公开(公告)号：US20210216394A1

公开(公告)日：2021-07-15

申请号：US16743895

申请日：2020-01-15

Applicant: VMware, Inc.

Inventor： Sowgandh Sunil Gadi ,  Rajesh Venkatasubramanian ,  Venkata Subhash Reddy Peddamallu ,  Arunachalam Ramanathan ,  Timothy P. Mann ,  Frederick Joseph Jacobs

IPC: G06F11/07 ,  G06F9/455

Abstract: Techniques for migrating virtual machines (VMs) in the presence of uncorrectable memory errors are provided. According to one set of embodiments, a source host hypervisor of a source host system can determine, for each guest memory page of a VM to be migrated from the source host system to a destination host system, whether the guest memory page is impacted by an uncorrectable memory error in a byte-addressable memory of the source host system. If the source host hypervisor determines that the guest memory page is impacted, the source host hypervisor can transmit a data packet to a destination host hypervisor of the destination host system that includes error metadata identifying the guest memory page as being corrupted. Alternatively, if the source host hypervisor determines that the guest memory page is not impacted, the source host hypervisor can attempt to read the guest memory page from the byte-addressable memory in a memory exception-safe manner.

公开(公告)号：US11016767B2

公开(公告)日：2021-05-25

申请号：US16521396

申请日：2019-07-24

Applicant: VMware, Inc.

Inventor： Nadav Amit ,  Frederick Joseph Jacobs ,  Michael Wei

IPC: G06F9/30 ,  G06F12/10 ,  G06F9/35 ,  G06N20/00 ,  G06F21/54

Abstract: A method for redirecting indirect calls to direct calls on a per-process basis includes accessing a memory code region of an operating system kernel that has a different mapping for each of one or more user processes running on the operating system kernel. The memory code region stores a first trampoline that refers directly to a second trampoline, which is an inline or outline trampoline that is correlated with a particular user process. Executing the first trampoline invokes the second trampoline, as a result of which the indirect calls are redirected to direct calls.

公开(公告)号：US20240028336A1

公开(公告)日：2024-01-25

申请号：US17870651

申请日：2022-07-21

Applicant: VMware, Inc.

Inventor： Frederick Joseph Jacobs ,  Sam Scalise ,  Martim Carbone

IPC: G06F9/30 ,  G06F9/54 ,  G06F9/455

CPC classification number: G06F9/30145 ,  G06F9/545 ,  G06F9/45533

Abstract: In one set of embodiments, an operating system (OS) kernel of a computer system can receive an invocation of a system call by a user program running on the computer system. The OS kernel can further fetch a plurality of subsequent instructions that will be executed by the user program after the invocation of the system call and decode the plurality of subsequent instructions into a plurality of decoded instructions. The OS kernel can then analyze whether the plurality of decoded instructions include an additional system call invocation and whether other decoded instructions that appear between the invocation of the system call and the additional system call invocation are viable for emulation by the OS kernel.

公开(公告)号：US10834255B1

公开(公告)日：2020-11-10

申请号：US16748734

申请日：2020-01-21

Applicant: VMware, Inc.

Inventor： Nadav Amit ,  Frederick Joseph Jacobs ,  Michael Wei

IPC: H04M1/64 ,  H04M3/42 ,  H04M3/523 ,  H04M3/51

Abstract: A method redirecting an indirect call in a call table to direct call includes the steps of: recording frequencies of calls in a frequency table; updating a search trampoline to cache, as direct calls, calls of the call table that are most frequently made according to the recorded calls in the frequency table; receiving a request to perform one of the calls in the call table; performing a search of the search trampoline to determine whether or not the requested call is cached in the search trampoline; if the requested call is cached in the search trampoline, performing the requested call that is cached in the search trampoline; and if the requested call is not cached in the search trampoline, performing the requested call by accessing the call via the call table.

公开(公告)号：US20240028359A1

公开(公告)日：2024-01-25

申请号：US17868650

申请日：2022-07-19

Applicant: VMware, Inc.

Inventor： Sam Scalise ,  Frederick Joseph Jacobs ,  James Kenneth White

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45587

Abstract: In one set of embodiments, new hardware-assisted virtualization features for a CPU are provided that include, among other things: (1) a new control structure that allows a kernel level hypervisor component to set, for each configurable property/setting maintained in an existing control structure, whether the property/setting is accessible from an unprivileged hypervisor mode of the CPU, (2) another new control structure that allows the kernel level hypervisor component to set, for each of a plurality of guest events or operations, whether the guest event or operation will cause a transition from a privileged or unprivileged guest mode of the CPU to the unprivileged hypervisor mode, and (3) the ability for the CPU to transition directly from the unprivileged hypervisor mode to the privileged or unprivileged guest mode.

公开(公告)号：US10678909B2

公开(公告)日：2020-06-09

申请号：US15818783

申请日：2017-11-21

Applicant: VMWARE, INC.

Inventor： Alok Nemchand Kataria ,  Doug Covelli ,  Jeffrey W. Sheldon ,  Frederick Joseph Jacobs ,  David Dunn

IPC: G06F21/53 ,  G06F3/06 ,  G06F9/455

Abstract: Techniques for securely supporting a global view of system memory in a physical/virtual computer system comprising a plurality of physical/virtual CPUs are provided. In one set of embodiments, the physical/virtual computer system can receive an interrupt indicating that a first physical/virtual CPU should enter a privileged CPU operating mode. The physical/virtual computer system can further determine that none of the plurality of physical/virtual CPUs are currently in the privileged CPU operating mode. In response to this determination, the physical/virtual computer system can modify the global view of system memory to include a special memory region comprising program code to be executed while in the privileged CPU operating mode; communicate, to the other physical/virtual CPUs, a signal to enter a stop state in which execution is halted but interrupts are accepted for entering the privileged CPU operating mode; and cause the first physical/virtual CPU to enter the privileged CPU operating mode.

公开(公告)号：US09870324B2

公开(公告)日：2018-01-16

申请号：US14798483

申请日：2015-07-14

Applicant: VMWARE, INC.

Inventor： James S. Mattson, Jr. ,  Rakesh Agarwal ,  Alok Nemchand Kataria ,  Wei Xu ,  Frederick Joseph Jacobs

IPC: G06F12/08 ,  G06F12/14

CPC classification number: G06F12/145 ,  G06F9/45558 ,  G06F21/78 ,  G06F2009/45587 ,  G06F2212/1052 ,  G06F2212/151

Abstract: A hypervisor provides a guest operating system with a plurality of protection domains, including a root protection domain and one or more secure protection domains, and mechanisms for controlling the transitions between the protection domains. The guest physical memory region of a secure protection domain, which is mapped to host physical memory by secure nested page tables, stores secure guest code and data, and guest page tables for the secure guest code. When executing secure guest code, the guest page tables stored in the secure protection domain region are used for guest virtual to guest physical address translations, and the secure nested page tables are used for guest physical to host physical address translations.

公开(公告)号：US20230259421A1

公开(公告)日：2023-08-17

申请号：US18306058

申请日：2023-04-24

Applicant: VMware, Inc.

Inventor： Sowgandh Sunil Gadi ,  Rajesh Venkatasubramanian ,  Venkata Subhash Reddy Peddamallu ,  Arunachalam Ramanathan ,  Timothy P. Mann ,  Frederick Joseph Jacobs

IPC: G06F11/07 ,  G06F9/455

CPC classification number: G06F11/0793 ,  G06F11/0712 ,  G06F11/0727 ,  G06F11/079 ,  G06F9/45558 ,  G06F11/0751 ,  G06F2009/4557 ,  G06F2009/45583

Abstract: Techniques for migrating virtual machines (VMs) in the presence of uncorrectable memory errors are provided. According to one set of embodiments, a source host hypervisor of a source host system can determine, for each guest memory page of a VM to be migrated from the source host system to a destination host system, whether the guest memory page is impacted by an uncorrectable memory error in a byte-addressable memory of the source host system. If the source host hypervisor determines that the guest memory page is impacted, the source host hypervisor can transmit a data packet to a destination host hypervisor of the destination host system that includes error metadata identifying the guest memory page as being corrupted. Alternatively, if the source host hypervisor determines that the guest memory page is not impacted, the source host hypervisor can attempt to read the guest memory page from the byte-addressable memory in a memory exception-safe manner.

公开(公告)号：US11669388B2

公开(公告)日：2023-06-06

申请号：US17494826

申请日：2021-10-05

Applicant: VMware, Inc.

Inventor： Sowgandh Sunil Gadi ,  Rajesh Venkatasubramanian ,  Venkata Subhash Reddy Peddamallu ,  Arunachalam Ramanathan ,  Timothy P Mann ,  Frederick Joseph Jacobs

IPC: G06F11/07 ,  G06F9/455

CPC classification number: G06F11/0793 ,  G06F9/45558 ,  G06F11/079 ,  G06F11/0712 ,  G06F11/0727 ,  G06F11/0751 ,  G06F2009/4557 ,  G06F2009/45583

Abstract: Techniques for migrating virtual machines (VMs) in the presence of uncorrectable memory errors are provided. According to one set of embodiments, a source host hypervisor of a source host system can determine, for each guest memory page of a VM to be migrated from the source host system to a destination host system, whether the guest memory page is impacted by an uncorrectable memory error in a byte-addressable memory of the source host system. If the source host hypervisor determines that the guest memory page is impacted, the source host hypervisor can transmit a data packet to a destination host hypervisor of the destination host system that includes error metadata identifying the guest memory page as being corrupted. Alternatively, if the source host hypervisor determines that the guest memory page is not impacted, the source host hypervisor can attempt to read the guest memory page from the byte-addressable memory in a memory exception-safe manner.

公开(公告)号：US20160299851A1

公开(公告)日：2016-10-13

申请号：US14798483

申请日：2015-07-14

Applicant: VMWARE, INC.

Inventor： James S. Mattson, JR. ,  Rakesh Agarwal ,  Alok Nemchand Kataria ,  Wei Xu ,  Frederick Joseph Jacobs

IPC: G06F12/10

CPC classification number: G06F12/145 ,  G06F9/45558 ,  G06F21/78 ,  G06F2009/45587 ,  G06F2212/1052 ,  G06F2212/151

Abstract: A hypervisor provides a guest operating system with a plurality of protection domains, including a root protection domain and one or more secure protection domains, and mechanisms for controlling the transitions between the protection domains. The guest physical memory region of a secure protection domain, which is mapped to host physical memory by secure nested page tables, stores secure guest code and data, and guest page tables for the secure guest code. When executing secure guest code, the guest page tables stored in the secure protection domain region are used for guest virtual to guest physical address translations, and the secure nested page tables are used for guest physical to host physical address translations.

Abstract translation: 管理程序为客户机操作系统提供了多个保护域，包括根保护域和一个或多个安全保护域，以及用于控制保护域之间转换的机制。 通过安全嵌套页面表映射到主机物理内存的安全保护域的访客物理内存区域存储安全访客代码和数据，以及安全访客代码的访客页面表。 当执行安全访客代码时，存储在安全保护域区域中的访客页面表用于访客虚拟客户物理地址转换，并且安全嵌套页面表用于访客物理主机物理地址转换。