CN105074663B - 按需选择性地启用虚拟机监测器的操作的方法和装置 - Google Patents

按需选择性地启用虚拟机监测器的操作的方法和装置 Download PDF

Info

Publication number
CN105074663B
CN105074663B CN201480013782.0A CN201480013782A CN105074663B CN 105074663 B CN105074663 B CN 105074663B CN 201480013782 A CN201480013782 A CN 201480013782A CN 105074663 B CN105074663 B CN 105074663B
Authority
CN
China
Prior art keywords
processor
physical address
operating system
sandbox
high level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201480013782.0A
Other languages
English (en)
Chinese (zh)
Other versions
CN105074663A (zh
Inventor
T·曾
A·托兹尼
P·小米勒
P·帕特尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN105074663A publication Critical patent/CN105074663A/zh
Application granted granted Critical
Publication of CN105074663B publication Critical patent/CN105074663B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1009Address translation using page tables, e.g. page table structures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1027Address translation using associative or pseudo-associative address translation means, e.g. translation look-aside buffer [TLB]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45545Guest-host, i.e. hypervisor is an application program itself, e.g. VirtualBox
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5011Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals
    • G06F9/5016Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resources being hardware resources other than CPUs, Servers and Terminals the resource being the memory
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/15Use in a specific computing environment
    • G06F2212/151Emulated environment, e.g. virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/15Use in a specific computing environment
    • G06F2212/152Virtualized environment, e.g. logically partitioned system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/68Details of translation look-aside buffer [TLB]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
CN201480013782.0A 2013-03-12 2014-03-10 按需选择性地启用虚拟机监测器的操作的方法和装置 Active CN105074663B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/796,442 2013-03-12
US13/796,442 US9396011B2 (en) 2013-03-12 2013-03-12 Algorithm and apparatus to deploy virtual machine monitor on demand
PCT/US2014/022731 WO2014164536A1 (en) 2013-03-12 2014-03-10 Method and apparatus to selectively enable operations of a virtual machine monitor on demand

Publications (2)

Publication Number Publication Date
CN105074663A CN105074663A (zh) 2015-11-18
CN105074663B true CN105074663B (zh) 2018-08-28

Family

ID=50473787

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201480013782.0A Active CN105074663B (zh) 2013-03-12 2014-03-10 按需选择性地启用虚拟机监测器的操作的方法和装置

Country Status (7)

Country Link
US (2) US9396011B2 (https=)
EP (1) EP2972832B1 (https=)
JP (1) JP6062595B2 (https=)
KR (1) KR101751627B1 (https=)
CN (1) CN105074663B (https=)
BR (1) BR112015022865B1 (https=)
WO (1) WO2014164536A1 (https=)

Families Citing this family (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9396011B2 (en) 2013-03-12 2016-07-19 Qualcomm Incorporated Algorithm and apparatus to deploy virtual machine monitor on demand
US9396012B2 (en) 2013-03-14 2016-07-19 Qualcomm Incorporated Systems and methods of using a hypervisor with guest operating systems and virtual processors
US10346148B2 (en) * 2013-08-12 2019-07-09 Amazon Technologies, Inc. Per request computer system instances
US9348634B2 (en) 2013-08-12 2016-05-24 Amazon Technologies, Inc. Fast-booting application image using variation points in application source code
US10114760B2 (en) * 2014-01-14 2018-10-30 Nvidia Corporation Method and system for implementing multi-stage translation of virtual addresses
US9646091B2 (en) * 2014-02-24 2017-05-09 Futurewei Technologies, Inc. File joining on back end device
US20150278512A1 (en) * 2014-03-28 2015-10-01 Intel Corporation Virtualization based intra-block workload isolation
JP6313242B2 (ja) * 2014-10-30 2018-04-18 東芝メモリ株式会社 メモリシステム及びプログラム
US11334478B2 (en) 2014-10-30 2022-05-17 Kioxia Corporation Memory system and nonvolatile memory medium in which program is stored to optimize operating life
US10157146B2 (en) * 2015-02-12 2018-12-18 Red Hat Israel, Ltd. Local access DMA with shared memory pool
KR102291719B1 (ko) 2015-03-18 2021-08-23 삼성전자주식회사 애플리케이션 보호 방법 및 장치
US9811345B2 (en) * 2015-04-16 2017-11-07 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Utilizing computing resources under a disabled processor node without fully enabling the disabled processor node
CN106295267B (zh) 2015-06-09 2019-04-19 阿里巴巴集团控股有限公司 一种访问电子设备的物理内存中私密数据的方法和装置
WO2017034811A1 (en) * 2015-08-21 2017-03-02 Cryptography Research, Inc. Secure computation environment
GB2546742B (en) * 2016-01-26 2019-12-11 Advanced Risc Mach Ltd Memory address translation management
US20170277903A1 (en) * 2016-03-22 2017-09-28 Qualcomm Incorporated Data Protection Using Virtual Resource Views
US10116630B2 (en) * 2016-04-04 2018-10-30 Bitdefender IPR Management Ltd. Systems and methods for decrypting network traffic in a virtualized environment
US10505962B2 (en) * 2016-08-16 2019-12-10 Nec Corporation Blackbox program privilege flow analysis with inferred program behavior context
US10157277B2 (en) 2016-10-01 2018-12-18 Intel Corporation Technologies for object-oriented memory management with extended segmentation
WO2018152688A1 (en) 2017-02-22 2018-08-30 Intel Corporation Virtualization of process address space identifiers for scalable virtualization of input/output devices
US11423140B1 (en) * 2017-03-27 2022-08-23 Melih Abdulhayoglu Auto-containment of guest user applications
US10951644B1 (en) 2017-04-07 2021-03-16 Comodo Security Solutions, Inc. Auto-containment of potentially vulnerable applications
US10646994B2 (en) 2017-04-25 2020-05-12 At&T Intellectual Property I, L.P. Robot virtualization leveraging Geo analytics and augmented reality
US10733004B2 (en) 2017-04-26 2020-08-04 At&T Intellectual Property I, L.P. Intelligent service on-demand robot virtualization
US10445009B2 (en) * 2017-06-30 2019-10-15 Intel Corporation Systems and methods of controlling memory footprint
US10628202B2 (en) 2017-09-19 2020-04-21 Microsoft Technology Licensing, Llc Hypervisor direct memory access
CN110096457B (zh) * 2018-01-31 2023-05-23 联发科技股份有限公司 硬件控制系统及硬件控制方法
CN110119637B (zh) * 2018-02-07 2023-04-14 联发科技股份有限公司 硬件控制方法与硬件控制系统
US11157635B2 (en) * 2018-04-08 2021-10-26 Qualcomm Incorporated Secure interface disablement
US10740134B2 (en) 2018-08-20 2020-08-11 Interwise Ltd. Agentless personal network firewall in virtualized datacenters
CN109547450A (zh) * 2018-11-29 2019-03-29 北京元心科技有限公司 运行安全执行域的方法、装置、电子设备及计算机介质
US11010241B2 (en) * 2019-01-09 2021-05-18 Arm Limited Translation protection in a data processing apparatus
US20210065882A1 (en) * 2019-09-03 2021-03-04 GE Precision Healthcare LLC Method and system for prompting data donation for artificial intelligence tool development
CN110851823B (zh) * 2019-11-12 2023-03-10 腾讯科技(深圳)有限公司 数据访问方法、装置、终端及存储介质
US12591444B2 (en) * 2020-12-09 2026-03-31 Mediatek Inc. Hardware virtual machine for controlling access to physical memory space
DE112020007705T5 (de) 2020-12-24 2023-09-28 Mitsubishi Electric Corporation Datenverarbeitungseinrichtung, datenverarbeitungsverfahren und datenverarbeitungsprogramm
CN112685050B (zh) * 2020-12-31 2024-12-20 北京配天技术有限公司 TensorFlow在Windows系统下的部署方法
CN115934243A (zh) * 2021-10-06 2023-04-07 联发科技股份有限公司 用于控制对物理地址空间的访问的系统及方法
CN114328295A (zh) * 2021-11-23 2022-04-12 平头哥(上海)半导体技术有限公司 存储管理装置、处理器、相关装置和相关方法
CN115145843B (zh) * 2022-07-22 2025-11-14 地平线征程(杭州)科技有限公司 数据拷贝方法、装置、计算机可读存储介质及电子设备
CN116010127B (zh) * 2023-02-24 2023-08-29 荣耀终端有限公司 消息处理方法、设备及存储介质

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1585927A (zh) * 2001-09-27 2005-02-23 英特尔公司 用于提供系统完整性和遗留环境模拟的方法
US20050076156A1 (en) * 2003-10-01 2005-04-07 Lowell David E. Runtime virtualization and devirtualization of memory by a virtual machine monitor
CN101278263A (zh) * 2005-10-08 2008-10-01 国际商业机器公司 虚拟机环境中的输入/输出设备与物理存储器之间的直接存储器访问
CN101359315A (zh) * 2007-07-31 2009-02-04 英特尔公司 将输入/输出(i/o)虚拟化操作卸载至处理器
CN102289386A (zh) * 2010-06-21 2011-12-21 英特尔公司 通过部分虚拟化机器的统一存储设备
CN102498478A (zh) * 2009-07-24 2012-06-13 超威半导体公司 在外围互连上对i/o和计算卸载设备使用两级地址转换的iommu

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7913226B2 (en) * 2003-10-01 2011-03-22 Hewlett-Packard Development Company, L.P. Interposing a virtual machine monitor and devirtualizing computer hardware at runtime
US7222062B2 (en) * 2003-12-23 2007-05-22 Intel Corporation Method and system to support a trusted set of operational environments using emulated trusted hardware
US7401230B2 (en) 2004-03-31 2008-07-15 Intel Corporation Secure virtual machine monitor to tear down a secure execution environment
US7802250B2 (en) * 2004-06-28 2010-09-21 Intel Corporation Support for transitioning to a virtual machine monitor based upon the privilege level of guest software
EP1736887A3 (fr) 2005-05-31 2009-04-22 Stmicroelectronics Sa Repertoire de pages memoire
US20070226795A1 (en) * 2006-02-09 2007-09-27 Texas Instruments Incorporated Virtual cores and hardware-supported hypervisor integrated circuits, systems, methods and processes of manufacture
GB2460393B (en) * 2008-02-29 2012-03-28 Advanced Risc Mach Ltd A data processing apparatus and method for controlling access to secure memory by virtual machines executing on processing circuitry
US8140820B2 (en) 2008-05-21 2012-03-20 Arm Limited Data processing apparatus and method for handling address translation for access requests issued by processing circuitry
GB2474666B (en) * 2009-10-21 2015-07-15 Advanced Risc Mach Ltd Hardware resource management within a data processing system
US20110179255A1 (en) 2010-01-21 2011-07-21 Arm Limited Data processing reset operations
US8589650B2 (en) 2010-05-17 2013-11-19 Texas Instruments Incorporated Dynamically configurable memory system
US8789042B2 (en) * 2010-09-27 2014-07-22 Mips Technologies, Inc. Microprocessor system for virtual machine execution
JP5655677B2 (ja) * 2011-04-04 2015-01-21 富士通株式会社 ハイパーバイザ置き換え方法および情報処理装置
US9396011B2 (en) 2013-03-12 2016-07-19 Qualcomm Incorporated Algorithm and apparatus to deploy virtual machine monitor on demand
GB2525003B (en) * 2014-04-09 2021-06-09 Advanced Risc Mach Ltd Data Processing Systems
US10019288B2 (en) * 2016-09-12 2018-07-10 Mediatek, Inc. Fast and stable mechanism for allocating contiguous memory

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1585927A (zh) * 2001-09-27 2005-02-23 英特尔公司 用于提供系统完整性和遗留环境模拟的方法
US20050076156A1 (en) * 2003-10-01 2005-04-07 Lowell David E. Runtime virtualization and devirtualization of memory by a virtual machine monitor
CN101278263A (zh) * 2005-10-08 2008-10-01 国际商业机器公司 虚拟机环境中的输入/输出设备与物理存储器之间的直接存储器访问
CN101359315A (zh) * 2007-07-31 2009-02-04 英特尔公司 将输入/输出(i/o)虚拟化操作卸载至处理器
CN102498478A (zh) * 2009-07-24 2012-06-13 超威半导体公司 在外围互连上对i/o和计算卸载设备使用两级地址转换的iommu
CN102289386A (zh) * 2010-06-21 2011-12-21 英特尔公司 通过部分虚拟化机器的统一存储设备

Also Published As

Publication number Publication date
US20140282501A1 (en) 2014-09-18
JP2016517572A (ja) 2016-06-16
CN105074663A (zh) 2015-11-18
US20160283262A1 (en) 2016-09-29
KR101751627B1 (ko) 2017-06-27
EP2972832A1 (en) 2016-01-20
JP6062595B2 (ja) 2017-01-18
BR112015022865B1 (pt) 2022-03-22
KR20150128797A (ko) 2015-11-18
BR112015022865A2 (pt) 2017-07-18
US9396011B2 (en) 2016-07-19
EP2972832B1 (en) 2021-11-03
WO2014164536A1 (en) 2014-10-09
US10310882B2 (en) 2019-06-04

Similar Documents

Publication Publication Date Title
CN105074663B (zh) 按需选择性地启用虚拟机监测器的操作的方法和装置
KR100984203B1 (ko) 가상 머신 모니터의 구성요소의 특권을 해제하는 시스템 및방법
CN104956342B (zh) 使用存储器保护单元来支持客户操作系统的虚拟化
Steinberg et al. NOVA: A microhypervisor-based secure virtualization architecture
CN104685479B (zh) 客户虚拟机内的虚拟输入/输出存储器管理单元
CN104040518B (zh) 高效存储器和资源管理
US11641272B2 (en) Seamless one-way access to protected memory using accessor key identifier
CN103383667B (zh) 存储器保护电路、处理单元和存储器保护方法
TWI722071B (zh) 虛擬機器之間的中斷
US10360386B2 (en) Hardware enforcement of providing separate operating system environments for mobile devices
WO2015032312A1 (zh) 硬件资源访问方法及装置
CN103842976A (zh) 具有保护模式以防止i/o装置进行存储器访问的输入/输出存储器管理单元
US20160188354A1 (en) Efficient enabling of extended page tables
US10963280B2 (en) Hypervisor post-write notification of control and debug register updates
KR20160108502A (ko) 가상 컴퓨팅을 위한 장치 및 방법
US12450173B2 (en) Method and apparatus to set guest physical address mapping attributes for trusted domain
CN113449292B (zh) 一种可信应用的运行方法、装置及设备
CN109947666A (zh) 可信执行环境缓存隔离方法及装置、电子设备和存储介质
Vahidi et al. VETE: Virtualizing the Trusted Execution Environment
US10127064B2 (en) Read-only VM function chaining for secure hypervisor access
US20220222340A1 (en) Security and support for trust domain operation
US20260086800A1 (en) Atomic Update Instructions with Bit Masking
US20260104873A1 (en) Hardware assisted binary translation within virtualization environments

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant