-
公开(公告)号:US10834255B1
公开(公告)日:2020-11-10
申请号:US16748734
申请日:2020-01-21
Applicant: VMware, Inc.
Inventor: Nadav Amit , Frederick Joseph Jacobs , Michael Wei
Abstract: A method redirecting an indirect call in a call table to direct call includes the steps of: recording frequencies of calls in a frequency table; updating a search trampoline to cache, as direct calls, calls of the call table that are most frequently made according to the recorded calls in the frequency table; receiving a request to perform one of the calls in the call table; performing a search of the search trampoline to determine whether or not the requested call is cached in the search trampoline; if the requested call is cached in the search trampoline, performing the requested call that is cached in the search trampoline; and if the requested call is not cached in the search trampoline, performing the requested call by accessing the call via the call table.
-
公开(公告)号:US10824717B2
公开(公告)日:2020-11-03
申请号:US16004191
申请日:2018-06-08
Applicant: VMware, Inc.
Inventor: Michael Wei , Dan Tsafrir , Nadav Amit
Abstract: In accordance with embodiments of the present disclosure, a binary translator can perform address shifting on the binary code of an executing application. Address shifting serves to shift the addresses of memory operations that can access locations in the kernel address space into address locations in the user space, thus avoiding speculative access into the kernel address space.
-
公开(公告)号:US10114759B2
公开(公告)日:2018-10-30
申请号:US15370421
申请日:2016-12-06
Applicant: VMware, Inc.
Inventor: Nadav Amit
IPC: G06F12/10 , G06F9/455 , G06F12/1009
Abstract: Techniques for implementing trapless shadow page tables in a virtualized host system are provided. In one embodiment, an SPT accelerator device of the host system can intercept a memory write operation originating from a virtual machine (VM) and directed to a guest OS page table of the VM, where the guest OS page table is stored in a device memory of the SPT accelerator device. The SPT accelerator device can further extract a guest virtual address (GVA)-to-guest physical address (GPA) mapping in the memory write instruction and can translate the GVA-to-GPA mapping into a GVA-to-host physical address (HPA) mapping. The SPT accelerator device can then write the GVA-to-HPA mapping to a shadow page table of the host system.
-
公开(公告)号:US11726807B2
公开(公告)日:2023-08-15
申请号:US15588392
申请日:2017-05-05
Applicant: VMware, Inc.
Inventor: Nadav Amit , Michael Wei , Cheng Chun Tu
CPC classification number: G06F9/45558 , G06F21/53 , G06F21/60 , G06F2009/45587
Abstract: A hypervisor communicates with a guest operating system running in a virtual machine supported by the hypervisor using a hyper-callback whose functions are based on the particular guest operating system running the virtual machine and are triggered by one or more events in the guest operating system. The functions are modified to make sure they are safe to execute and to allow only limited access to the guest operating system. Additionally, the functions are converted to byte code corresponding to a simplified CPU and memory model and are safety checked by the hypervisor when registered with the hypervisor. The functions are executed by the hypervisor without any context switch between the hypervisor and guest operating system, and when executed, provide information about the particular guest operating system, allowing the hypervisor to improve operations such as page reclamation, virtual CPU scheduling, I/O operations, and tracing of the guest operating system.
-
公开(公告)号:US20220083468A1
公开(公告)日:2022-03-17
申请号:US17021872
申请日:2020-09-15
Applicant: VMware, Inc.
Inventor: Michael Wei , Nadav Amit , Amy Tai
IPC: G06F12/0802 , G06F9/4401
Abstract: Techniques for consolidating shared state for translation lookaside buffer (TLB) shootdowns are provided. In one set of embodiments, an operating system (OS) kernel of a computer system can co-locate, in a system memory of the computer system, a plurality of shared data accessed by first and second processing cores of the computer system for performing a translation lookaside buffer (TLB) shootdown of the first processing core by the second processing core, where the co-locating allows the plurality of shared data to occupy a single cache line when brought from the system memory into a CPU (central processing unit) cache of the first or second processing core. This can include, e.g., (1) co-locating a lazy mode indicator and a call function queue (CFQ) head element of the first processing core, such that these two data components occupy the same cache line, and (2) co-locating a TLB flush info entry and a call function data (CFD) entry created by the second processing core at the time of initiating the TLB shootdown, such that these two data components occupy the same cache line.
-
Patent Agency Ranking
公开(公告)号:US11068422B1
公开(公告)日:2021-07-20
申请号:US16804480
申请日:2020-02-28
Applicant: VMware, Inc.
Inventor: Amy Tai , Igor Smolyar , Dan Tsafrir , Michael Wei , Nadav Amit
Abstract: Described herein are embodiments that adaptively reduce the number of interrupts that occur between a device controller and a computer system. Device commands are submitted to the controller by an operating system on behalf of an application. The device performs the received commands and indicates command completions to the controller. A counter counts completions, and if the count exceeds a threshold number, the controller generates an interrupt to the computer system. If the count is greater than zero and the timeout interval has expired, then the controller generates an interrupt to the computer system. In some embodiments, the application attaches flags to one of the commands indicating that an interrupt relating to completion of the flagged command should be generated as soon as possible or that an interrupt relating to completion of all commands prior to and including the flagged command should be generated as soon as possible.
-
7.发明申请公开(公告)号:US20190243776A1
公开(公告)日:2019-08-08
申请号:US15960467
申请日:2018-04-23
Applicant: VMware, Inc.
Inventor: Nadav Amit , Dan Tsafrir , Michael Wei
IPC: G06F12/1009 , G06F12/14 , G06F21/57
Abstract: Embodiments are disclosed to mitigate the meltdown vulnerability by selectively using page table isolation. Page table isolation is enabled for 64-bit applications, so that unprivileged areas in the kernel address space cannot be accessed in user mode due to speculative execution by the processor. On the other hand, page table isolation is disabled for 32-bit applications thereby providing mapping into unprivileged areas in the kernel address space. However, speculative execution is limited to a 32-bit address space in a 32-bit application, and s access to unprivileged areas in the kernel address space can be inhibited.
-
公开(公告)号:US11500787B2
公开(公告)日:2022-11-15
申请号:US16519616
申请日:2019-07-23
Applicant: VMware, Inc.
Inventor: Michael Wei , Nadav Amit
IPC: G06F9/455 , G06F12/14 , G06F12/0882 , G06F21/12 , G06F21/54
Abstract: One or more kernel-modifying procedures are stored in a trusted computing base (TCB) when bringing up a guest operating system (OS) on a virtual machine (VM) on a virtualization platform. When the guest OS invokes an OS-level kernel-modifying procedure, a call is made to the hypervisor. If the hypervisor determines the TCB to be valid, the kernel-modifying procedure in the TCB that corresponds to the OS-level kernel-modifying procedure is invoked so that the kernel code can be modified.
-
公开(公告)号:US11341051B2
公开(公告)日:2022-05-24
申请号:US17021872
申请日:2020-09-15
Applicant: VMware, Inc.
Inventor: Michael Wei , Nadav Amit , Amy Tai
IPC: G06F12/08 , G06F12/0802 , G06F9/4401
Abstract: Techniques for consolidating shared state for translation lookaside buffer (TLB) shootdowns are provided. In one set of embodiments, an operating system (OS) kernel of a computer system can co-locate, in a system memory of the computer system, a plurality of shared data accessed by first and second processing cores of the computer system for performing a translation lookaside buffer (TLB) shootdown of the first processing core by the second processing core, where the co-locating allows the plurality of shared data to occupy a single cache line when brought from the system memory into a CPU (central processing unit) cache of the first or second processing core. This can include, e.g., (1) co-locating a lazy mode indicator and a call function queue (CFQ) head element of the first processing core, such that these two data components occupy the same cache line, and (2) co-locating a TLB flush info entry and a call function data (CFD) entry created by the second processing core at the time of initiating the TLB shootdown, such that these two data components occupy the same cache line.
-
公开(公告)号:US11016767B2
公开(公告)日:2021-05-25
申请号:US16521396
申请日:2019-07-24
Applicant: VMware, Inc.
Inventor: Nadav Amit , Frederick Joseph Jacobs , Michael Wei
Abstract: A method for redirecting indirect calls to direct calls on a per-process basis includes accessing a memory code region of an operating system kernel that has a different mapping for each of one or more user processes running on the operating system kernel. The memory code region stores a first trampoline that refers directly to a second trampoline, which is an inline or outline trampoline that is correlated with a particular user process. Executing the first trampoline invokes the second trampoline, as a result of which the indirect calls are redirected to direct calls.
-
-
-
-
-
-
-
-
-
Search Results
23
records
(took 0.014 seconds)
