公开(公告)号：US20150046924A1

公开(公告)日：2015-02-12

申请号：US14467974

申请日：2014-08-25

Applicant: VMware, Inc.

Inventor： Daniel R.K. PORTS ,  Xiaoxin CHEN ,  Carl A. WALDSPURGER ,  Pratap SUBRAHMANYAM ,  Tal GARFINKEL

IPC: G06F9/455 ,  G06F9/44

CPC classification number: G06F9/461 ,  G06F9/4486 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/4881 ,  G06F11/1451 ,  G06F11/1484 ,  G06F2009/45562 ,  G06F2009/45583 ,  G06F2201/815 ,  G06F2201/84

Abstract: A virtual-machine-based system provides a mechanism to implement application file I/O operations of protected data by implementing the I/O operations semantics in a shim layer with memory-mapped regions. The semantics of these I/O operations are emulated in a shim layer with memory-mapped regions by using a mapping between a process' address space and a file or shared memory object. Data that is protected from viewing by a guest OS running in a virtual machine may nonetheless be accessed by the process.

Abstract translation: 基于虚拟机的系统提供了通过在具有存储器映射区域的垫片层中实现I / O操作语义来实现受保护数据的应用文件I / O操作的机制。 这些I / O操作的语义通过使用进程的地址空间和文件或共享内存对象之间的映射在具有内存映射区域的填充层中进行仿真。 受虚拟机运行的客户机操作系统保护的数据可能会被进程访问。