Abstract: Systems, methods, and computer programs are disclosed for optimizing headless virtual memory management in a system on chip (SoC) with global translation lookaside buffer shootdown. The SoC comprises an application processor configured to execute a headful virtual machine and one or more SoC processing devices configured to execute a corresponding headless virtual machine. The method comprises issuing a virtual machine mapping command with a headless virtual machine having a first virtual machine identifier. In response to the virtual machine mapping command, a current value stored in a hardware register in the application processor is saved. The first virtual machine identifier associated with the headless virtual machine is loaded into the hardware register. A translation lookaside buffer (TLB) invalidate command is issued while the first virtual machine identifier is loaded in the hardware register. Upon completion of translation lookaside buffer synchronization, the current value is restored to the hardware register.

公开(公告)号：US20180136967A1

公开(公告)日：2018-05-17

申请号：US15354791

申请日：2016-11-17

Applicant: QUALCOMM Incorporated

Inventor： Samar Asbe ,  Qazi Bashir ,  Vipul Gandhi ,  Chris Henroid ,  Mitchel Allen Humpherys ,  Olav Haugan ,  Daren Hall ,  Adam Openshaw ,  Priyesh Sanghvi ,  Brijen Raval

IPC: G06F9/46 ,  G06F21/53 ,  G06F9/455

CPC classification number: G06F9/45558 ,  G06F21/53 ,  G06F21/79 ,  G06F2009/45587

Abstract: In an aspect, an apparatus that includes a first security domain and at least a second security domain obtains, at a virtual machine of the first security domain, a stream identifier associated with the second security domain. The apparatus generates, at the virtual machine of the first security domain, a command to map the stream identifier associated with the second security domain to a first address translation context. The apparatus maps, at a hypervisor device, the first address translation context to a second address translation context that is associated with the second security domain of the stream identifier. The apparatus processes a stream of memory access transactions that includes the stream identifier based on at least the first address translation context or the second address translation context.

公开(公告)号：US20150127866A1

公开(公告)日：2015-05-07

申请号：US14072201

申请日：2013-11-05

Applicant: Qualcomm Incorporated

Inventor： Thomas ZENG ,  Samar Asbe ,  Azzedine Touzni

IPC: G06F13/26 ,  G06F9/455 ,  G06F13/24

CPC classification number: G06F13/26 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/4812 ,  G06F13/24 ,  G06F2009/45579

Abstract: Aspects include apparatuses and methods for secure, fast and normal virtual interrupt direct assignment managing secure and non-secure, virtual and physical interrupts by processor having a plurality of execution environments, including a trusted (secure) and a non-secure execution environment. An interrupt controller may identify a security group value for an interrupt and direct secure interrupts to the trusted execution environment. The interrupt controller may identify a direct assignment value for the non-secure interrupts indicating whether the non-secure interrupt is owned by a high level operating system (HLOS) Guest or a virtual machine manager (VMM), and whether it is a fast or a normal virtual interrupt. The interrupt controller may direct the HLOS Guest owned interrupt to the HLOS Guest while bypassing the VMM. When the HLOS Guest in unavailable, the interrupt may be directed to the VMM to attempt to pass the interrupt to the HLOS Guest until successful.

Abstract translation: 方面包括用于安全，快速和正常的虚拟中断直接分配的装置和方法，其通过包括可信（安全）和非安全执行环境的多个执行环境的处理器管理安全和非安全的虚拟和物理中断。 中断控制器可以识别中断的安全组值，并将可靠执行环境直接安全中断。 中断控制器可以识别非安全中断的直接分配值，指示非安全中断是由高级操作系统（HLOS）来宾还是虚拟机管理器（VMM）拥有，以及它是快速还是快速 一个正常的虚拟中断。 在绕过VMM时，中断控制器可以将HLOS Guest拥有的中断指向HLOS Guest。 当HLOS访客不可用时，中断可能被定向到VMM，以尝试将中断传递给HLOS访客，直到成功。

公开(公告)号：US10228991B2

公开(公告)日：2019-03-12

申请号：US15636434

申请日：2017-06-28

Applicant: QUALCOMM Incorporated

Inventor： Samar Asbe ,  Thomas Philip Speier

IPC: G06F12/10 ,  G06F11/07 ,  G06F12/1036 ,  G06F12/0806 ,  G06F12/1027

Abstract: Providing hardware-based translation lookaside buffer (TLB) conflict resolution in processor-based systems is disclosed. In this regard, in one aspect, a memory system provides a memory management unit (MMU) and multiple hierarchical page tables, each comprising multiple page table entries comprising corresponding translation preference indicators. The memory system further includes a TLB comprising multiple TLB entries each configured to cache a page table entry. The MMU determines whether a TLB conflict exists between a first TLB entry caching a first page table entry comprising a translation preference indicator that is set and a second TLB entry caching a second page table entry comprising a translation preference indicator that is not set. If so, the MMU selects the first TLB entry for use in a virtual-to-physical address translation operation, based on the translation preference indicator of the first page table entry cached by the first TLB entry being set.

公开(公告)号：US20190004883A1

公开(公告)日：2019-01-03

申请号：US15636434

申请日：2017-06-28

Applicant: QUALCOMM Incorporated

Inventor： Samar Asbe ,  Thomas Philip Speier

IPC: G06F11/07 ,  G06F12/1036

Abstract: Providing hardware-based translation lookaside buffer (TLB) conflict resolution in processor-based systems is disclosed. In this regard, in one aspect, a memory system provides a memory management unit (MMU) and multiple hierarchical page tables, each comprising multiple page table entries comprising corresponding translation preference indicators. The memory system further includes a TLB comprising multiple TLB entries each configured to cache a page table entry. The MMU determines whether a TLB conflict exists between a first TLB entry caching a first page table entry comprising a translation preference indicator that is set and a second TLB entry caching a second page table entry comprising a translation preference indicator that is not set. If so, the MMU selects the first TLB entry for use in a virtual-to-physical address translation operation, based on the translation preference indicator of the first page table entry cached by the first TLB entry being set.

公开(公告)号：US20190163645A1

公开(公告)日：2019-05-30

申请号：US16204965

申请日：2018-11-29

Applicant: QUALCOMM INCORPORATED

Inventor： THOMAS ZENG ,  Samar Asbe ,  Adam Openshaw

IPC: G06F12/1027 ,  G06F9/455

Abstract: Systems, methods, and computer programs are disclosed for optimizing headless virtual memory management in a system on chip (SoC) with global translation lookaside buffer shootdown. The SoC comprises an application processor configured to execute a headful virtual machine and one or more SoC processing devices configured to execute a corresponding headless virtual machine. The method comprises issuing a virtual machine mapping command with a headless virtual machine having a first virtual machine identifier. In response to the virtual machine mapping command, a current value stored in a hardware register in the application processor is saved. The first virtual machine identifier associated with the headless virtual machine is loaded into the hardware register. A translation lookaside buffer (TLB) invalidate command is issued while the first virtual machine identifier is loaded in the hardware register. Upon completion of translation lookaside buffer synchronization, the current value is restored to the hardware register.

公开(公告)号：US20190026231A1

公开(公告)日：2019-01-24

申请号：US15658179

申请日：2017-07-24

Applicant: QUALCOMM Incorporated

Inventor： Sudeep Ravi KOTTILINGAL ,  Samar Asbe ,  Vipul Gandhi

IPC: G06F12/1009 ,  G06F12/1027 ,  G06F9/455

Abstract: Various aspects include computing device methods for managed virtual machine memory access. Various aspects may include receiving a memory access request from a managed virtual machine having a virtual address, retrieving a first physical address for a stage 2 page table for a managing virtual machine, in which the stage 2 page table is stored in a physical memory space allocated to a hypervisor, retrieving a second physical address from an entry of the stage 2 page table for a stage 1 page table for a process executed by the managed virtual machine, in which the second physical address is for a physical memory space allocated to the managing virtual machine and the stage 1 page table is stored in that physical memory space, and retrieving a first intermediate physical address from an entry of the stage 1 page table for a translation of the virtual address.

公开(公告)号：US11783042B2

公开(公告)日：2023-10-10

申请号：US16903982

申请日：2020-06-17

Applicant: QUALCOMM INCORPORATED

Inventor： Steven Halter ,  Samar Asbe ,  Miguel Ballesteros ,  Girish Bhat ,  Mahadevamurty Nemani

IPC: G06F21/57 ,  G06F9/445 ,  G06F9/50 ,  G06F21/62

CPC classification number: G06F21/575 ,  G06F9/445 ,  G06F9/5016 ,  G06F21/572 ,  G06F21/62 ,  G06F2221/034

Abstract: Resource access control in a system-on-chip (“SoC”) may employ an agent executing on a processor of the SoC and a trust management engine of the SoC. The agent, such as, for example, a high-level operating system or a hypervisor, may be configured to allocate a resource comprising a memory region to an access domain and to load a software image associated with the access domain into the memory region. The trust management engine may be configured to lock the resource against access by any entity other than the access domain, to authenticate the software image associated with the access domain, and to initiate booting of the access domain in response to a successful authentication of the software image associated with the access domain.

公开(公告)号：US10514943B2

公开(公告)日：2019-12-24

申请号：US15354791

申请日：2016-11-17

Applicant: QUALCOMM Incorporated

Inventor： Samar Asbe ,  Qazi Bashir ,  Vipul Gandhi ,  Chris Henroid ,  Mitchel Allen Humpherys ,  Olav Haugan ,  Daren Hall ,  Adam Openshaw ,  Priyesh Sanghvi ,  Brijen Raval

IPC: G06F9/455 ,  G06F21/53 ,  G06F21/79

Abstract: In an aspect, an apparatus that includes a first security domain and at least a second security domain obtains, at a virtual machine of the first security domain, a stream identifier associated with the second security domain. The apparatus generates, at the virtual machine of the first security domain, a command to map the stream identifier associated with the second security domain to a first address translation context. The apparatus maps, at a hypervisor device, the first address translation context to a second address translation context that is associated with the second security domain of the stream identifier. The apparatus processes a stream of memory access transactions that includes the stream identifier based on at least the first address translation context or the second address translation context.

公开(公告)号：US09355050B2

公开(公告)日：2016-05-31

申请号：US14072201

申请日：2013-11-05

Applicant: QUALCOMM Incorporated

Inventor： Thomas Zeng ,  Samar Asbe ,  Azzedine Touzni

IPC: G06F13/26 ,  G06F13/24 ,  G06F9/455 ,  G06F9/48

CPC classification number: G06F13/26 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/4812 ,  G06F13/24 ,  G06F2009/45579

Abstract: Aspects include apparatuses and methods for secure, fast and normal virtual interrupt direct assignment managing secure and non-secure, virtual and physical interrupts by processor having a plurality of execution environments, including a trusted (secure) and a non-secure execution environment. An interrupt controller may identify a security group value for an interrupt and direct secure interrupts to the trusted execution environment. The interrupt controller may identify a direct assignment value for the non-secure interrupts indicating whether the non-secure interrupt is owned by a high level operating system (HLOS) Guest or a virtual machine manager (VMM), and whether it is a fast or a normal virtual interrupt. The interrupt controller may direct the HLOS Guest owned interrupt to the HLOS Guest while bypassing the VMM. When the HLOS Guest in unavailable, the interrupt may be directed to the VMM to attempt to pass the interrupt to the HLOS Guest until successful.

Abstract translation: 方面包括用于安全，快速和正常的虚拟中断直接分配的装置和方法，其通过包括可信（安全）和非安全执行环境的多个执行环境的处理器管理安全和非安全的虚拟和物理中断。 中断控制器可以识别中断的安全组值，并将可靠执行环境直接安全中断。 中断控制器可以识别非安全中断的直接分配值，指示非安全中断是由高级操作系统（HLOS）来宾还是虚拟机管理器（VMM）拥有，以及它是快速还是快速 一个正常的虚拟中断。 在绕过VMM时，中断控制器可以将HLOS Guest拥有的中断指向HLOS Guest。 当HLOS访客不可用时，中断可能被定向到VMM，以尝试将中断传递给HLOS访客，直到成功。