公开(公告)号：US20210216357A1

公开(公告)日：2021-07-15

申请号：US16822054

申请日：2020-03-18

Applicant: VMWARE, INC.

Inventor： VIVEK MOHAN THAMPI ,  ALOK NEMCHAND KATARIA ,  MARTIM CARBONE ,  DEEP SHAH

IPC: G06F9/48 ,  G06F9/455 ,  G06F21/53 ,  G06F21/62

Abstract: Techniques for supporting invocations of the RDTSC (Read Time-Stamp Counter) instruction, or equivalents thereof, by guest program code running within a virtual machine (VM), including guest program code running within a secure hardware enclave of the VM, are provided. In one set of embodiments, a hypervisor can activate time virtualization heuristics for the VM, where the time virtualization heuristics cause accelerated delivery of system clock timer interrupts to a guest operating system (OS) of the VM. The hypervisor can further determine a scaling factor to be applied to timestamps generated by one or more physical CPUs, where the timestamps are generated in response to invocations of a CPU instruction made by guest program code running within the VM, and where the scaling factor is based on the activated time virtualization heuristics. The hypervisor can then program the scaling factor into the one or more physical CPUs.

公开(公告)号：US20200344210A1

公开(公告)日：2020-10-29

申请号：US16442579

申请日：2019-06-17

Applicant: VMWARE, INC.

Inventor： SHIRISH VIJAYVARGIYA ,  ALOK NEMCHAND KATARIA ,  DEEP SHAH

IPC: H04L29/06 ,  G06F9/455

Abstract: Techniques for implementing a secure enclave-based guest firewall are provided. In one set of embodiments, a host system can load a policy enforcer for a firewall into a secure enclave of a virtual machine (VM) running on the host system, where the secure enclave corresponds to a region of memory in the VM's guest memory address space that is inaccessible by processes running in other regions of the guest memory address space (including privileged processes that are part of the VM's guest operating system (OS) kernel). The policy enforcer can then, while running within the secure enclave: (1) obtain one or more security policies from a policy manager for the firewall, (2) determine that an event has occurred pertaining to a new or existing network connection between the VM and another machine, and (3) apply the one or more security policies to the network connection.

公开(公告)号：US20200218792A1

公开(公告)日：2020-07-09

申请号：US16296273

申请日：2019-03-08

Applicant: VMWARE, INC.

Inventor： ALOK NEMCHAND KATARIA ,  Achindra Bhatnagar ,  Sachin Shinde ,  Martim Carbone ,  Deep Shah

IPC: G06F21/12 ,  G06F21/60 ,  G06F21/62 ,  G06F21/64 ,  H04L9/32

Abstract: Techniques for verifying the integrity of application data using secure hardware enclaves are provided. In one set of embodiments, a client system can create a secure hardware enclave on the client system and load program code for an integrity verifier into the secure hardware enclave. The client system can further receive a dataset from a server system and store the dataset at a local storage or memory location, and receive, via the integrity verifier, a cryptographic hash of the dataset from the server system and store the received cryptographic hash at a memory location within the secure hardware enclave. Then, on a periodic basis, the integrity verifier can compute a cryptographic hash of the stored dataset, compare the computed cryptographic hash against the stored cryptographic hash, and if the computed cryptographic hash does not match the stored cryptographic hash, determine that the stored dataset has been modified.

公开(公告)号：US20180307829A1

公开(公告)日：2018-10-25

申请号：US15818783

申请日：2017-11-21

Applicant: VMWARE, INC.

Inventor： ALOK NEMCHAND KATARIA ,  DOUG COVELLI ,  JEFFREY W. SHELDON ,  FREDERICK JOSEPH JACOBS ,  DAVID DUNN

IPC: G06F21/53 ,  G06F3/06 ,  G06F9/455

CPC classification number: G06F21/53 ,  G06F3/0604 ,  G06F3/0634 ,  G06F3/0644 ,  G06F3/0664 ,  G06F3/0673 ,  G06F9/45558 ,  G06F2009/45579 ,  G06F2009/45583 ,  G06F2009/45587 ,  G06F2221/2149

Abstract: Techniques for securely supporting a global view of system memory in a physical/virtual computer system comprising a plurality of physical/virtual CPUs are provided. In one set of embodiments, the physical/virtual computer system can receive an interrupt indicating that a first physical/virtual CPU should enter a privileged CPU operating mode. The physical/virtual computer system can further determine that none of the plurality of physical/virtual CPUs are currently in the privileged CPU operating mode. In response to this determination, the physical/virtual computer system can modify the global view of system memory to include a special memory region comprising program code to be executed while in the privileged CPU operating mode; communicate, to the other physical/virtual CPUs, a signal to enter a stop state in which execution is halted but interrupts are accepted for entering the privileged CPU operating mode; and cause the first physical/virtual CPU to enter the privileged CPU operating mode.

公开(公告)号：US20170337000A1

公开(公告)日：2017-11-23

申请号：US15402243

申请日：2017-01-10

Applicant: VMWARE, INC.

Inventor： DAVID DUNN ,  ALOK NEMCHAND KATARIA ,  WEI XU ,  JEFFREY W. SHELDON

IPC: G06F3/06 ,  G06F21/55 ,  G06F9/455

CPC classification number: G06F9/45558 ,  G06F12/145 ,  G06F21/554 ,  G06F21/575 ,  G06F2009/45583 ,  G06F2009/45587

Abstract: Mechanisms to protect the integrity of a data structure that is traversed to locate protected memory pages are provided. Leaf nodes of the data structure store mappings that indicate which memory pages are protected. Both the pages indicated by the mappings and the pages that store the data structure are monitored by a tracing service that sends a notification to the hypervisor when a write to a traced page occurs. When system software receives such a notification, the system software traverses the data structure to determine whether any of the memory pages of the data structure is the traced page that was written to. If so, the alert action for that page is performed. If not, the system software determines whether any of the mappings in the leaf nodes include such a page and, if so, the alert action for that page is performed.

公开(公告)号：US20230082141A1

公开(公告)日：2023-03-16

申请号：US18047450

申请日：2022-10-18

Applicant: VMware, Inc.

Inventor： VIVEK MOHAN THAMPI ,  ALOK NEMCHAND KATARIA ,  MARTIM CARBONE ,  DEEP SHAH

IPC: G06F9/48 ,  G06F9/455 ,  G06F21/62 ,  G06F21/53

Abstract: Techniques for supporting invocations of the RDTSC (Read Time-Stamp Counter) instruction, or equivalents thereof, by guest program code running within a virtual machine (VM), including guest program code running within a secure hardware enclave of the VM, are provided. In one set of embodiments, a hypervisor can activate time virtualization heuristics for the VM, where the time virtualization heuristics cause accelerated delivery of system clock timer interrupts to a guest operating system (OS) of the VM. The hypervisor can further determine a scaling factor to be applied to timestamps generated by one or more physical CPUs, where the timestamps are generated in response to invocations of a CPU instruction made by guest program code running within the VM, and where the scaling factor is based on the activated time virtualization heuristics. The hypervisor can then program the scaling factor into the one or more physical CPUs.

公开(公告)号：US20210019166A1

公开(公告)日：2021-01-21

申请号：US16561051

申请日：2019-09-05

Applicant: VMWARE, INC.

Inventor： ALOK NEMCHAND KATARIA ,  Martim Carbone ,  Deep Shah

IPC: G06F9/455 ,  H04L29/06 ,  H04L9/08

Abstract: The present disclosure provides an approach for migrating the contents of an enclave, together with a virtual machine comprising the enclave, from a source host to a destination host. The approach provides a technique that allows the contents of the enclave to remain secure during the migration process, and also allows the destination host to decrypt the contents of the enclave upon receiving the contents and upon receiving the VM that includes the enclave. The approach allows for the VM to continue execution on the destination host. The enclave retains its state from source host to destination host. Applications using the enclave in the source host are able to continue using the enclave on the destination host using the data migrated from the source host to the destination host.

公开(公告)号：US20200272742A1

公开(公告)日：2020-08-27

申请号：US16409902

申请日：2019-05-13

Applicant: VMWARE, INC.

Inventor： ALOK NEMCHAND KATARIA ,  Sachin Shinde ,  Achindra Bhatnagar

IPC: G06F21/57 ,  G06F21/64 ,  G06F21/71

Abstract: The disclosure herein describes verifying integrity of security policies on a client device. Policy data sets associated with security applications of virtual machines on the client device are received from a server and stored on the client device. An integrity verifier on the client device receives verified checksums from the server, wherein the verified checksums are associated with the policy data sets. Client-side checksums are generated by the integrity verifier based on the stored policy data sets. Upon generating the client-side checksums, the integrity verifier compares the verified checksums to the generated client-side checksums. Based on the comparison indicating that a verified checksum and a client-side checksum differ, the integrity verifier generates a checksum failure indicator, wherein the client device is configured to take corrective measures to restore integrity of the virtual machines based on the checksum failure indicator.

公开(公告)号：US20170300430A1

公开(公告)日：2017-10-19

申请号：US15444350

申请日：2017-02-28

Applicant: VMWARE, INC.

Inventor： ALOK NEMCHAND KATARIA ,  WEI XU ,  RADU RUGINA ,  JEFFREY W. SHELDON ,  JAMES S. MATTSON ,  RAKESH AGARWAL ,  DAVID DUNN

IPC: G06F12/14 ,  G06F9/455 ,  G06F9/46 ,  G06F21/74

CPC classification number: G06F12/1458 ,  G06F9/45558 ,  G06F9/468 ,  G06F21/50 ,  G06F21/74 ,  G06F2009/45583 ,  G06F2009/45587 ,  G06F2212/1052 ,  G06F2212/152

Abstract: Mechanisms to protect the integrity of memory of a virtual machine are provided. The mechanisms involve utilizing certain capabilities of the hypervisor underlying the virtual machine to monitor writes to memory pages of the virtual machine. A guest integrity driver communicates with the hypervisor to request such functionality. Additional protections are provided for protecting the guest integrity driver and associated data, as well as for preventing use of these mechanisms by malicious software. These additional protections include an elevated execution mode, termed “integrity mode,” which can only be entered from a specified entry point, as well as protections on the memory pages that store the guest integrity driver and associated data.