摘要:
Multiple logical partitions are provided in a data processing system. A unique context is generated for each one of the logical partitions. When one of the logical partitions requires access to the hardware TPM, that partition's context is required to be stored in the hardware TPM. The hardware TPM includes a finite number of storage locations, called context slots, for storing contexts. Each context slot can store one partition's context. Each one of the partitions is associated with one of the limited number of context storage slots in the hardware TPM. At least one of the context slots is simultaneously associated with more than one of the logical partitions. Contexts are swapped into and out of the hardware TPM during runtime of the data processing system so that when ones of the partitions require access to the hardware TPM, their required contexts are currently stored in the hardware TPM.
摘要:
A method, apparatus, and computer program product are described for implementing a trusted computing environment within a data processing system where the data processing system includes a single hardware trusted platform module (TPM). Multiple logical partitions are provided in the data processing system. A unique context is generated for each one of the logical partitions. When one of the logical partitions requires access to the hardware TPM, that partition's context is required to be stored in the hardware TPM. The hardware TPM includes a finite number of storage locations, called context slots, for storing contexts. Each context slot can store one partition's context. Each one of the partitions is associated with one of the limited number of context storage slots in the hardware TPM. At least one of the context slots is simultaneously associated with more than one of the logical partitions. Contexts are swapped into and out of the hardware TPM during runtime of the data processing system so that when ones of the partitions require access to the hardware TPM, their required contexts are currently stored in the hardware TPM.
摘要:
A method is described for implementing a trusted computing environment within a data processing system where the data processing system includes a single hardware trusted platform module (TPM). Multiple logical partitions are provided in the data processing system. A unique context is generated for each one of the logical partitions. When one of the logical partitions requires access to the hardware TPM, that partition's context is required to be stored in the hardware TPM. The hardware TPM includes a finite number of storage locations, called context slots, for storing contexts. Each context slot can store one partition's context. Each one of the partitions is associated with one of the limited number of context storage slots in the hardware TPM. At least one of the context slots is simultaneously associated with more than one of the logical partitions. Contexts are swapped into and out of the hardware TPM during runtime of the data processing system so that when ones of the partitions require access to the hardware TPM, their required contexts are currently stored in the hardware TPM.
摘要:
A mechanism is provided for sharing resources among logical partitions in a logical partitioned data processing system and for managing the changes to resources in such a way that the sharing operating systems are able to handle the various transitions in a graceful manner. Four hypervisor functions plus a specific return code manage the granting of access of resources owned by one partition to another (client) partition, accepting of granted resources by client partitions, returning of granted resources by client partitions, and rescinding of access by the owning partition. These four hypervisor functions are invoked either explicitly by the owning and client partitions or automatically by the hypervisor in response to partition termination. The hypervisor functions provide the needed infrastructure to manage the sharing of logical resources among partitions.
摘要:
A computer implemented method, apparatus and mechanism for recovery of an I/O fabric that has become terminally congested or deadlocked due to a failure which causes buffers/queues to fill and thereby causes the root complexes to lose access to their I/O subsystems. Upon detection of a terminally congested or deadlocked transmit queue, access to such queue by other root complexes is suspended while each item in the queue is examined and processed accordingly. Store requests and DMA read reply packets in the queue are discarded, and load requests in the queue are processed by returning a special completion package. Access to the queue by the root complexes is then resumed.
摘要:
A method and system are disclosed for logically partitioning resources of a single channel adapter for use in a system area network. Each resource includes a partition identifier register within which is stored a partition identifier. A first one of the resources is assigned to a first partition by storing a first partition identifier in the partition identifier register within the first one of the resources. A second one of the resources is assigned to a second partition by storing a second partition identifier in the partition identifier register within the second one of the resources. Partitioning of the resources is enforced by permitting access to the first resource by only the first partition and permitting access to the second resource by only the second partition by checking the partition identifiers of each resource.
摘要:
A computer-implemented method, apparatus, and computer program product are disclosed for managing direct memory access (DMA) write page faults using a pool of substitute pages. A computer system platform resolves a DMA write page fault for a page that is dedicated to an Input/Output (I/O) adapter. The I/O adapter attempts to write DMA data to the page. A determination is made that the page is unavailable for writing. The DMA data is then written to data locations in a substitute page that was selected from the pool of substitute pages. A flag is then set in a flag location for each one of the data locations. The flag locations correspond to the data locations. When a flag is set, the flag indicates that DMA write data is present in the data location that corresponds to that flag's flag location.
摘要:
An enhanced fibre channel adapter with multiple queues for use by different server processors or partitions. For a non-partitioned server, the OS owns the adapter, controls the adapter queues, and updates the queue table(s). An OS operator can obtain information from the fibre channel network about the fibre channel storage data zones available to the physical fibre channel adapter port and can specify that one or more zones can be accessed by a specific processor or group of processors. The processor or group of processors is given an adapter queue to access the zone or zones of storage data. This queue is given a new World Wide Port Name or new N-Port ID Virtualization identifier, to differentiate this queue from another queue that might have access to a different storage data zone or zones. For a partitioned server, one partition owns the adapter, controls the adapter queues, and updates the queue table(s). The partition management tool can obtain information from the fibre channel network about the fibre channel storage data zones available. A system operator can assign one or more storage zones under a fibre channel storage adapter to a partition. Each partition that has access to a zone or zones under an adapter is given an adapter queue to access the zone or zones. This queue is given a new World Wide Port Name or new N-Port ID Virtualization identifier, to differentiate this queue from another queue that might have access to a different storage data zone or zones.
摘要:
A method, system and computer program product that allows a System Image within a multiple System Image Virtual Server to maintain isolation from the other system images while directly exposing a portion, or all, of its associated System Memory to a shared PCI Adapter without the need for each I/O operation to be analyzed and verified by a component trusted by the LPAR manager.
摘要:
A method, computer program product, and data processing system for providing system-area network (SAN) multicasting functionality in a logically partitioned (LPAR) data processing system in which a channel adapter is shared among a plurality of logical partitions is disclosed. A preferred embodiment of the present invention allows LPAR “hypervisor” firmware to assume the responsibility for multicast protocol handling and distribution of packets among logical partitions.