JP6518015B2 - 仮想アドレス空間レガシーエミュレーションシステムにおける保護キー管理およびプレフィックス変換 - Google Patents
仮想アドレス空間レガシーエミュレーションシステムにおける保護キー管理およびプレフィックス変換 Download PDFInfo
- Publication number
- JP6518015B2 JP6518015B2 JP2018532157A JP2018532157A JP6518015B2 JP 6518015 B2 JP6518015 B2 JP 6518015B2 JP 2018532157 A JP2018532157 A JP 2018532157A JP 2018532157 A JP2018532157 A JP 2018532157A JP 6518015 B2 JP6518015 B2 JP 6518015B2
- Authority
- JP
- Japan
- Prior art keywords
- memory
- task
- page
- access
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1466—Key-lock mechanism
- G06F12/1475—Key-lock mechanism in a virtual system, e.g. with translation means
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/145—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1466—Key-lock mechanism
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2212/00—Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
- G06F2212/10—Providing a specific technical effect
- G06F2212/1052—Security improvement
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
- Complex Calculations (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/IB2015/059646 WO2017103651A1 (en) | 2015-12-15 | 2015-12-15 | Protection key management and prefixing in virtual address space legacy emulation system |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2019079548A Division JP6708860B2 (ja) | 2019-04-18 | 2019-04-18 | 仮想アドレス空間レガシーエミュレーションシステムにおける保護キー管理およびプレフィックス変換 |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| JP2018538630A JP2018538630A (ja) | 2018-12-27 |
| JP2018538630A5 JP2018538630A5 (enExample) | 2019-02-14 |
| JP6518015B2 true JP6518015B2 (ja) | 2019-05-22 |
Family
ID=55069923
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2018532157A Active JP6518015B2 (ja) | 2015-12-15 | 2015-12-15 | 仮想アドレス空間レガシーエミュレーションシステムにおける保護キー管理およびプレフィックス変換 |
Country Status (9)
| Country | Link |
|---|---|
| US (4) | US9779034B2 (enExample) |
| EP (2) | EP3204861B1 (enExample) |
| JP (1) | JP6518015B2 (enExample) |
| AU (1) | AU2015417223B2 (enExample) |
| CA (1) | CA3005949C (enExample) |
| PL (2) | PL3584708T3 (enExample) |
| PT (2) | PT3204861T (enExample) |
| SG (1) | SG11201804301UA (enExample) |
| WO (1) | WO2017103651A1 (enExample) |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10339333B2 (en) * | 2016-07-20 | 2019-07-02 | Montage Technology Co., Ltd. | Method and apparatus for controlling application to access memory |
| US10303621B1 (en) * | 2017-03-07 | 2019-05-28 | Amazon Technologies, Inc. | Data protection through address modification |
| US10261913B2 (en) * | 2017-04-20 | 2019-04-16 | Alibaba Group Holding Limited | Persistent memory for key-value storage |
| US10324659B2 (en) * | 2017-05-24 | 2019-06-18 | International Business Machines Corporation | Detection of over-access of memory shared among multiple processes |
| GB2570326B (en) * | 2018-01-22 | 2020-06-10 | Advanced Risc Mach Ltd | Multiple guard tag setting instruction |
| US11762566B2 (en) | 2018-01-22 | 2023-09-19 | Arm Limited | Programmable mapping of guard tag storage locations |
| US10795679B2 (en) | 2018-06-07 | 2020-10-06 | Red Hat, Inc. | Memory access instructions that include permission values for additional protection |
| CN109144894B (zh) * | 2018-08-01 | 2023-04-07 | 浙江大学 | 基于数据冗余的内存访问模式保护方法 |
| CA3118057A1 (en) | 2018-11-02 | 2020-05-07 | Lzlabs Gmbh | Selective substitution of legacy load module programs with classes for execution in a java virtual machine |
| US10705983B1 (en) | 2019-03-01 | 2020-07-07 | International Business Machines Corporation | Transparent conversion of common virtual storage |
| FR3100901B1 (fr) * | 2019-09-12 | 2021-08-27 | Stmicroelectronics Grand Ouest Sas | Système de protection de la mémoire |
| US20240231864A9 (en) | 2021-02-26 | 2024-07-11 | Lzlabs Gmbh | Hybrid just in time load module compiler with performance optimizations |
| KR102494791B1 (ko) | 2021-11-08 | 2023-02-06 | 숭실대학교산학협력단 | 컨테이너 환경에서 알려지지 않은 바이너리 검사 및 차단 방법 및 장치 |
| CN115238297B (zh) * | 2022-09-23 | 2023-01-31 | 北京安帝科技有限公司 | 多层级权限控制内存保护方法和装置 |
| CN118484402B (zh) * | 2024-07-15 | 2024-10-01 | 龙芯中科(北京)信息技术有限公司 | 系统测试方法、装置、电子设备及可读介质 |
Family Cites Families (35)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH0658646B2 (ja) * | 1982-12-30 | 1994-08-03 | インタ−ナショナル・ビジネス・マシ−ンズ・コ−ポレ−ション | デ−タ持続性が制御される仮想記憶アドレス変換機構 |
| US4792895A (en) * | 1984-07-30 | 1988-12-20 | International Business Machines Corp. | Instruction processing in higher level virtual machines by a real machine |
| US4945480A (en) * | 1988-02-10 | 1990-07-31 | International Business Machines Corporation | Data domain switching on program address space switching and return |
| US5283868A (en) * | 1989-05-17 | 1994-02-01 | International Business Machines Corp. | Providing additional system characteristics to a data processing system through operations of an application program, transparently to the operating system |
| US5075842A (en) * | 1989-12-22 | 1991-12-24 | Intel Corporation | Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism |
| US5075845A (en) * | 1989-12-22 | 1991-12-24 | Intel Corporation | Type management and control in an object oriented memory protection mechanism |
| US5560013A (en) * | 1994-12-06 | 1996-09-24 | International Business Machines Corporation | Method of using a target processor to execute programs of a source architecture that uses multiple address spaces |
| US5577231A (en) * | 1994-12-06 | 1996-11-19 | International Business Machines Corporation | Storage access authorization controls in a computer system using dynamic translation of large addresses |
| US5745676A (en) * | 1995-12-04 | 1998-04-28 | International Business Machines Corporation | Authority reduction and restoration method providing system integrity for subspace groups and single address spaces during program linkage |
| US5761734A (en) * | 1996-08-13 | 1998-06-02 | International Business Machines Corporation | Token-based serialisation of instructions in a multiprocessor system |
| US7543290B2 (en) * | 2001-04-11 | 2009-06-02 | Mellanox Technologies Ltd. | Multiple queue pair access with single doorbell |
| US6745307B2 (en) * | 2001-10-31 | 2004-06-01 | Hewlett-Packard Development Company, L.P. | Method and system for privilege-level-access to memory within a computer |
| US7278030B1 (en) * | 2003-03-03 | 2007-10-02 | Vmware, Inc. | Virtualization system for computers having multiple protection mechanisms |
| US7509644B2 (en) * | 2003-03-04 | 2009-03-24 | Secure 64 Software Corp. | Operating system capable of supporting a customized execution environment |
| US7111145B1 (en) * | 2003-03-25 | 2006-09-19 | Vmware, Inc. | TLB miss fault handler and method for accessing multiple page tables |
| US7409487B1 (en) * | 2003-06-30 | 2008-08-05 | Vmware, Inc. | Virtualization system for computers that use address space indentifiers |
| US7421689B2 (en) * | 2003-10-28 | 2008-09-02 | Hewlett-Packard Development Company, L.P. | Processor-architecture for facilitating a virtual machine monitor |
| US20060036830A1 (en) * | 2004-07-31 | 2006-02-16 | Dinechin Christophe De | Method for monitoring access to virtual memory pages |
| US7213125B2 (en) * | 2004-07-31 | 2007-05-01 | Hewlett-Packard Development Company, L.P. | Method for patching virtually aliased pages by a virtual-machine monitor |
| US7996833B2 (en) * | 2004-07-31 | 2011-08-09 | Hewlett-Packard Development Company, L.P. | Method and system for replacing instructions and instruction blocks in computer code |
| US8091090B2 (en) * | 2004-07-31 | 2012-01-03 | Hewlett-Packard Development Company, L.P. | Method for providing scratch registers for use by a virtual-machine monitor |
| US7330942B2 (en) * | 2004-07-31 | 2008-02-12 | Hewlett-Packard Development Company, L.P. | Method for efficient virtualization of physical memory in a virtual-machine monitor |
| US7200734B2 (en) * | 2004-07-31 | 2007-04-03 | Hewlett-Packard Development Company, L.P. | Operating-system-transparent distributed memory |
| US8219988B2 (en) * | 2007-08-02 | 2012-07-10 | International Business Machines Corporation | Partition adjunct for data processing system |
| US8645974B2 (en) * | 2007-08-02 | 2014-02-04 | International Business Machines Corporation | Multiple partition adjunct instances interfacing multiple logical partitions to a self-virtualizing input/output device |
| US8010763B2 (en) * | 2007-08-02 | 2011-08-30 | International Business Machines Corporation | Hypervisor-enforced isolation of entities within a single logical partition's virtual address space |
| US8086811B2 (en) * | 2008-02-25 | 2011-12-27 | International Business Machines Corporation | Optimizations of a perform frame management function issued by pageable guests |
| US8176280B2 (en) * | 2008-02-25 | 2012-05-08 | International Business Machines Corporation | Use of test protection instruction in computing environments that support pageable guests |
| FR2968792B1 (fr) * | 2010-12-13 | 2013-01-11 | Bull Sas | Procede, programme d'ordinateur et dispositif de gestion d'acces memoire dans une architecture multiprocesseurs de type numa |
| US8914458B2 (en) * | 2012-09-27 | 2014-12-16 | Mellanox Technologies Ltd. | Look-ahead handling of page faults in I/O operations |
| US9052990B2 (en) * | 2012-11-20 | 2015-06-09 | International Business Machines Corporation | Techniques for managing pinned memory |
| US9104469B2 (en) * | 2013-06-11 | 2015-08-11 | Vmware, Inc. | Suspend-resume of virtual machines using de-duplication |
| US9734083B2 (en) * | 2014-03-31 | 2017-08-15 | International Business Machines Corporation | Separate memory address translations for instruction fetches and data accesses |
| US10489309B2 (en) * | 2014-10-21 | 2019-11-26 | Intel Corporation | Memory protection key architecture with independent user and supervisor domains |
| US9619270B2 (en) * | 2015-06-27 | 2017-04-11 | Vmware, Inc. | Remote-direct-memory-access-based virtual machine live migration |
-
2015
- 2015-12-15 PL PL19180770.0T patent/PL3584708T3/pl unknown
- 2015-12-15 EP EP15820283.8A patent/EP3204861B1/en active Active
- 2015-12-15 PL PL15820283T patent/PL3204861T3/pl unknown
- 2015-12-15 EP EP19180770.0A patent/EP3584708B1/en active Active
- 2015-12-15 AU AU2015417223A patent/AU2015417223B2/en active Active
- 2015-12-15 PT PT15820283T patent/PT3204861T/pt unknown
- 2015-12-15 SG SG11201804301UA patent/SG11201804301UA/en unknown
- 2015-12-15 CA CA3005949A patent/CA3005949C/en active Active
- 2015-12-15 PT PT191807700T patent/PT3584708T/pt unknown
- 2015-12-15 JP JP2018532157A patent/JP6518015B2/ja active Active
- 2015-12-15 WO PCT/IB2015/059646 patent/WO2017103651A1/en not_active Ceased
-
2016
- 2016-05-23 US US15/162,288 patent/US9779034B2/en active Active
-
2017
- 2017-08-31 US US15/691,874 patent/US9971707B2/en active Active
-
2018
- 2018-04-10 US US15/949,312 patent/US10552346B2/en active Active
-
2020
- 2020-01-14 US US16/741,905 patent/US11210239B2/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CA3005949C (en) | 2022-08-02 |
| WO2017103651A1 (en) | 2017-06-22 |
| EP3204861A1 (en) | 2017-08-16 |
| JP2018538630A (ja) | 2018-12-27 |
| PT3204861T (pt) | 2019-09-19 |
| US20200151115A1 (en) | 2020-05-14 |
| PL3584708T3 (pl) | 2022-09-26 |
| PL3204861T3 (pl) | 2019-12-31 |
| US10552346B2 (en) | 2020-02-04 |
| EP3584708B1 (en) | 2022-05-11 |
| US20180232319A1 (en) | 2018-08-16 |
| SG11201804301UA (en) | 2018-06-28 |
| US20170168963A1 (en) | 2017-06-15 |
| US9779034B2 (en) | 2017-10-03 |
| US20170364455A1 (en) | 2017-12-21 |
| US9971707B2 (en) | 2018-05-15 |
| US11210239B2 (en) | 2021-12-28 |
| AU2015417223B2 (en) | 2021-08-12 |
| AU2015417223A1 (en) | 2018-06-14 |
| PT3584708T (pt) | 2022-07-27 |
| CA3005949A1 (en) | 2017-06-22 |
| EP3204861B1 (en) | 2019-06-19 |
| EP3584708A1 (en) | 2019-12-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6518015B2 (ja) | 仮想アドレス空間レガシーエミュレーションシステムにおける保護キー管理およびプレフィックス変換 | |
| US10241819B2 (en) | Isolating data within a computer system using private shadow mappings | |
| US8578483B2 (en) | Systems and methods for preventing unauthorized modification of an operating system | |
| US5577231A (en) | Storage access authorization controls in a computer system using dynamic translation of large addresses | |
| US9009727B2 (en) | Virtualization with in-place translation | |
| CN109359487B (zh) | 一种基于硬件隔离的可扩展安全影子存储及标签管理方法 | |
| US20080077767A1 (en) | Method and apparatus for secure page swapping in virtual memory systems | |
| JP7444853B2 (ja) | メモリ・アクセスを制御するための装置及び方法 | |
| US20020046305A1 (en) | Method for effective binary translation between different instruction sets using emulated supervisor flag and multiple page tables | |
| JP2021512400A (ja) | メモリ・アクセスにおける保護タグ・チェックの制御 | |
| US7506096B1 (en) | Memory segment emulation model for virtual machine | |
| JP2024517627A (ja) | ケイパビリティを使用してメモリへのアクセスを制約するための技法 | |
| JP2021512405A (ja) | メモリ・アクセスにおける保護タグ・チェックの制御 | |
| JP6708860B2 (ja) | 仮想アドレス空間レガシーエミュレーションシステムにおける保護キー管理およびプレフィックス変換 | |
| CN116107919B (zh) | 一种针对跨架构的多地址空间虚拟化内存域隔离方法 | |
| CN120917436A (zh) | 内存权限管理 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20181217 |
|
| A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20181217 |
|
| A871 | Explanation of circumstances concerning accelerated examination |
Free format text: JAPANESE INTERMEDIATE CODE: A871 Effective date: 20181217 |
|
| A975 | Report on accelerated examination |
Free format text: JAPANESE INTERMEDIATE CODE: A971005 Effective date: 20190110 |
|
| TRDD | Decision of grant or rejection written | ||
| A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20190319 |
|
| A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20190418 |
|
| R150 | Certificate of patent or registration of utility model |
Ref document number: 6518015 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
| R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
| R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
| R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |