FR2875028A1 - Mecanismes pour la virtualisation de cpu - Google Patents

Mecanismes pour la virtualisation de cpu

Info

Publication number
FR2875028A1
FR2875028A1 FR0409367A FR0409367A FR2875028A1 FR 2875028 A1 FR2875028 A1 FR 2875028A1 FR 0409367 A FR0409367 A FR 0409367A FR 0409367 A FR0409367 A FR 0409367A FR 2875028 A1 FR2875028 A1 FR 2875028A1
Authority
FR
France
Prior art keywords
mode
hypervisor program
processor
privileged
computer programs
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
FR0409367A
Other languages
English (en)
Other versions
FR2875028B1 (fr
Inventor
Fabrice Devaux
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Trango Virtual Processors SRL
Original Assignee
Trango Virtual Processors SRL
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Trango Virtual Processors SRL filed Critical Trango Virtual Processors SRL
Priority to FR0409367A priority Critical patent/FR2875028B1/fr
Priority to US11/661,879 priority patent/US8490085B2/en
Priority to PCT/FR2005/002196 priority patent/WO2006027488A1/fr
Publication of FR2875028A1 publication Critical patent/FR2875028A1/fr
Application granted granted Critical
Publication of FR2875028B1 publication Critical patent/FR2875028B1/fr
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/4555Para-virtualisation, i.e. guest operating system has to be modified
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/145Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation

Abstract

La présente invention se rapporte à un procédé pour l'exécution sur un processeur en mode non privilégié de différents programmes informatiques P faisant en mode nominal usage d'instructions privilégiées, consistant à exécuter un programme hyperviseur en mode privilégié du processeur, ce programme hyperviseur fournissant auxdits programmes informatiques P des services équivalents à ceux disponibles en exécution en mode privilégié, les codes source desdits programmes informatiques P étant préalablement modifiés pour remplacer les instructions privilégiées par des appels aux services fournis par ledit programme hyperviseur,caractérisé en ce que :le programme hyperviseur crée au moins deux sous-modes de privilèges hiérarchisés au sein du mode non privilégié et en ce que le processeur dispose de deux modes d'exploitation seulement.
FR0409367A 2004-09-03 2004-09-03 Mecanismes pour la virtualisation de cpu Expired - Fee Related FR2875028B1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
FR0409367A FR2875028B1 (fr) 2004-09-03 2004-09-03 Mecanismes pour la virtualisation de cpu
US11/661,879 US8490085B2 (en) 2004-09-03 2005-09-02 Methods and systems for CPU virtualization by maintaining a plurality of virtual privilege leves in a non-privileged mode of a processor
PCT/FR2005/002196 WO2006027488A1 (fr) 2004-09-03 2005-09-02 Mécanismes pour la virtualisation de cpu

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
FR0409367A FR2875028B1 (fr) 2004-09-03 2004-09-03 Mecanismes pour la virtualisation de cpu

Publications (2)

Publication Number Publication Date
FR2875028A1 true FR2875028A1 (fr) 2006-03-10
FR2875028B1 FR2875028B1 (fr) 2006-12-08

Family

ID=34949383

Family Applications (1)

Application Number Title Priority Date Filing Date
FR0409367A Expired - Fee Related FR2875028B1 (fr) 2004-09-03 2004-09-03 Mecanismes pour la virtualisation de cpu

Country Status (3)

Country Link
US (1) US8490085B2 (fr)
FR (1) FR2875028B1 (fr)
WO (1) WO2006027488A1 (fr)

Families Citing this family (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8615643B2 (en) * 2006-12-05 2013-12-24 Microsoft Corporation Operational efficiency of virtual TLBs
US8464251B2 (en) * 2007-03-31 2013-06-11 Intel Corporation Method and apparatus for managing page tables from a non-privileged software domain
US8161477B2 (en) * 2008-02-21 2012-04-17 Oracle International Corporation Pluggable extensions to virtual machine monitors
US11287939B2 (en) 2008-10-09 2022-03-29 Aristocrat Technologies Australia Pty Limited Gaming system and gaming system processor module
US11385758B2 (en) 2008-10-09 2022-07-12 Aristocrat Technologies Australia Pty Limited Gaming system and gaming system processor module
AU2009222627B2 (en) * 2008-10-09 2011-07-21 Aristocrat Technologies Australia Pty Limited Gaming system and gaming system processor module
US9104618B2 (en) * 2008-12-18 2015-08-11 Sandisk Technologies Inc. Managing access to an address range in a storage device
US8429648B2 (en) * 2009-05-28 2013-04-23 Red Hat, Inc. Method and apparatus to service a software generated trap received by a virtual machine monitor
US8813069B2 (en) * 2009-05-29 2014-08-19 Red Hat, Inc. Migration of functionalities across systems
JP5494208B2 (ja) * 2010-05-12 2014-05-14 富士ゼロックス株式会社 画像形成装置及びその制御プログラム
KR101666032B1 (ko) * 2012-05-31 2016-10-14 한국전자통신연구원 로드 가능한 모듈에 대한 가상화 지원 방법 및 장치
FR2997811B1 (fr) 2012-11-05 2015-01-02 Viaccess Sa Dispositif de traitement de contenus multimedia mettant en oeuvre une pluralite de machines virtuelles.
US9430642B2 (en) * 2013-09-17 2016-08-30 Microsoft Technology Licensing, Llc Providing virtual secure mode with different virtual trust levels each having separate memory access protections, interrupt subsystems and private processor states
US9928094B2 (en) * 2014-11-25 2018-03-27 Microsoft Technology Licensing, Llc Hardware accelerated virtual context switching
US10176110B2 (en) 2016-07-18 2019-01-08 International Business Machines Corporation Marking storage keys to indicate memory used to back address translation structures
US10176111B2 (en) 2016-07-18 2019-01-08 International Business Machines Corporation Host page management using active guest page table indicators
US10169243B2 (en) 2016-07-18 2019-01-01 International Business Machines Corporation Reducing over-purging of structures associated with address translation
US10223281B2 (en) 2016-07-18 2019-03-05 International Business Machines Corporation Increasing the scope of local purges of structures associated with address translation
US10162764B2 (en) 2016-07-18 2018-12-25 International Business Machines Corporation Marking page table/page status table entries to indicate memory used to back address translation structures
US10241924B2 (en) 2016-07-18 2019-03-26 International Business Machines Corporation Reducing over-purging of structures associated with address translation using an array of tags
US10176006B2 (en) 2016-07-18 2019-01-08 International Business Machines Corporation Delaying purging of structures associated with address translation
US10802986B2 (en) 2016-07-18 2020-10-13 International Business Machines Corporation Marking to indicate memory used to back address translation structures
US10180909B2 (en) 2016-07-18 2019-01-15 International Business Machines Corporation Host-based resetting of active use of guest page table indicators
US10168902B2 (en) 2016-07-18 2019-01-01 International Business Machines Corporation Reducing purging of structures associated with address translation
US10282305B2 (en) 2016-07-18 2019-05-07 International Business Machines Corporation Selective purging of entries of structures associated with address translation in a virtualized environment
US10248573B2 (en) 2016-07-18 2019-04-02 International Business Machines Corporation Managing memory used to back address translation structures
US10768962B2 (en) * 2016-12-19 2020-09-08 Vmware, Inc. Emulating mode-based execute control for memory pages in virtualized computing systems
US10613897B1 (en) * 2016-12-21 2020-04-07 Ca, Inc. Systems and methods for creating program-specific execution environments
US10375019B2 (en) 2017-10-06 2019-08-06 Stealthpath, Inc. Methods for internet communication security
US10397186B2 (en) 2017-10-06 2019-08-27 Stealthpath, Inc. Methods for internet communication security
US10374803B2 (en) 2017-10-06 2019-08-06 Stealthpath, Inc. Methods for internet communication security
US10367811B2 (en) 2017-10-06 2019-07-30 Stealthpath, Inc. Methods for internet communication security
US10630642B2 (en) 2017-10-06 2020-04-21 Stealthpath, Inc. Methods for internet communication security
US10361859B2 (en) 2017-10-06 2019-07-23 Stealthpath, Inc. Methods for internet communication security
US10635831B1 (en) * 2018-01-06 2020-04-28 Ralph Crittenden Moore Method to achieve better security using a memory protection unit
US11558423B2 (en) 2019-09-27 2023-01-17 Stealthpath, Inc. Methods for zero trust security with high quality of service

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6651132B1 (en) * 2000-07-17 2003-11-18 Microsoft Corporation System and method for emulating the operation of a translation look-aside buffer
US6748592B1 (en) * 2000-02-14 2004-06-08 Xoucin, Inc. Method and apparatus for protectively operating a data/information processing device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7278030B1 (en) * 2003-03-03 2007-10-02 Vmware, Inc. Virtualization system for computers having multiple protection mechanisms
US20050044301A1 (en) * 2003-08-20 2005-02-24 Vasilevsky Alexander David Method and apparatus for providing virtual computing services
US20060047959A1 (en) * 2004-08-25 2006-03-02 Microsoft Corporation System and method for secure computing

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6748592B1 (en) * 2000-02-14 2004-06-08 Xoucin, Inc. Method and apparatus for protectively operating a data/information processing device
US6651132B1 (en) * 2000-07-17 2003-11-18 Microsoft Corporation System and method for emulating the operation of a translation look-aside buffer

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
HALL J S ET AL: "VIRTUALIZING THE VAX ARCHITECTURE", COMPUTER ARCHITECTURE NEWS, ASSOCIATION FOR COMPUTING MACHINERY, NEW YORK, US, vol. 19, no. 3, 1 May 1991 (1991-05-01), pages 380 - 389, XP000229203, ISSN: 0163-5964 *
S T KING, G W DUNLAP, P M CHEN: "Operating System Support for Virtual Machines", PROCEEDINGS OF THE 2003 USENIX ANNUAL TECHICAL CONFERENCE, 4 June 2003 (2003-06-04), pages 71 - 84, XP002332821 *
SHANG RONG TSAI ET AL: "ON THE ARCHITECTURAL SUPPORT FOR LOGICAL MACHINE SYSTEMS", MICROPROCESSING AND MICROPROGRAMMING, ELSEVIER SCIENCE PUBLISHERS, BV., AMSTERDAM, NL, vol. 22, no. 2, 1 February 1988 (1988-02-01), pages 81 - 96, XP000284881, ISSN: 0165-6074 *

Also Published As

Publication number Publication date
WO2006027488A1 (fr) 2006-03-16
US8490085B2 (en) 2013-07-16
FR2875028B1 (fr) 2006-12-08
US20070300219A1 (en) 2007-12-27

Similar Documents

Publication Publication Date Title
FR2875028A1 (fr) Mecanismes pour la virtualisation de cpu
BRPI0501171A (pt) Método e sistema para reforçar a polìtica de segurança via um mecanismo virtual de segurança
NO20081563L (no) Tjenestevinduer for programeksekvering
WO2009158220A3 (fr) Programmation d'opérations en mode protégé
WO2005045612A3 (fr) Systeme permettant de creer des transitions entre des modes operatoires d'un dispositif
GB2393297B (en) A multithreaded processor capable of implicit multithreaded execution of a single-thread program
WO2006120684A3 (fr) Systeme et procede permettant de commander et de controler l'usage d'un programme informatique
UA87843C2 (ru) Применение пептидных соединений для лечения расстройств функционирования мотонейронов или/и периферических невропатий
WO2006039201A3 (fr) Pipeline de processeur de flux continu
WO2007104956A3 (fr) Instrumentation pour profilage de performances en temps reel
BRPI0606973A2 (pt) execução de instrução condicional via instrução mensageira para avaliação de condição
TW200703004A (en) Cross-platform driver-free driving method of peripheral device
WO2005043335A3 (fr) Systeme d'appel de fonction privilegiee dans un dispositif.
WO2005048010A3 (fr) Procede et systeme permettant de reduire au minimum les surcharges de commutation et d'utilisation de la memoire dans un systeme de traitement multifiliere utilisant des filieres flottantes
Panneerselvam et al. Rinnegan: Efficient resource use in heterogeneous architectures
Schneider Cache and pipeline sensitive fixed priority scheduling for preemptive real-time systems
ATE475137T1 (de) Asynchrone just-in-time-compilierung
Baev et al. Profile-based indirect call promotion
Chen et al. Static analysis of OpenMP directive nesting types and its application.
WO2008005152A3 (fr) Procédé et appareil de génération de fichier exécutable à partir d'un cas d'utilisation
DE602004020507D1 (de) Steuersystem für einen industrieroboter
Hu et al. Research on real-time method of embedded Linux
Haber et al. Chaperone-Runtime System for Instrumenting Applications via Partial Binary Translation
Lee et al. Pair Register Allocation Algorithm for 16-bit Instruction Set Architecture (ISA) Processor
Trinitis Is GPU enthusiasm vanishing?

Legal Events

Date Code Title Description
CD Change of name or company name
ST Notification of lapse

Effective date: 20100531