US20030229794A1 - System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container - Google Patents

System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container Download PDF

Info

Publication number
US20030229794A1
US20030229794A1 US10/165,597 US16559702A US2003229794A1 US 20030229794 A1 US20030229794 A1 US 20030229794A1 US 16559702 A US16559702 A US 16559702A US 2003229794 A1 US2003229794 A1 US 2003229794A1
Authority
US
United States
Prior art keywords
code
mode
processor
handler
memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/165,597
Inventor
James Sutton
David Grawrock
Richard Uhlig
David Poisner
Andrew Glew
Clifford Hall
Lawrence Smith
Gilbert Neiger
Michael Kozuch
Robert George
Bradley Burgess
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tahoe Research Ltd
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US10/165,597 priority Critical patent/US20030229794A1/en
Application filed by Individual filed Critical Individual
Assigned to INTEL CORPORATION reassignment INTEL CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: GLEW, ANDY
Assigned to INTEL CORPORATION reassignment INTEL CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BURGESS, BRADLEY G., GEORGE, ROBERT T., KOZUCH, MICHAEL A., NEIGER, GILBERT, SMITH, LAWRENCE O. III, HALL, CLIFFORD D., POISNER, DAVID I., UHLIG, RICHARD A., GRAWROCK, DAVID W., SUTTON, JAMES A. II
Priority to RU2004139086/09A priority patent/RU2313126C2/en
Priority to AU2003231237A priority patent/AU2003231237A1/en
Priority to CNB038188236A priority patent/CN100377092C/en
Priority to PCT/US2003/013616 priority patent/WO2003104981A2/en
Priority to JP2004511985A priority patent/JP4708016B2/en
Priority to EP03724373A priority patent/EP1512074A2/en
Priority to MYPI20032123A priority patent/MY146723A/en
Publication of US20030229794A1 publication Critical patent/US20030229794A1/en
Priority to US11/095,855 priority patent/US7581219B2/en
Priority to JP2007150997A priority patent/JP4846660B2/en
Priority to JP2011178882A priority patent/JP5242747B2/en
Assigned to TAHOE RESEARCH, LTD. reassignment TAHOE RESEARCH, LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: INTEL CORPORATION
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect

Definitions

  • the present disclosure relates generally to microprocessor systems, and more specifically to microprocessor systems that may operate in a trusted or secured environment.
  • Processors may operate in several processor operating modes depending upon the immediate requirements of system operation.
  • processors may have a supervisor mode, a user mode, and sometimes other special-purpose modes.
  • Supervisor mode may support the execution of the operating system, and may enable the execution of most instructions, including privileged instructions. Access may be given in supervisor mode to a different address space and peripheral devices.
  • User mode may be restricted to non-privileged instructions when compared with supervisor mode, so that user code may not disrupt system functionality.
  • processors may be designed to support an operating mode having the ability to operate in operating system transparent or quasi-transparent manner, or in a privilege-level independent manner, for the purpose of executing low-level patches.
  • a mode may be defined as a “sub operating system mode”.
  • One such mode is the system management mode (SMM) of the Intel® Pentium® processor family and compatible processors. (See Chapter 14 of the Pentium® 4 Processor Software Developer's Manual, Vol.
  • sub operating system modes may exist in a MIPS Technologies® MIPS32TM or MIPS64TM architecture processor, in an IBM® PowerPCTM architecture processor, in a SPARC International® SPARC® architecture processor, or in many other processors.
  • the existence of a sub operating system mode may have additional system benefits, such as supporting transitions into a power-down mode.
  • existing sub operating system mode implementations may have no privilege restrictions or address mapping restrictions.
  • Sub operating system modes may be invoked by a dedicated sub operating system mode interrupt, sometimes generated by system firmware or system hardware. This dedicated sub operating system mode interrupt is usually designed to be non-maskable in order to respond to the exigencies that required the entry into the mode.
  • a sub operating system mode may generally have the following major mechanisms.
  • the only way to enter the mode is by means of a special sub operating system mode interrupt.
  • the dedicated sub operating system mode interrupt is called a system management interrupt (SMI).
  • SMM system management interrupt
  • the processor may execute the mode's code in a separate address space.
  • SMRAM system management random-access memory
  • the processor saves the context of the interrupted program or task within the separate address space. For example, in SMM the context is saved into SMRAM.
  • normal interrupts may be disabled.
  • the mode may be exited by means of a resume instruction that may only be executed while executing within the mode.
  • FIG. 1 is a memory mapping of system management mode code in system management RAM in an existing implementation.
  • FIG. 2 is a diagram of an exemplary software environment having trusted and untrusted areas, according to one embodiment.
  • FIG. 3 is a schematic diagram of an exemplary microprocessor system adapted to support the software environment of FIG. 2, according to one embodiment of the present invention.
  • FIG. 4 is a diagram showing a system management code operating in a virtual machine container, according to one embodiment of the present invention.
  • FIG. 5 is diagram showing system management interrupt redirection, according to one embodiment of the present invention.
  • FIG. 6 is a schematic diagram of an exemplary microprocessor system adapted to support the software environment of FIG. 2, according to another embodiment of the present invention.
  • FIG. 7 is diagram showing system management interrupt redirection, according to another embodiment of the present invention.
  • the sub operating system mode interrupt may be first directed to a handler in a trusted code that controls virtual machine access to system resources. This direction to the handler may be accomplished by allowing the trusted code to read and write to the interrupt service register in the processor containing the location of the code required to service such a sub operating system mode interrupt.
  • An interrupt service register may generally be defined as a register that is used to determine that code that should be executed on receipt of an interrupt.
  • the sub operating system mode interrupt will then be re-directed to sub operating system mode code, located in another virtual machine that is under the security control of the above trusted code, for interrupt servicing.
  • a microprocessor's virtualization architecture may be such that, when trusted code has been established, the sub operating system mode interrupt will no longer use the normal interrupt service register but will instead cause a transition to the trusted code consistent with the virtualization architecture.
  • the SMM code execution within a secure or trusted environment may begin by having the system management interrupt (SMI) first be directed to a handler in a secured virtual machine monitor (SVMM). This direction to the handler may be accomplished by allowing the SVMM to read and write a system management base (SMBASE) register in the processor (PSMBASE). The SMI will then be re-directed to SMM code located in a virtual machine (VM) that is under the security control of the SVMM.
  • the processor's virtualization architecture may disable use of the PSMBASE register and cause redirection of all SMIs to the SVMM directly.
  • the SMM code may be granted access to all system resources except the protected pages in memory, and the associated system controls that maintain this protection.
  • the SMIs may be directed to a handler within SVMM first.
  • This handler may establish a suitable virtual machine (VM) container for the SMM code, and re-direct the SMI to that code.
  • VM virtual machine
  • the SMM code may be prevented from accessing various system resources, such as memory, that the SVMM has deemed protected.
  • the SMM code may now be written to conform to VM requirements.
  • One such conforming change may be that the SMM code be written in either flat protected mode or in some other page memory access mode.
  • SMM system management mode
  • SMBASE system management base
  • the chipset SMBASE register's content CSMBASE may define the boundaries of SMRAM.
  • the SMRAM may occupy the space between CSMBASE 120 and CSMBASE+FFFF hex 132 .
  • each processor in order to support two or more processors executing SMM code at the same time, each processor may have its own dedicated SMRAM space.
  • the processors' SMBASE register content PSMBASE may define code-entry points and state save locations within SMRAM. For example, within SMRAM a standard code-entry point may be located at CSMBASE+8000 hex 124 .
  • the value of CSMBASE may be written at system initialization to each processor's SMBASE register, thereby allowing each processor to go to the SMM code-entry point upon receipt of an SMI.
  • the processor Prior to entry into SMM code, the processor may in one embodiment store state data in a state save area between an address PSMBASE+FE00 hex 128 and the end of SMRAM at location SMBASE+FFFF hex 132 .
  • each processor's SMBASE register may contain a different value of PSMBASE, permitting differing code-entry points and locations for storing state data.
  • the state data may include the values of control registers, flags, an auto halt restart field, an input/output (I/O) instruction restart field, and an SMM revision identifier. Some of the locations within SMRAM may be modified by an SMI handler.
  • SMM resume
  • This existing RSM instruction may only be issued within SMM, and it restores the state values previously stored within SMRAM. The use of this existing SMM design is well-known in the art.
  • trusted and untrusted software may be loaded simultaneously and may execute simultaneously on a single computer system.
  • a SVMM 250 selectively permits or prevents direct access to hardware resources 280 from untrusted operating system 240 (or, if multiple untrusted virtual machines are implemented, multiple operating systems) and untrusted applications 210 through 230 .
  • untrusted does not necessarily mean that the operating system or applications are deliberately misbehaving, but that the size and variety of interacting code makes it impractical to reliably assert that the software is behaving as desired, and that there are no viruses or other foreign code interfering with its execution.
  • the untrusted code might consist of the normal operating system and applications found on today's personal computers.
  • SVMM 250 also selectively permits or prevents direct access to hardware resources 280 from one or more trusted or secure kernels 260 and one or more trusted applications 270 .
  • a trusted or secure kernel 260 and trusted applications 270 may be limited in size and functionality to aid in the ability to perform trust analysis upon it.
  • the trusted application 270 may be any software code, program, routine, or set of routines which is executable in a secure environment.
  • the trusted application 270 may be a variety of applications, or code sequences, or may be a relatively small application such as a Java applet.
  • Instructions or operations normally performed by operating system 240 or kernel 260 that could alter system resource protections or privileges may be trapped by SVMM 250 , and selectively permitted, partially permitted, or rejected.
  • instructions that change the processor's page table that would normally be performed by operating system 240 or kernel 260 would instead be trapped by SVMM 250 , which would ensure that the request was not attempting to change page privileges outside the domain of its virtual machine.
  • One way of viewing this system is that operating system 240 , kernel 260 , and SVMM 250 are all virtual machines, with operating system 240 virtual machine and kernel 260 virtual machine executing within the SVMM 250 virtual machine.
  • a hierarchy of virtual machines is created.
  • a virtual machine may be defined as any multi-user shared-resource operating system that gives each user the appearance of having sole control of all the resources of the system, or virtual machine may also be defined as an operating system that is in turn managed by an underlying control program.
  • CPU A 310 , CPU B 314 , CPU C 318 , and CPU D 322 may be configured with additional microcode or logic circuitry to support the execution of special instructions.
  • the processors may be Intel® Pentium® class microprocessors with certain special modifications in accordance with an embodiment of the present invention. These special instructions may support the issuance of special bus messages on system bus 320 that may enable the proper synchronization of SVMM 250 operation in the processors.
  • chipset 330 may support the above-mentioned special cycles on system bus 320 .
  • the number of physical processors may vary upon the implementation of a particular embodiment.
  • the four processors CPU A 310 , CPU B 314 , CPU C 318 , and CPU D 322 are shown as four separate hardware entities.
  • the number of processors may differ. Indeed, the processors may be replaced by separate threads, each running on one of the physical processors. In the latter case these threads possess many of the attributes of additional physical processors.
  • the expression “logical processor” may be used to describe either a physical processor or a thread operating in one of the physical processors. Thus, one single-threaded processor may be considered a logical processor, and multi-threaded or multi-core processors may be considered multiple logical processors.
  • Modifications to processors may include, in one embodiment, changes to the behavior of registers and new or modified instructions.
  • CPU C 318 may include a new instruction secure enter (SENTER) 324 .
  • the SENTER 324 instruction upon execution, may enable the initiation of secure or trusted operations as shown in FIG. 2 above.
  • SENTER 324 may enable multiple logical processors to synchronize their entry into secure or trusted operations.
  • SENTER 324 may also permit writing to the PSMBASE register 316 of CPU C 318 in certain circumstances to support secure or trusted SMM operations.
  • CPU C 318 may also include a modified resume (RSM) 326 instruction.
  • the modified RSM 326 may permit a return from SMM that supports secure or trusted operations. Ordinarily RSM instructions may only be executed from within SMM.
  • the modified RSM 326 may be executed from within normal page mode.
  • the modified RSM 326 instruction may perform a special system call, called a VMexit, back to an SVMM handler for SMI.
  • the chipset 330 may service read and write requests carried from the CPUs on the system bus 320 , and may then perform the physical read and write operations on physical memory 334 . Allocation of SMRAM within memory 334 may be facilitated by a chipset SMBASE register 331 containing the value of CSMBASE.
  • the chipset 330 additionally may connect to specialized input/output (I/O) channels, such as an advanced graphics port (AGP) 336 .
  • Chipset 330 may control access to pages of memory within physical memory 334 from processors CPU A 310 , CPU B 314 , CPU C 318 and CPU D 322 , and additionally from I/O devices. Such devices may include mass storage devices such as fixed media 344 or removable media 348 .
  • the fixed media 344 or removable media 348 may be magnetic disks, magnetic tape, magnetic diskettes, magneto-optical drives, CD-ROM, DVD-ROM, Flash memory cards, or many other forms of mass storage.
  • Fixed media 344 or removable media 348 may be connected to chipset 330 via peripheral component interconnect (PCI) bus 346 , or, alternately, via a universal serial bus (USB) 342 , an integrated controller electronics (IDE) bus (not shown), or a small computer systems interconnect (SCSI) bus (not shown).
  • PCI peripheral component interconnect
  • USB universal serial bus
  • IDE integrated controller electronics
  • SCSI small computer systems interconnect
  • the SVMM 364 may permit or deny the access of a VM to specific pages within memory 334 .
  • the pages of memory that the VM are denied access to may be called “locked” pages, whereas the pages that the VM are permitted access to may be called “unlocked” pages.
  • Within locked memory pages 360 may be located SVMM 364 and modules within SVMM 364 to support secure SMM operation.
  • such modules may include an SVMM SMM handler 366 and a virtual machine exit (VMexit)/virtual machine call (VMcall) handler 368 .
  • the functions of the SVMM SMM handler 366 and the VMexit/VMcall handler 368 may be combined or may be distributed among other modules.
  • SMM VM 370 may include software code similar to standard SMM code but modified to operate in a virtual machine container. Such modifications in SMM VM 370 may include code prepared for execution in page mode rather than normal SMM.
  • the memory controller and I/O device controller functions of chipset 330 are shown in the FIG. 3 embodiment as being implemented on a single separate integrated circuit.
  • a separate memory controller integrated circuit may generally implement the memory, controller functions described above for chipset 330 .
  • a separate I/O device controller integrated circuit may generally implement the I/O device controller functions described above for chipset 330 .
  • the memory controller functions of chipset 330 may be implemented in circuitry on the CPU integrated circuits, permitting several CPUs to each have direct access to certain amounts of physical memory. In such an embodiment, the memory controller functions of chipset 330 may be divided among the several CPU integrated circuits, or for multiple processors may be included on a single die.
  • FIG. 4 a diagram of a system management code (SMM) operating in a virtual machine (VM) container is shown, according to one embodiment of the present invention.
  • SVMM 450 has two additional modules to support secure or trusted SMM operations.
  • the SVMM SMM handler 452 establishes the SMM code in a SMM VM 490 in response to the execution of an SENTER instruction.
  • the VMexit/VMcall handler 454 handles entry into and exit from the SMM VM 490 due to the intentional lower privilege level of SMM VM 490 within its VM container.
  • the SVMM SMM handler 452 and the VMexit/VMcall handler 454 may be the same software module.
  • the SVMM SMM handler 452 may perform several functions. During the transition into secure or trusted operations, following the execution of an SENTER command by a processor, the SVMM SMM handler 452 loads and initiates the SMM VM 490 code in a virtual machine container. In some embodiments, SVMM SMM handler 452 would then write an entry location within itself into the modified SMBASE register of each processor in the system. This entry location permits an SMI to be directed first to the SVMM SMM handler 452 .
  • the SVMM SMM handler 452 also establishes a space within the locked memory pages to store the state data that needs to be saved upon entry into SMM operations. Examples of this state data are discussed above in connection with FIG. 1. Placing this state data within locked memory pages prevents unauthorized disclosure or manipulation of the state data.
  • the VMexit/VMcall handler 454 may perform several functions. VMexit/VMcall handler 454 may handle entries into and exits from SMM VM 490 subsequent to the initial entry. VMexit/VMcall handler 454 may also handle exceptions raised when SMM VM 490 attempts to read from or write to locked memory pages. Portions of VMexit/VMcall handler 454 may determine whether certain of these reads from or writes to locked memory pages should be allowed to proceed depending upon circumstances. In one embodiment, reads from or writes to locked memory pages may be permitted if VMexit/VMcall handler 454 determines that the location targeted within the locked memory pages does not contain trusted data.
  • the SMM VM 490 contains the desired SMM code, modified from SMM mode format to now execute in a page memory access mode.
  • the SMM code in the SMM VM 490 executes as written, with the exceptional case of those instructions to create memory reads and writes to the locked memory pages.
  • the SMM code may invoke VMexit/VMcall handler 454 .
  • SMM code may make an explicit call to the VMexit/VMcall handler 454 , or may make an indirect call by allowing an exception to trap to VMexit/VMcall handler 454 . In either case VMexit/VMcall handler 454 handles these circumstances.
  • FIG. 5 a diagram of a system management interrupt redirection is shown, according to one embodiment of the present invention.
  • the processor examines its SMBASE register. Since the SVMM SMM handler 452 upon initialization wrote an internal memory location into modified SMBASE register within the processor, the processor begins execution of SVMM SMM handler 452 .
  • SVMM SMM handler 452 stores state data within a locked memory page, and then issues a virtual mode enter (VMenter) call to the actual SMM code within SMM VM 490 .
  • the SMI may cause invocation of the SVMM's VMexit handler.
  • the SMM code within SMM VM 490 executes until it attempts to read from or write to a memory location within a locked memory page. Then either by an explicit call, or by an exception causing a trap, a VMexit/VMcall 524 may be made to invoke VMexit/VMcall handler 454 .
  • the VMexit/VMcall handler 454 performs those memory accesses that it deems permissible, and then returns to SMM VM 490 by another VMenter 522 . This process may repeat several times until the desired SMM code within SMM VM 490 is finished. At this time the SMM code exits via a final VMexit/VMcall 524 to VMexit/VMcall handler 454 .
  • the VMexit/VMcall handler 454 would then exit to the SVMM SMM handler 452 through the execution of a modified resume instruction SMM VM code RSM 526 .
  • the SVMM SMM handler 452 and the VMexit/VMcall handler 454 might be combined, and these operations might be carried out in software.
  • the processor resumes its original operation.
  • FIG. 6 a schematic diagram of an exemplary microprocessor system adapted to support the software environment of FIG. 2 is shown, according to another embodiment of the present invention.
  • CPU A 610 , CPU B 614 , CPU C 618 , and CPU D 622 may be configured with additional microcode or logic circuitry to support the execution of special instructions. Modifications to the processors may include, in one embodiment, changes to the behavior of registers and new or modified instructions.
  • CPU C 618 may include a new instruction “virtual machine monitor initialization” (VMMINIT) 624 .
  • the VMMINIT 624 instruction upon execution, may enable the initiation of secure or trusted operations as shown in FIG. 2 above.
  • VMMINIT 624 may also disable normal operations of the PSMBASE register 616 of CPU C 618 in certain circumstances to support secure or trusted SMM operations. In such an embodiment, CPU C 618 may then redirect an SMI to a code entry point and state save area within VMexit/VMcall handler 668 prearranged by the security environment rules.
  • CPU C 618 may also include a modified resume (RSM) 626 instruction.
  • the modified RSM 626 may permit a return from SMM that supports secure or trusted operations. Ordinarily RSM instructions may only be executed from within SMM.
  • the modified RSM 626 may be executed from within normal page mode.
  • the modified RSM 626 instruction may perform a special system call, called a VMexit, back to invoke VMexit/VMcall handler 668 .
  • the chipset 630 may service read and write requests carried from the CPUs on the system bus 620 , and may then perform the physical read and write operations on physical memory 634 . Allocation of SMRAM within memory 634 may be facilitated by a chipset SMBASE register 631 containing the value of CSMBASE.
  • the SVMM 664 may permit or deny the access of a VM to specific pages within memory 634 .
  • the pages of memory that the VM are denied access to may be called “locked” pages, whereas the pages that the VM are permitted access to may be called “unlocked” pages.
  • Within locked memory pages 660 may be located SVMM 664 and a module within SVMM 664 to support secure SMM operation.
  • the module may be VMexit/VMcall handler 668 .
  • the functions of the VMexit/VMcall handler 668 may be combined or may be distributed among other modules.
  • Other pages of memory may remain unlocked, such as unlocked memory pages 662 .
  • Within unlocked memory pages 662 may be located standard operating systems 672 .
  • SMM VM 670 may include software code similar to standard SMM code but modified to operate in a virtual machine container. Such modifications in SMM VM 670 may include code prepared for execution in page mode rather than normal SMM.
  • FIG. 7 a diagram of system management interrupt redirection is shown, according to another embodiment of the present invention.
  • SVMM 750 has two additional modules to support secure or trusted SMM operations.
  • the VMexit/VMcall handler 754 establishes the SMM code in a SMM VM 790 in response to the execution of an VMMINIT instruction, and additionally handles entry into and exit from the SMM VM 790 due to the intentional lower privilege level of SMM VM 790 within its VM container.
  • the VMexit/VMcall handler 754 may perform several functions. During the transition into secure or trusted operations, following the execution of a VMMINIT command by a processor, the VMexit/VMcall handler 754 loads and initiates the SMM VM 790 code in a virtual machine container. The VMexit/VMcall handler 754 also establishes a space within the locked memory pages to store the state data that needs to be saved upon entry into SMM operations.
  • the VMexit/VMcall handler 754 may perform several additional functions. VMexit/VMcall handler 754 may handle entries into and exits from SMM VM 790 . VMexit/VMcall handler 754 may also handle exceptions raised when SMM VM 790 attempts to read from or write to locked memory pages. Portions of VMexit/VMcall handler 754 may determine whether certain of these reads from or writes to locked memory pages should be allowed to proceed depending upon circumstances. In one embodiment, reads from or writes to locked memory pages may be permitted if VMexit/VMcall handler 754 determines that the location targeted within the locked memory pages does not contain trusted data.
  • the SMM VM 790 contains the desired SMM code, modified in one embodiment from SMM mode format to now execute in a page memory access mode.
  • the SMM code in the SMM VM 790 executes as written, with the exceptional case of those instructions to create memory reads and writes to the locked memory pages.
  • the SMM code may invoke VMexit/VMcall handler 754 .
  • the SMM code may make an explicit call to the VMexit/VMcall handler 754 , or may make an indirect call by allowing an exception to trap to VMexit/VMcall handler 754 . In either case VMexit/VMcall handler 754 handles these circumstances.
  • the SMM code within SMM VM 790 executes until it attempts to read from or write to a memory location within a locked memory page. Then either by an explicit call, or by an exception causing a trap, a VMexit/VMcall 724 may be made to invoke VMexit/VMcall handler 754 .
  • the VMexit/VMcall handler 754 performs those memory accesses that it deems permissible, and then returns to SMM VM 790 by another VMenter 722 . This process may repeat several times until the desired SMM code within SMM VM 790 is finished. At this time the SMM code exits via a final VMexit/VMcall 724 to VMexit/VMcall handler 754 .
  • the VMexit/VMcall handler 454 would then exit to normal SVMM 750 operations by first executing a modified resume instruction. This causes the VMexit/VMcall handler 754 to restore the (potentially modified by VMexit/VMcall handler 754 ) state data stored in locked memory pages. Upon the restoration of the state data, the processor resumes its original operation.
  • processors either logical or physical processors
  • multi-processor and/or multi-threaded systems are described in more detail to explain the added complexity associated with securing a system with multiple logical or physical processors.
  • An embodiment also likely to be advantageous in less complex system may use only one processor.
  • the one physical processor may be multi-threading and therefore may include multiple logical processors.
  • a single-processor, single-threaded system may be used, and still utilize disclosed secure processing techniques. In such cases, the secure processing techniques still operate to reduce the likelihood that data can be stolen or manipulated in an unauthorized manner.

Abstract

A system and method for permitting the execution of system management mode (SMM) code during secure operations in a microprocessor system is described. In one embodiment, the system management interrupt (SMI) may be first directed to a handler in a secured virtual machine monitor (SVMM). The SMI may then be re-directed to SMM code located in a virtual machine (VM) that is under the security control of the SVMM. This redirection may be accomplished by allowing the SVMM to read and write the system management (SM) base register in the processor.

Description

    FIELD
  • The present disclosure relates generally to microprocessor systems, and more specifically to microprocessor systems that may operate in a trusted or secured environment. [0001]
  • BACKGROUND
  • Processors may operate in several processor operating modes depending upon the immediate requirements of system operation. Generally processors may have a supervisor mode, a user mode, and sometimes other special-purpose modes. Supervisor mode may support the execution of the operating system, and may enable the execution of most instructions, including privileged instructions. Access may be given in supervisor mode to a different address space and peripheral devices. User mode may be restricted to non-privileged instructions when compared with supervisor mode, so that user code may not disrupt system functionality. [0002]
  • It is often the case that commercially released software is not a perfect fit on a particular original equipment manufacturer's (OEM) hardware suite. Due to specification misunderstandings or implementation errors, there may be situations where the software attempts to access hardware in a manner not anticipated or supported by the hardware. A simple example could be where a software program expects to place a value in a register at address x whereas the actual register in the hardware is at address x+y. This could cause a system exception. [0003]
  • In order to deal with such situations, processors may be designed to support an operating mode having the ability to operate in operating system transparent or quasi-transparent manner, or in a privilege-level independent manner, for the purpose of executing low-level patches. For the purpose of the present application such a mode may be defined as a “sub operating system mode”. One such mode is the system management mode (SMM) of the Intel® Pentium® processor family and compatible processors. (See Chapter 14 of the Pentium® 4 Processor Software Developer's Manual, Vol. III, 2001 edition, order number 245472, available from Intel Corporation of Santa Clara, Calif.) Other sub operating system modes may exist in a MIPS Technologies® MIPS32™ or MIPS64™ architecture processor, in an IBM® PowerPC™ architecture processor, in a SPARC International® SPARC® architecture processor, or in many other processors. The existence of a sub operating system mode may have additional system benefits, such as supporting transitions into a power-down mode. In order to deal with software and hardware mismatches as outlined above, existing sub operating system mode implementations may have no privilege restrictions or address mapping restrictions. Sub operating system modes may be invoked by a dedicated sub operating system mode interrupt, sometimes generated by system firmware or system hardware. This dedicated sub operating system mode interrupt is usually designed to be non-maskable in order to respond to the exigencies that required the entry into the mode. [0004]
  • A sub operating system mode may generally have the following major mechanisms. The only way to enter the mode is by means of a special sub operating system mode interrupt. In the case of SMM, the dedicated sub operating system mode interrupt is called a system management interrupt (SMI). The processor may execute the mode's code in a separate address space. For example, when the mode is SMM, the separate address space allows access to system management random-access memory (SMRAM), which may be made inaccessible to the other operating modes. When entering the mode, the processor saves the context of the interrupted program or task within the separate address space. For example, in SMM the context is saved into SMRAM. During the execution within the mode, normal interrupts may be disabled. Finally, the mode may be exited by means of a resume instruction that may only be executed while executing within the mode. [0005]
  • The increasing number of financial and personal transactions being performed on local or remote microcomputers has given impetus for the establishment of “trusted” or “secured” microprocessor environments. The problem these environments try to solve is that of loss of privacy, or data being corrupted or abused. Users do not want their private data made public. They also do not want their data altered or used in inappropriate transactions. Examples of these include unintentional release of medical records or electronic theft of funds from an on-line bank or other depository. Similarly, content providers seek to protect digital content (for example, music, other audio, video, or other types of data in general) from being copied without authorization. [0006]
  • The existence of a sub operating system mode, such as SMM, is a design challenge for designers of secure or trusted systems. The fact that such a sub operating system mode may have no privilege restrictions or address mapping restrictions is incompatible with secure or trusted system architecture. And this lack of privilege restrictions or address mapping restrictions often cannot be avoided by attempting to mask such a mode's dedicated interrupts, because these are usually designed to be non-maskable. [0007]
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The present invention is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which like reference numerals refer to similar elements and in which: [0008]
  • FIG. 1 is a memory mapping of system management mode code in system management RAM in an existing implementation. [0009]
  • FIG. 2 is a diagram of an exemplary software environment having trusted and untrusted areas, according to one embodiment. [0010]
  • FIG. 3 is a schematic diagram of an exemplary microprocessor system adapted to support the software environment of FIG. 2, according to one embodiment of the present invention. [0011]
  • FIG. 4 is a diagram showing a system management code operating in a virtual machine container, according to one embodiment of the present invention. [0012]
  • FIG. 5 is diagram showing system management interrupt redirection, according to one embodiment of the present invention. [0013]
  • FIG. 6 is a schematic diagram of an exemplary microprocessor system adapted to support the software environment of FIG. 2, according to another embodiment of the present invention. [0014]
  • FIG. 7 is diagram showing system management interrupt redirection, according to another embodiment of the present invention. [0015]
  • DETAILED DESCRIPTION
  • The following description describes techniques for permitting the execution of certain system management mode code in a trusted or secured environment in a microprocessor system. In the following description, numerous specific details such as logic implementations, software module allocation, encryption techniques, bus signaling techniques, and details of operation are set forth in order to provide a more thorough understanding of the present invention. It will be appreciated, however, by one skilled in the art that the invention may be practiced without such specific details. In other instances, control structures, gate level circuits and full software instruction sequences have not been shown in detail in order not to obscure the invention. Those of ordinary skill in the art, with the included descriptions, will be able to implement appropriate functionality without undue experimentation. The invention is disclosed in the form of a microprocessor system. However, the invention may be practiced in other forms of processor such as a digital signal processor, a minicomputer, or a mainframe computer. [0016]
  • In order to permit limited sub operating system mode code execution within a secure or trusted environment, the sub operating system mode interrupt may be first directed to a handler in a trusted code that controls virtual machine access to system resources. This direction to the handler may be accomplished by allowing the trusted code to read and write to the interrupt service register in the processor containing the location of the code required to service such a sub operating system mode interrupt. (An interrupt service register may generally be defined as a register that is used to determine that code that should be executed on receipt of an interrupt.) The sub operating system mode interrupt will then be re-directed to sub operating system mode code, located in another virtual machine that is under the security control of the above trusted code, for interrupt servicing. Alternatively, a microprocessor's virtualization architecture may be such that, when trusted code has been established, the sub operating system mode interrupt will no longer use the normal interrupt service register but will instead cause a transition to the trusted code consistent with the virtualization architecture. [0017]
  • In an exemplary case where the sub operating system mode is the system management mode (SMM), the SMM code execution within a secure or trusted environment may begin by having the system management interrupt (SMI) first be directed to a handler in a secured virtual machine monitor (SVMM). This direction to the handler may be accomplished by allowing the SVMM to read and write a system management base (SMBASE) register in the processor (PSMBASE). The SMI will then be re-directed to SMM code located in a virtual machine (VM) that is under the security control of the SVMM. Alternatively, the processor's virtualization architecture may disable use of the PSMBASE register and cause redirection of all SMIs to the SVMM directly. [0018]
  • In one embodiment, the SMM code may be granted access to all system resources except the protected pages in memory, and the associated system controls that maintain this protection. In order to accomplish this, after the initialization of secured operations the SMIs may be directed to a handler within SVMM first. This handler may establish a suitable virtual machine (VM) container for the SMM code, and re-direct the SMI to that code. By executing the SMM code within the VM container, the SMM code may be prevented from accessing various system resources, such as memory, that the SVMM has deemed protected. In one embodiment, the SMM code may now be written to conform to VM requirements. One such conforming change may be that the SMM code be written in either flat protected mode or in some other page memory access mode. [0019]
  • Referring now to FIG. 1, a memory mapping of system management mode (SMM) code in system management random-access memory (SMRAM) is shown in one embodiment. During normal system initialization, a section of system random-access memory (RAM) [0020] 110 may be set aside for exclusive use by SMM code. This set aside section is called system management RAM (SMRAM). Specific memory locations within SMRAM may be pointed to by interrupt service registers within the chipset or processor, which in one embodiment are called system management base (SMBASE) registers.
  • The chipset SMBASE register's content CSMBASE may define the boundaries of SMRAM. For example, the SMRAM may occupy the space between [0021] CSMBASE 120 and CSMBASE+FFFF hex 132. In other embodiments, in order to support two or more processors executing SMM code at the same time, each processor may have its own dedicated SMRAM space. The processors' SMBASE register content PSMBASE may define code-entry points and state save locations within SMRAM. For example, within SMRAM a standard code-entry point may be located at CSMBASE+8000 hex 124. The value of CSMBASE may be written at system initialization to each processor's SMBASE register, thereby allowing each processor to go to the SMM code-entry point upon receipt of an SMI. Prior to entry into SMM code, the processor may in one embodiment store state data in a state save area between an address PSMBASE+FE00 hex 128 and the end of SMRAM at location SMBASE+FFFF hex 132. In other embodiments, in order to support two or more processors executing SMM code at the same time, each processor's SMBASE register may contain a different value of PSMBASE, permitting differing code-entry points and locations for storing state data.
  • The state data may include the values of control registers, flags, an auto halt restart field, an input/output (I/O) instruction restart field, and an SMM revision identifier. Some of the locations within SMRAM may be modified by an SMI handler. Upon completion of SMM code execution, the original program may be re-entered when the processor executes a resume (RSM) instruction. This existing RSM instruction may only be issued within SMM, and it restores the state values previously stored within SMRAM. The use of this existing SMM design is well-known in the art. [0022]
  • Referring now to FIG. 2, a diagram of an exemplary trusted or secured software environment is shown, according to one embodiment of the present invention. In the FIG. 2 embodiment, trusted and untrusted software may be loaded simultaneously and may execute simultaneously on a single computer system. A [0023] SVMM 250 selectively permits or prevents direct access to hardware resources 280 from untrusted operating system 240 (or, if multiple untrusted virtual machines are implemented, multiple operating systems) and untrusted applications 210 through 230. In this context, “untrusted” does not necessarily mean that the operating system or applications are deliberately misbehaving, but that the size and variety of interacting code makes it impractical to reliably assert that the software is behaving as desired, and that there are no viruses or other foreign code interfering with its execution. In a typical embodiment, the untrusted code might consist of the normal operating system and applications found on today's personal computers.
  • SVMM [0024] 250 also selectively permits or prevents direct access to hardware resources 280 from one or more trusted or secure kernels 260 and one or more trusted applications 270. Such a trusted or secure kernel 260 and trusted applications 270 may be limited in size and functionality to aid in the ability to perform trust analysis upon it. The trusted application 270 may be any software code, program, routine, or set of routines which is executable in a secure environment. Thus, the trusted application 270 may be a variety of applications, or code sequences, or may be a relatively small application such as a Java applet.
  • Instructions or operations normally performed by [0025] operating system 240 or kernel 260 that could alter system resource protections or privileges may be trapped by SVMM 250, and selectively permitted, partially permitted, or rejected. As an example, in a typical embodiment, instructions that change the processor's page table that would normally be performed by operating system 240 or kernel 260 would instead be trapped by SVMM 250, which would ensure that the request was not attempting to change page privileges outside the domain of its virtual machine. One way of viewing this system is that operating system 240, kernel 260, and SVMM 250 are all virtual machines, with operating system 240 virtual machine and kernel 260 virtual machine executing within the SVMM 250 virtual machine. Thus a hierarchy of virtual machines is created. Here in one embodiment a virtual machine may be defined as any multi-user shared-resource operating system that gives each user the appearance of having sole control of all the resources of the system, or virtual machine may also be defined as an operating system that is in turn managed by an underlying control program.
  • Referring now to FIG. 3, one embodiment of a [0026] microprocessor system 300 adapted to support the secured software environment of FIG. 2 is shown. CPU A 310, CPU B 314, CPU C 318, and CPU D 322 may be configured with additional microcode or logic circuitry to support the execution of special instructions. In one embodiment, the processors may be Intel® Pentium® class microprocessors with certain special modifications in accordance with an embodiment of the present invention. These special instructions may support the issuance of special bus messages on system bus 320 that may enable the proper synchronization of SVMM 250 operation in the processors. Similarly chipset 330 may support the above-mentioned special cycles on system bus 320. The number of physical processors may vary upon the implementation of a particular embodiment.
  • In the FIG. 3 embodiment, the four [0027] processors CPU A 310, CPU B 314, CPU C 318, and CPU D 322 are shown as four separate hardware entities. In other embodiments, the number of processors may differ. Indeed, the processors may be replaced by separate threads, each running on one of the physical processors. In the latter case these threads possess many of the attributes of additional physical processors. In order to have a generic expression to discuss using any mixture of multiple physical processors and multiple threads upon processors, the expression “logical processor” may be used to describe either a physical processor or a thread operating in one of the physical processors. Thus, one single-threaded processor may be considered a logical processor, and multi-threaded or multi-core processors may be considered multiple logical processors.
  • Modifications to processors may include, in one embodiment, changes to the behavior of registers and new or modified instructions. For example, in one [0028] embodiment CPU C 318 may include a new instruction secure enter (SENTER) 324. The SENTER 324 instruction, upon execution, may enable the initiation of secure or trusted operations as shown in FIG. 2 above. SENTER 324 may enable multiple logical processors to synchronize their entry into secure or trusted operations. In one embodiment, SENTER 324 may also permit writing to the PSMBASE register 316 of CPU C 318 in certain circumstances to support secure or trusted SMM operations.
  • In one [0029] embodiment CPU C 318 may also include a modified resume (RSM) 326 instruction. The modified RSM 326 may permit a return from SMM that supports secure or trusted operations. Ordinarily RSM instructions may only be executed from within SMM. The modified RSM 326 may be executed from within normal page mode. When invoked with VM extensions enabled, the modified RSM 326 instruction may perform a special system call, called a VMexit, back to an SVMM handler for SMI.
  • The [0030] chipset 330 may service read and write requests carried from the CPUs on the system bus 320, and may then perform the physical read and write operations on physical memory 334. Allocation of SMRAM within memory 334 may be facilitated by a chipset SMBASE register 331 containing the value of CSMBASE. The chipset 330 additionally may connect to specialized input/output (I/O) channels, such as an advanced graphics port (AGP) 336. Chipset 330 may control access to pages of memory within physical memory 334 from processors CPU A 310, CPU B 314, CPU C 318 and CPU D 322, and additionally from I/O devices. Such devices may include mass storage devices such as fixed media 344 or removable media 348. The fixed media 344 or removable media 348 may be magnetic disks, magnetic tape, magnetic diskettes, magneto-optical drives, CD-ROM, DVD-ROM, Flash memory cards, or many other forms of mass storage. Fixed media 344 or removable media 348 may be connected to chipset 330 via peripheral component interconnect (PCI) bus 346, or, alternately, via a universal serial bus (USB) 342, an integrated controller electronics (IDE) bus (not shown), or a small computer systems interconnect (SCSI) bus (not shown).
  • The [0031] SVMM 364 may permit or deny the access of a VM to specific pages within memory 334. The pages of memory that the VM are denied access to may be called “locked” pages, whereas the pages that the VM are permitted access to may be called “unlocked” pages. Within locked memory pages 360 may be located SVMM 364 and modules within SVMM 364 to support secure SMM operation. In one embodiment, such modules may include an SVMM SMM handler 366 and a virtual machine exit (VMexit)/virtual machine call (VMcall) handler 368. In other embodiments the functions of the SVMM SMM handler 366 and the VMexit/VMcall handler 368 may be combined or may be distributed among other modules. Other pages of memory may remain unlocked, such as unlocked memory pages 362. Within unlocked memory pages 362 may be located standard operating systems 372. Also within unlocked memory pages 362 may be a SMM virtual machine (SMM VM) 370. SMM VM 370 may include software code similar to standard SMM code but modified to operate in a virtual machine container. Such modifications in SMM VM 370 may include code prepared for execution in page mode rather than normal SMM.
  • The memory controller and I/O device controller functions of [0032] chipset 330 are shown in the FIG. 3 embodiment as being implemented on a single separate integrated circuit. In alternate embodiments, a separate memory controller integrated circuit may generally implement the memory, controller functions described above for chipset 330. Similarly, a separate I/O device controller integrated circuit may generally implement the I/O device controller functions described above for chipset 330. In further embodiments, the memory controller functions of chipset 330 may be implemented in circuitry on the CPU integrated circuits, permitting several CPUs to each have direct access to certain amounts of physical memory. In such an embodiment, the memory controller functions of chipset 330 may be divided among the several CPU integrated circuits, or for multiple processors may be included on a single die.
  • Referring now to FIG. 4, a diagram of a system management code (SMM) operating in a virtual machine (VM) container is shown, according to one embodiment of the present invention. In the FIG. 4 embodiment, [0033] SVMM 450 has two additional modules to support secure or trusted SMM operations. The SVMM SMM handler 452 establishes the SMM code in a SMM VM 490 in response to the execution of an SENTER instruction. The VMexit/VMcall handler 454 handles entry into and exit from the SMM VM 490 due to the intentional lower privilege level of SMM VM 490 within its VM container. In some embodiments, the SVMM SMM handler 452 and the VMexit/VMcall handler 454 may be the same software module.
  • The [0034] SVMM SMM handler 452 may perform several functions. During the transition into secure or trusted operations, following the execution of an SENTER command by a processor, the SVMM SMM handler 452 loads and initiates the SMM VM 490 code in a virtual machine container. In some embodiments, SVMM SMM handler 452 would then write an entry location within itself into the modified SMBASE register of each processor in the system. This entry location permits an SMI to be directed first to the SVMM SMM handler 452. This may not be necessary for other embodiments that invoke the VMexit/VMcall handler 454 directly in response system-management interrupts; for these embodiments, the SVMM SMM handler 452 and VMexit/VMcall handler 454 would be combined into one software module. The SVMM SMM handler 452 also establishes a space within the locked memory pages to store the state data that needs to be saved upon entry into SMM operations. Examples of this state data are discussed above in connection with FIG. 1. Placing this state data within locked memory pages prevents unauthorized disclosure or manipulation of the state data.
  • The VMexit/[0035] VMcall handler 454 may perform several functions. VMexit/VMcall handler 454 may handle entries into and exits from SMM VM 490 subsequent to the initial entry. VMexit/VMcall handler 454 may also handle exceptions raised when SMM VM 490 attempts to read from or write to locked memory pages. Portions of VMexit/VMcall handler 454 may determine whether certain of these reads from or writes to locked memory pages should be allowed to proceed depending upon circumstances. In one embodiment, reads from or writes to locked memory pages may be permitted if VMexit/VMcall handler 454 determines that the location targeted within the locked memory pages does not contain trusted data.
  • The [0036] SMM VM 490 contains the desired SMM code, modified from SMM mode format to now execute in a page memory access mode. In general the SMM code in the SMM VM 490 executes as written, with the exceptional case of those instructions to create memory reads and writes to the locked memory pages. In those cases, the SMM code may invoke VMexit/VMcall handler 454. SMM code may make an explicit call to the VMexit/VMcall handler 454, or may make an indirect call by allowing an exception to trap to VMexit/VMcall handler 454. In either case VMexit/VMcall handler 454 handles these circumstances.
  • Referring now to FIG. 5, a diagram of a system management interrupt redirection is shown, according to one embodiment of the present invention. Consider an SMI producing event in [0037] hardware 480 subsequent to the initiation of secure or trusted operations. The processor examines its SMBASE register. Since the SVMM SMM handler 452 upon initialization wrote an internal memory location into modified SMBASE register within the processor, the processor begins execution of SVMM SMM handler 452. SVMM SMM handler 452 stores state data within a locked memory page, and then issues a virtual mode enter (VMenter) call to the actual SMM code within SMM VM 490. In another embodiment, the SMI may cause invocation of the SVMM's VMexit handler.
  • The SMM code within [0038] SMM VM 490 executes until it attempts to read from or write to a memory location within a locked memory page. Then either by an explicit call, or by an exception causing a trap, a VMexit/VMcall 524 may be made to invoke VMexit/VMcall handler 454. The VMexit/VMcall handler 454 performs those memory accesses that it deems permissible, and then returns to SMM VM 490 by another VMenter 522. This process may repeat several times until the desired SMM code within SMM VM 490 is finished. At this time the SMM code exits via a final VMexit/VMcall 524 to VMexit/VMcall handler 454. For some embodiments, the VMexit/VMcall handler 454 would then exit to the SVMM SMM handler 452 through the execution of a modified resume instruction SMM VM code RSM 526. This causes the SVMM SMM handler 452 to restore the (potentially modified by VMexit/VMcall handler 454) state data stored in locked memory pages. For other embodiments, the SVMM SMM handler 452 and the VMexit/VMcall handler 454 might be combined, and these operations might be carried out in software. Upon the restoration of the state data, the processor resumes its original operation.
  • Referring now to FIG. 6, a schematic diagram of an exemplary microprocessor system adapted to support the software environment of FIG. 2 is shown, according to another embodiment of the present invention. [0039] CPU A 610, CPU B 614, CPU C 618, and CPU D 622 may be configured with additional microcode or logic circuitry to support the execution of special instructions. Modifications to the processors may include, in one embodiment, changes to the behavior of registers and new or modified instructions. For example, in one embodiment CPU C 618 may include a new instruction “virtual machine monitor initialization” (VMMINIT) 624. The VMMINIT 624 instruction, upon execution, may enable the initiation of secure or trusted operations as shown in FIG. 2 above. In one embodiment, VMMINIT 624 may also disable normal operations of the PSMBASE register 616 of CPU C 618 in certain circumstances to support secure or trusted SMM operations. In such an embodiment, CPU C 618 may then redirect an SMI to a code entry point and state save area within VMexit/VMcall handler 668 prearranged by the security environment rules.
  • In one [0040] embodiment CPU C 618 may also include a modified resume (RSM) 626 instruction. The modified RSM 626 may permit a return from SMM that supports secure or trusted operations. Ordinarily RSM instructions may only be executed from within SMM. The modified RSM 626 may be executed from within normal page mode. When invoked with VM extensions enabled, the modified RSM 626 instruction may perform a special system call, called a VMexit, back to invoke VMexit/VMcall handler 668.
  • The [0041] chipset 630 may service read and write requests carried from the CPUs on the system bus 620, and may then perform the physical read and write operations on physical memory 634. Allocation of SMRAM within memory 634 may be facilitated by a chipset SMBASE register 631 containing the value of CSMBASE.
  • The [0042] SVMM 664 may permit or deny the access of a VM to specific pages within memory 634. The pages of memory that the VM are denied access to may be called “locked” pages, whereas the pages that the VM are permitted access to may be called “unlocked” pages. Within locked memory pages 660 may be located SVMM 664 and a module within SVMM 664 to support secure SMM operation. In one embodiment, the module may be VMexit/VMcall handler 668. In other embodiments the functions of the VMexit/VMcall handler 668 may be combined or may be distributed among other modules. Other pages of memory may remain unlocked, such as unlocked memory pages 662. Within unlocked memory pages 662 may be located standard operating systems 672. Also within unlocked memory pages 662 may be a SMM VM 670. SMM VM 670 may include software code similar to standard SMM code but modified to operate in a virtual machine container. Such modifications in SMM VM 670 may include code prepared for execution in page mode rather than normal SMM.
  • Referring now to FIG. 7, a diagram of system management interrupt redirection is shown, according to another embodiment of the present invention. In the FIG. 7 embodiment, [0043] SVMM 750 has two additional modules to support secure or trusted SMM operations. In one embodiment the VMexit/VMcall handler 754 establishes the SMM code in a SMM VM 790 in response to the execution of an VMMINIT instruction, and additionally handles entry into and exit from the SMM VM 790 due to the intentional lower privilege level of SMM VM 790 within its VM container.
  • The VMexit/[0044] VMcall handler 754 may perform several functions. During the transition into secure or trusted operations, following the execution of a VMMINIT command by a processor, the VMexit/VMcall handler 754 loads and initiates the SMM VM 790 code in a virtual machine container. The VMexit/VMcall handler 754 also establishes a space within the locked memory pages to store the state data that needs to be saved upon entry into SMM operations.
  • The VMexit/[0045] VMcall handler 754 may perform several additional functions. VMexit/VMcall handler 754 may handle entries into and exits from SMM VM 790. VMexit/VMcall handler 754 may also handle exceptions raised when SMM VM 790 attempts to read from or write to locked memory pages. Portions of VMexit/VMcall handler 754 may determine whether certain of these reads from or writes to locked memory pages should be allowed to proceed depending upon circumstances. In one embodiment, reads from or writes to locked memory pages may be permitted if VMexit/VMcall handler 754 determines that the location targeted within the locked memory pages does not contain trusted data.
  • The [0046] SMM VM 790 contains the desired SMM code, modified in one embodiment from SMM mode format to now execute in a page memory access mode. In general the SMM code in the SMM VM 790 executes as written, with the exceptional case of those instructions to create memory reads and writes to the locked memory pages. In those cases, the SMM code may invoke VMexit/VMcall handler 754. The SMM code may make an explicit call to the VMexit/VMcall handler 754, or may make an indirect call by allowing an exception to trap to VMexit/VMcall handler 754. In either case VMexit/VMcall handler 754 handles these circumstances.
  • Consider an SMI producing event in [0047] hardware 780 subsequent to the initiation of secure or trusted operations. The processor examines its SMBASE register. Since the execution of VMMINIT disabled the normal operation of modified SMBASE register within the processor, the processor begins execution of VMexit/VMcall handler 754 from a code entry point prearranged by the security environment rules. VMexit/VMcall handler 754 stores state data within a locked memory page, and then issues a VMenter call 722 to the actual SMM code within SMM VM 790.
  • The SMM code within [0048] SMM VM 790 executes until it attempts to read from or write to a memory location within a locked memory page. Then either by an explicit call, or by an exception causing a trap, a VMexit/VMcall 724 may be made to invoke VMexit/VMcall handler 754. The VMexit/VMcall handler 754 performs those memory accesses that it deems permissible, and then returns to SMM VM 790 by another VMenter 722. This process may repeat several times until the desired SMM code within SMM VM 790 is finished. At this time the SMM code exits via a final VMexit/VMcall 724 to VMexit/VMcall handler 754. For some embodiments, the VMexit/VMcall handler 454 would then exit to normal SVMM 750 operations by first executing a modified resume instruction. This causes the VMexit/VMcall handler 754 to restore the (potentially modified by VMexit/VMcall handler 754) state data stored in locked memory pages. Upon the restoration of the state data, the processor resumes its original operation.
  • While various embodiments disclosed include two or more processors (either logical or physical processors), it should be understood that such multi-processor and/or multi-threaded systems are described in more detail to explain the added complexity associated with securing a system with multiple logical or physical processors. An embodiment also likely to be advantageous in less complex system may use only one processor. In some cases, the one physical processor may be multi-threading and therefore may include multiple logical processors. In other cases, however, a single-processor, single-threaded system may be used, and still utilize disclosed secure processing techniques. In such cases, the secure processing techniques still operate to reduce the likelihood that data can be stolen or manipulated in an unauthorized manner. [0049]
  • In the foregoing specification, the invention has been described with reference to specific exemplary embodiments thereof. It will, however, be evident that various modifications and changes may be made thereto without departing from the broader spirit and scope of the invention as set forth in the appended claims. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense. [0050]

Claims (43)

What is claimed is:
1. A system, comprising:
a processor to operate in a user mode, a supervisor mode, and a sub operating system mode, to receive a sub operating system mode interrupt;
a first code to be contained within a first virtual machine; and
a first handler to be contained within a trusted code in a second virtual machine to redirect said sub operating system mode interrupt to said first code.
2. The system of claim 1, wherein said trusted code is to write an interrupt service register in said processor.
3. The system of claim 2, wherein said interrupt service register is a system management base register, and wherein said sub operating system mode interrupt is a system management interrupt.
4. The system of claim 1, wherein said first code is to execute in page mode.
5. The system of claim 4, wherein said first code is a system management mode code.
6. The system of claim 1, further comprising a second handler within said trusted code to be invoked upon access attempts to locked pages of a memory.
7. The system of claim 6, wherein said second handler determines if access is allowable to said locked pages of said memory.
8. The system of claim 6, wherein said second handler initiates an exit from said first code by issuing a modified resume instruction.
9. The system of claim 8, wherein said modified resume instruction is capable of execution in page mode.
10. The system of claim 1, wherein said first handler establishes a space within locked pages of a memory to store state data.
11. The system of claim 1, wherein said first code is located in unlocked pages of memory.
12. The system of claim 1, wherein said system comprises a single processor system.
13. The system of claim 1, wherein said trusted code is to disable an interrupt service register in said processor.
14. The system of claim 13, wherein said interrupt service register is a system management base register, and wherein said first interrupt is a system management interrupt.
15. The system of claim 1, wherein said first handler within said trusted code to be invoked upon access attempts to locked pages of a memory.
16. The system of claim 15, wherein said first handler determines if access is allowable to said locked pages of said memory.
17. The system of claim 15, wherein said first handler initiates an exit from said first code by issuing a modified resume instruction.
18. The system of claim 1, wherein said modified resume instruction is capable of execution in page mode.
19. A method, comprising:
directing a sub operating system mode interrupt to a first handler in a trusted code within a second virtual machine;
storing a state in a locked page in memory; and
entering a first code in a first virtual machine.
20. The method of claim 19, further comprising invoking a second handler in said trusted code from said first code.
21. The method of claim 20, wherein said invoking is subsequent to said first code accessing said locked page in memory.
22. The method of claim 19, wherein said first code is system management mode code.
23. The method of claim 19, further comprising invoking a second handler in said trusted code from said first code.
24. The method of claim 23, wherein said invoking is subsequent to said first code accessing said locked page in memory.
25. The method of claim 19, further comprising executing a modified resume instruction from a page mode.
26. The method of claim 19, further comprising determining whether said first code may access said locked page in memory.
27. The method of claim 19, wherein said directing includes writing a memory location within said trusted code to an interrupt service register.
28. The method of claim 27, wherein said interrupt service register is a system management base register.
29. The method of claim 19, wherein said sub operating system mode interrupt is a system management interrupt.
30. The method of claim 19, further comprising invoking said first handler in said trusted code from said first code.
31. The method of claim 30, wherein said invoking is subsequent to said first code accessing said locked page in memory.
32. A processor, comprising
a first logic to execute a modified resume instruction; and
an interrupt service register capable of being written subsequent to execution of a secure enter instruction.
33. The processor of claim 32, wherein said modified resume instruction returns said processor to previous program execution subsequent to execution of a first code.
34. The processor of claim 33, wherein said modified resume instruction may be executed from within page mode.
35. The processor of claim 33, wherein said execution of said first code occurs within a sub operating system mode.
36. The processor of claim 35, wherein said sub operating system mode is a system management mode.
37. The processor of claim 32, wherein said interrupt service register is a system management base register.
38. A processor, comprising
a first logic to execute a modified resume instruction; and
an interrupt service register capable of being disabled subsequent to execution of a monitor initialization instruction.
39. The processor of claim 38, wherein said modified resume instruction returns said processor to previous program execution subsequent to execution of a first code.
40. The processor of claim 39, wherein said modified resume instruction may be executed from within page mode.
41. The processor of claim 39, wherein said execution of said first code occurs within a sub operating system mode.
42. The processor of claim 41, wherein said sub operating system mode is a system management mode.
43. The processor of claim 38, wherein said interrupt service register is a system management base register.
US10/165,597 2002-06-07 2002-06-07 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container Abandoned US20030229794A1 (en)

Priority Applications (11)

Application Number Priority Date Filing Date Title
US10/165,597 US20030229794A1 (en) 2002-06-07 2002-06-07 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container
RU2004139086/09A RU2313126C2 (en) 2002-06-07 2003-05-01 System and method for protection from non-trusted system control mode code by means of redirection of system management mode interrupt and creation of virtual machine container
AU2003231237A AU2003231237A1 (en) 2002-06-07 2003-05-01 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container
CNB038188236A CN100377092C (en) 2002-06-07 2003-05-01 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container
PCT/US2003/013616 WO2003104981A2 (en) 2002-06-07 2003-05-01 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container
JP2004511985A JP4708016B2 (en) 2002-06-07 2003-05-01 System and method for protection against unreliable system management code by re-instructing system management instructions and creating virtual machine containers
EP03724373A EP1512074A2 (en) 2002-06-07 2003-05-01 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container
MYPI20032123A MY146723A (en) 2002-06-07 2003-06-06 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container
US11/095,855 US7581219B2 (en) 2002-06-07 2005-03-30 Transitioning between virtual machine monitor domains in a virtual machine environment
JP2007150997A JP4846660B2 (en) 2002-06-07 2007-06-06 How to protect against untrusted system management code by re-ordering system management interrupts and creating virtual machine containers
JP2011178882A JP5242747B2 (en) 2002-06-07 2011-08-18 How to protect against untrusted system management code by re-ordering system management interrupts and creating virtual machine containers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/165,597 US20030229794A1 (en) 2002-06-07 2002-06-07 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US11/095,855 Continuation-In-Part US7581219B2 (en) 2002-06-07 2005-03-30 Transitioning between virtual machine monitor domains in a virtual machine environment

Publications (1)

Publication Number Publication Date
US20030229794A1 true US20030229794A1 (en) 2003-12-11

Family

ID=29710476

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/165,597 Abandoned US20030229794A1 (en) 2002-06-07 2002-06-07 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container
US11/095,855 Active 2024-05-31 US7581219B2 (en) 2002-06-07 2005-03-30 Transitioning between virtual machine monitor domains in a virtual machine environment

Family Applications After (1)

Application Number Title Priority Date Filing Date
US11/095,855 Active 2024-05-31 US7581219B2 (en) 2002-06-07 2005-03-30 Transitioning between virtual machine monitor domains in a virtual machine environment

Country Status (8)

Country Link
US (2) US20030229794A1 (en)
EP (1) EP1512074A2 (en)
JP (3) JP4708016B2 (en)
CN (1) CN100377092C (en)
AU (1) AU2003231237A1 (en)
MY (1) MY146723A (en)
RU (1) RU2313126C2 (en)
WO (1) WO2003104981A2 (en)

Cited By (139)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040172629A1 (en) * 2003-02-28 2004-09-02 Azul Systems Segmented virtual machine
US20040250110A1 (en) * 2003-03-28 2004-12-09 Wray Michael John Security policy in trusted computing systems
US20040268332A1 (en) * 2003-04-23 2004-12-30 Masato Mitsumori Memory access control method and processing system with memory access check function
US20050097345A1 (en) * 2003-10-29 2005-05-05 Kelley Brian H. System for selectively enabling operating modes of a device
US20050257243A1 (en) * 2004-04-27 2005-11-17 Microsoft Corporation Method and system for enforcing a security policy via a security virtual machine
US20050289311A1 (en) * 2004-06-29 2005-12-29 David Durham System and method for secure inter-platform and intra-platform communications
US20060021029A1 (en) * 2004-06-29 2006-01-26 Brickell Ernie F Method of improving computer security through sandboxing
US20060075312A1 (en) * 2004-09-30 2006-04-06 Fischer Stephen A System and method for limiting exposure of hardware failure information for a secured execution environment
US20060224685A1 (en) * 2005-03-29 2006-10-05 International Business Machines Corporation System management architecture for multi-node computer system
US20070038997A1 (en) * 2005-08-09 2007-02-15 Steven Grobman Exclusive access for secure audio program
US20070050764A1 (en) * 2005-08-30 2007-03-01 Microsoft Corporation Hierarchical virtualization with a multi-level virtualization mechanism
US20070067590A1 (en) * 2005-09-22 2007-03-22 Uday Savagaonkar Providing protected access to critical memory regions
US20070083739A1 (en) * 2005-08-29 2007-04-12 Glew Andrew F Processor with branch predictor
US20080133883A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical store buffer
US20080133889A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical instruction scheduler
US20080133893A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical register file
US20080163331A1 (en) * 2006-12-29 2008-07-03 Datta Sham M Reconfiguring a secure system
US20080216096A1 (en) * 2005-07-15 2008-09-04 Lenovo (Beijing) Limited Virtual Computer System Supporting Trusted Computing and Method for Implementing Trusted Computation Thereon
US20080263679A1 (en) * 2007-04-23 2008-10-23 Microsoft Corporation Storing information in closed computing devices
US20080294892A1 (en) * 2007-05-25 2008-11-27 Ingo Molnar Method and system for a kernel lock validator
US7480908B1 (en) 2005-06-24 2009-01-20 Azul Systems, Inc. Segmented virtual machine transport mechanism
US20090038017A1 (en) * 2007-08-02 2009-02-05 David Durham Secure vault service for software components within an execution environment
GB2453652A (en) * 2007-10-08 2009-04-15 Lenovo Implementing secure online payments by switching to a dedicated operating system (OS)
US20090172385A1 (en) * 2007-12-31 2009-07-02 Datta Sham M Enabling system management mode in a secure system
US7620953B1 (en) * 2004-10-05 2009-11-17 Azul Systems, Inc. System and method for allocating resources of a core space among a plurality of core virtual machines
US20100057982A1 (en) * 2008-08-26 2010-03-04 Phoenix Technologies Ltd Hypervisor security using SMM
US7748037B2 (en) 2005-09-22 2010-06-29 Intel Corporation Validating a memory type modification attempt
US20100169666A1 (en) * 2008-12-31 2010-07-01 Prashant Dewan Methods and systems to direclty render an image and correlate corresponding user input in a secuire memory domain
US20110066783A1 (en) * 2009-09-14 2011-03-17 International Business Machines Corporation Secure Handling and Routing of Message-Signaled Interrupts
US20110231668A1 (en) * 2005-06-30 2011-09-22 Travis Schluessler Signed Manifest for Run-Time Verification of Software Program Identity and Integrity
US8099718B2 (en) 2007-11-13 2012-01-17 Intel Corporation Method and system for whitelisting software components
US20120017285A1 (en) * 2009-05-18 2012-01-19 Mark A Piwonka Systems and methods of determining a trust level from system management mode
WO2012135192A2 (en) 2011-03-28 2012-10-04 Mcafee, Inc. System and method for virtual machine monitor based anti-malware security
US20120255004A1 (en) * 2011-03-31 2012-10-04 Mcafee, Inc. System and method for securing access to system calls
KR20120111734A (en) * 2009-12-29 2012-10-10 어드밴스드 마이크로 디바이시즈, 인코포레이티드 Hypervisor isolation of processor cores
US8356297B1 (en) 2007-03-21 2013-01-15 Azul Systems, Inc. External data source redirection in segmented virtual machine
US8495750B2 (en) 2010-08-31 2013-07-23 International Business Machines Corporation Filesystem management and security system
US20130326288A1 (en) * 2011-12-31 2013-12-05 Shamanna M. Datta Processor that detects when system management mode attempts to reach program code outside of protected space
US8813227B2 (en) 2011-03-29 2014-08-19 Mcafee, Inc. System and method for below-operating system regulation and control of self-modifying code
EP2782007A1 (en) * 2013-03-19 2014-09-24 STMicroelectronics (Grenoble 2) SAS Launching multiple applications in containers on a processor
EP2782038A1 (en) * 2013-03-19 2014-09-24 STMicroelectronics (Grenoble 2) SAS Resource management in a processor for trusted and untrusted applications
WO2014158603A1 (en) * 2013-03-13 2014-10-02 Intel Corporation System management interrupt handling for multi-core processors
US8925089B2 (en) 2011-03-29 2014-12-30 Mcafee, Inc. System and method for below-operating system modification of malicious code on an electronic device
US8959638B2 (en) 2011-03-29 2015-02-17 Mcafee, Inc. System and method for below-operating system trapping and securing of interdriver communication
US8966624B2 (en) 2011-03-31 2015-02-24 Mcafee, Inc. System and method for securing an input/output path of an application against malware with a below-operating system security agent
US8966629B2 (en) 2011-03-31 2015-02-24 Mcafee, Inc. System and method for below-operating system trapping of driver loading and unloading
US9032525B2 (en) 2011-03-29 2015-05-12 Mcafee, Inc. System and method for below-operating system trapping of driver filter attachment
US9038176B2 (en) 2011-03-31 2015-05-19 Mcafee, Inc. System and method for below-operating system trapping and securing loading of code into memory
US9087199B2 (en) 2011-03-31 2015-07-21 Mcafee, Inc. System and method for providing a secured operating system execution environment
US9176741B2 (en) 2005-08-29 2015-11-03 Invention Science Fund I, Llc Method and apparatus for segmented sequential storage
US9223963B2 (en) 2009-12-15 2015-12-29 Mcafee, Inc. Systems and methods for behavioral sandboxing
US9262246B2 (en) 2011-03-31 2016-02-16 Mcafee, Inc. System and method for securing memory and storage of an electronic device with a below-operating system security agent
US9317690B2 (en) 2011-03-28 2016-04-19 Mcafee, Inc. System and method for firmware based anti-malware security
JP2016511872A (en) * 2013-01-22 2016-04-21 アマゾン・テクノロジーズ、インコーポレイテッド Privileged cryptographic services in a virtualized environment
US9367691B2 (en) 2012-07-31 2016-06-14 Hewlett-Packard Development Company, L.P. Modify executable bits of system management memory page table
US20160350215A1 (en) * 2014-12-13 2016-12-01 Via Alliance Semiconductor Co., Ltd. Distributed hang recovery logic
US20160350223A1 (en) * 2014-12-13 2016-12-01 Via Alliance Semiconductor Co., Ltd. Logic analyzer for detecting hangs
US9529627B2 (en) 2013-03-19 2016-12-27 Stmicroelectronics (Grenoble 2) Sas Managing multiple systems in a computer device
US20170098092A1 (en) * 2015-10-06 2017-04-06 Symantec Corporation Techniques for generating a virtual private container
US20170192804A1 (en) * 2014-09-30 2017-07-06 Amazon Technologies, Inc. Threading as a service
US9946651B2 (en) * 2014-12-13 2018-04-17 Via Alliance Semiconductor Co., Ltd Pattern detector for detecting hangs
CN108292339A (en) * 2016-01-26 2018-07-17 惠普发展公司,有限责任合伙企业 System Management Mode privilege framework
US10102040B2 (en) 2016-06-29 2018-10-16 Amazon Technologies, Inc Adjusting variable limit on concurrent code executions
US10108443B2 (en) 2014-09-30 2018-10-23 Amazon Technologies, Inc. Low latency computational capacity provisioning
US10140139B1 (en) * 2012-06-19 2018-11-27 Bromium, Inc. Ensuring the privacy and integrity of a hypervisor
US10162688B2 (en) 2014-09-30 2018-12-25 Amazon Technologies, Inc. Processing event messages for user requests to execute program code
US10162672B2 (en) 2016-03-30 2018-12-25 Amazon Technologies, Inc. Generating data streams from pre-existing data sets
US10203990B2 (en) 2016-06-30 2019-02-12 Amazon Technologies, Inc. On-demand network code execution with cross-account aliases
CN109542610A (en) * 2018-12-04 2019-03-29 中国航空工业集团公司西安航空计算技术研究所 A kind of multi partition operating system void interrupt criteria component realization method
US10277708B2 (en) 2016-06-30 2019-04-30 Amazon Technologies, Inc. On-demand network code execution with cross-account aliases
US10282229B2 (en) 2016-06-28 2019-05-07 Amazon Technologies, Inc. Asynchronous task management in an on-demand network code execution environment
US10353678B1 (en) 2018-02-05 2019-07-16 Amazon Technologies, Inc. Detecting code characteristic alterations due to cross-service calls
US10353746B2 (en) 2014-12-05 2019-07-16 Amazon Technologies, Inc. Automatic determination of resource sizing
US10365985B2 (en) 2015-12-16 2019-07-30 Amazon Technologies, Inc. Predictive management of on-demand code execution
CN110084039A (en) * 2013-04-19 2019-08-02 Nicira股份有限公司 Frame for the coordination between endpoint security and Network Security Service
US10387177B2 (en) 2015-02-04 2019-08-20 Amazon Technologies, Inc. Stateful virtual compute system
US10437629B2 (en) 2015-12-16 2019-10-08 Amazon Technologies, Inc. Pre-triggers for code execution environments
US10528390B2 (en) 2016-09-23 2020-01-07 Amazon Technologies, Inc. Idempotent task execution in on-demand network code execution systems
US10552193B2 (en) 2015-02-04 2020-02-04 Amazon Technologies, Inc. Security protocols for low latency execution of program code
US10564946B1 (en) 2017-12-13 2020-02-18 Amazon Technologies, Inc. Dependency handling in an on-demand network code execution system
US10579405B1 (en) * 2013-03-13 2020-03-03 Amazon Technologies, Inc. Parallel virtual machine managers
US10592269B2 (en) 2014-09-30 2020-03-17 Amazon Technologies, Inc. Dynamic code deployment and versioning
US10623476B2 (en) 2015-04-08 2020-04-14 Amazon Technologies, Inc. Endpoint management system providing an application programming interface proxy service
US10691498B2 (en) 2015-12-21 2020-06-23 Amazon Technologies, Inc. Acquisition and maintenance of compute capacity
US10725752B1 (en) 2018-02-13 2020-07-28 Amazon Technologies, Inc. Dependency handling in an on-demand network code execution system
US10733085B1 (en) 2018-02-05 2020-08-04 Amazon Technologies, Inc. Detecting impedance mismatches due to cross-service calls
US10754701B1 (en) 2015-12-16 2020-08-25 Amazon Technologies, Inc. Executing user-defined code in response to determining that resources expected to be utilized comply with resource restrictions
US10776091B1 (en) 2018-02-26 2020-09-15 Amazon Technologies, Inc. Logging endpoint in an on-demand code execution system
US10776171B2 (en) 2015-04-08 2020-09-15 Amazon Technologies, Inc. Endpoint management system and virtual compute system
US10824484B2 (en) 2014-09-30 2020-11-03 Amazon Technologies, Inc. Event-driven computing
US10831898B1 (en) 2018-02-05 2020-11-10 Amazon Technologies, Inc. Detecting privilege escalations in code including cross-service calls
US10884802B2 (en) 2014-09-30 2021-01-05 Amazon Technologies, Inc. Message-based computation request scheduling
US10884722B2 (en) 2018-06-26 2021-01-05 Amazon Technologies, Inc. Cross-environment application of tracing information for improved code execution
US10884787B1 (en) 2016-09-23 2021-01-05 Amazon Technologies, Inc. Execution guarantees in an on-demand network code execution system
US10884812B2 (en) 2018-12-13 2021-01-05 Amazon Technologies, Inc. Performance-based hardware emulation in an on-demand network code execution system
US10891145B2 (en) 2016-03-30 2021-01-12 Amazon Technologies, Inc. Processing pre-existing data sets at an on demand code execution environment
US10908927B1 (en) 2019-09-27 2021-02-02 Amazon Technologies, Inc. On-demand execution of object filter code in output path of object storage service
US10915371B2 (en) 2014-09-30 2021-02-09 Amazon Technologies, Inc. Automatic management of low latency computational capacity
US10942795B1 (en) 2019-11-27 2021-03-09 Amazon Technologies, Inc. Serverless call distribution to utilize reserved capacity without inhibiting scaling
US10949237B2 (en) 2018-06-29 2021-03-16 Amazon Technologies, Inc. Operating system customization in an on-demand network code execution system
WO2021080601A1 (en) * 2019-10-25 2021-04-29 Hewlett-Packard Development Company, L.P. Integrity monitor
US10996961B2 (en) 2019-09-27 2021-05-04 Amazon Technologies, Inc. On-demand indexing of data in input path of object storage service
CN112800431A (en) * 2020-08-28 2021-05-14 支付宝(杭州)信息技术有限公司 Method and device for safely entering trusted execution environment in hyper-thread scene
US11010188B1 (en) 2019-02-05 2021-05-18 Amazon Technologies, Inc. Simulated data object storage using on-demand computation of data objects
US11016815B2 (en) 2015-12-21 2021-05-25 Amazon Technologies, Inc. Code execution request routing
US11023311B2 (en) 2019-09-27 2021-06-01 Amazon Technologies, Inc. On-demand code execution in input path of data uploaded to storage service in multiple data portions
US11023416B2 (en) 2019-09-27 2021-06-01 Amazon Technologies, Inc. Data access control system for object storage service based on owner-defined code
US11055112B2 (en) 2019-09-27 2021-07-06 Amazon Technologies, Inc. Inserting executions of owner-specified code into input/output path of object storage service
US11099870B1 (en) 2018-07-25 2021-08-24 Amazon Technologies, Inc. Reducing execution times in an on-demand network code execution system using saved machine states
US11099917B2 (en) 2018-09-27 2021-08-24 Amazon Technologies, Inc. Efficient state maintenance for execution environments in an on-demand code execution system
US11106477B2 (en) 2019-09-27 2021-08-31 Amazon Technologies, Inc. Execution of owner-specified code during input/output path to object storage service
US11115404B2 (en) 2019-06-28 2021-09-07 Amazon Technologies, Inc. Facilitating service connections in serverless code executions
US11119813B1 (en) 2016-09-30 2021-09-14 Amazon Technologies, Inc. Mapreduce implementation using an on-demand network code execution system
US11119809B1 (en) 2019-06-20 2021-09-14 Amazon Technologies, Inc. Virtualization-based transaction handling in an on-demand network code execution system
US11119826B2 (en) 2019-11-27 2021-09-14 Amazon Technologies, Inc. Serverless call distribution to implement spillover while avoiding cold starts
US11132213B1 (en) 2016-03-30 2021-09-28 Amazon Technologies, Inc. Dependency-based process of pre-existing data sets at an on demand code execution environment
US11146569B1 (en) 2018-06-28 2021-10-12 Amazon Technologies, Inc. Escalation-resistant secure network services using request-scoped authentication information
US11159528B2 (en) 2019-06-28 2021-10-26 Amazon Technologies, Inc. Authentication to network-services using hosted authentication information
US11171983B2 (en) * 2018-06-29 2021-11-09 Intel Corporation Techniques to provide function-level isolation with capability-based security
US11188391B1 (en) 2020-03-11 2021-11-30 Amazon Technologies, Inc. Allocating resources to on-demand code executions under scarcity conditions
US11190609B2 (en) 2019-06-28 2021-11-30 Amazon Technologies, Inc. Connection pooling for scalable network services
US11243953B2 (en) 2018-09-27 2022-02-08 Amazon Technologies, Inc. Mapreduce implementation in an on-demand network code execution system and stream data processing system
US11250007B1 (en) 2019-09-27 2022-02-15 Amazon Technologies, Inc. On-demand execution of object combination code in output path of object storage service
US11263220B2 (en) 2019-09-27 2022-03-01 Amazon Technologies, Inc. On-demand execution of object transformation code in output path of object storage service
US11360948B2 (en) 2019-09-27 2022-06-14 Amazon Technologies, Inc. Inserting owner-specified data processing pipelines into input/output path of object storage service
US11386230B2 (en) 2019-09-27 2022-07-12 Amazon Technologies, Inc. On-demand code obfuscation of data in input path of object storage service
US11388210B1 (en) 2021-06-30 2022-07-12 Amazon Technologies, Inc. Streaming analytics using a serverless compute system
US11394761B1 (en) 2019-09-27 2022-07-19 Amazon Technologies, Inc. Execution of user-submitted code on a stream of data
US11416628B2 (en) 2019-09-27 2022-08-16 Amazon Technologies, Inc. User-specific data manipulation system for object storage service based on user-submitted code
US11449601B2 (en) * 2020-01-08 2022-09-20 Red Hat, Inc. Proof of code compliance and protected integrity using a trusted execution environment
US11550713B1 (en) 2020-11-25 2023-01-10 Amazon Technologies, Inc. Garbage collection in distributed systems using life cycled storage roots
US11550944B2 (en) 2019-09-27 2023-01-10 Amazon Technologies, Inc. Code execution environment customization system for object storage service
US11593270B1 (en) 2020-11-25 2023-02-28 Amazon Technologies, Inc. Fast distributed caching using erasure coded object parts
US20230061511A1 (en) * 2021-08-30 2023-03-02 International Business Machines Corporation Inaccessible prefix pages during virtual machine execution
US11656892B1 (en) 2019-09-27 2023-05-23 Amazon Technologies, Inc. Sequential execution of user-submitted code and native functions
US11714682B1 (en) 2020-03-03 2023-08-01 Amazon Technologies, Inc. Reclaiming computing resources in an on-demand code execution system
US11775640B1 (en) 2020-03-30 2023-10-03 Amazon Technologies, Inc. Resource utilization-based malicious task detection in an on-demand code execution system
US11861386B1 (en) 2019-03-22 2024-01-02 Amazon Technologies, Inc. Application gateways in an on-demand network code execution system
US11875173B2 (en) 2018-06-25 2024-01-16 Amazon Technologies, Inc. Execution of auxiliary functions in an on-demand network code execution system

Families Citing this family (53)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8041761B1 (en) * 2002-12-23 2011-10-18 Netapp, Inc. Virtual filer and IP space based IT configuration transitioning framework
CN100349123C (en) * 2004-03-02 2007-11-14 英特维数位科技股份有限公司 Method for far-end computer system control
US7305592B2 (en) * 2004-06-30 2007-12-04 Intel Corporation Support for nested fault in a virtual machine environment
US7757231B2 (en) 2004-12-10 2010-07-13 Intel Corporation System and method to deprivilege components of a virtual machine monitor
US9785485B2 (en) * 2005-07-27 2017-10-10 Intel Corporation Virtualization event processing in a layered virtualization architecture
US20140373144A9 (en) * 2006-05-22 2014-12-18 Alen Capalik System and method for analyzing unauthorized intrusion into a computer network
US8973094B2 (en) * 2006-05-26 2015-03-03 Intel Corporation Execution of a secured environment initialization instruction on a point-to-point interconnect system
US7490191B2 (en) * 2006-09-22 2009-02-10 Intel Corporation Sharing information between guests in a virtual machine environment
US7533207B2 (en) * 2006-12-06 2009-05-12 Microsoft Corporation Optimized interrupt delivery in a virtualized environment
US9098347B2 (en) * 2006-12-21 2015-08-04 Vmware Implementation of virtual machine operations using storage system functionality
US9189265B2 (en) 2006-12-21 2015-11-17 Vmware, Inc. Storage architecture for virtual machines
US9354927B2 (en) 2006-12-21 2016-05-31 Vmware, Inc. Securing virtual machine data
US7698507B2 (en) * 2007-02-28 2010-04-13 Intel Corporation Protecting system management mode (SMM) spaces against cache attacks
JP4864817B2 (en) 2007-06-22 2012-02-01 株式会社日立製作所 Virtualization program and virtual computer system
US8151264B2 (en) * 2007-06-29 2012-04-03 Intel Corporation Injecting virtualization events in a layered virtualization architecture
US20090119748A1 (en) * 2007-08-30 2009-05-07 Jiewen Yao System management mode isolation in firmware
US8250641B2 (en) * 2007-09-17 2012-08-21 Intel Corporation Method and apparatus for dynamic switching and real time security control on virtualized systems
JP4678396B2 (en) * 2007-09-25 2011-04-27 日本電気株式会社 Computer and method for monitoring virtual machine monitor, and virtual machine monitor monitor program
US8522236B2 (en) * 2007-12-28 2013-08-27 Intel Corporation Method and system for establishing a robust virtualized environment
US8261028B2 (en) * 2007-12-31 2012-09-04 Intel Corporation Cached dirty bits for context switch consistency checks
EP2254905B1 (en) * 2008-03-14 2016-12-14 Novo Nordisk A/S Protease-stabilized insulin analogues
US8145471B2 (en) * 2008-04-30 2012-03-27 International Business Machines Corporation Non-destructive simulation of a failure in a virtualization environment
JP5405799B2 (en) 2008-10-30 2014-02-05 株式会社日立製作所 Virtual computer control method, virtualization program, and virtual computer system
US8205197B2 (en) * 2008-11-12 2012-06-19 Lenovo (Singapore) Pte. Ltd. Apparatus, system, and method for granting hypervisor privileges
US8868925B2 (en) * 2008-12-09 2014-10-21 Nvidia Corporation Method and apparatus for the secure processing of confidential content within a virtual machine of a processor
KR101571880B1 (en) * 2009-02-02 2015-11-25 삼성전자 주식회사 Virtualized electronic apparatus virtual machine store and method for using virtual machine service
JP4961459B2 (en) * 2009-06-26 2012-06-27 株式会社日立製作所 Virtual computer system and control method in virtual computer system
US8612975B2 (en) * 2009-07-07 2013-12-17 Advanced Micro Devices, Inc. World switch between virtual machines with selective storage of state information
DE102009051350A1 (en) * 2009-10-30 2011-05-05 Continental Automotive Gmbh Method of operating a tachograph and tachograph
US20110197256A1 (en) * 2009-12-18 2011-08-11 Assured Information Security, Inc. Methods for securing a processing system and devices thereof
US8959217B2 (en) * 2010-01-15 2015-02-17 Joyent, Inc. Managing workloads and hardware resources in a cloud resource
US9106697B2 (en) * 2010-06-24 2015-08-11 NeurallQ, Inc. System and method for identifying unauthorized activities on a computer system using a data structure model
US8555276B2 (en) 2011-03-11 2013-10-08 Joyent, Inc. Systems and methods for transparently optimizing workloads
JP6063941B2 (en) * 2011-08-30 2017-01-18 ヒューレット−パッカード デベロップメント カンパニー エル.ピー.Hewlett‐Packard Development Company, L.P. Virtual high privilege mode for system administration requests
GB2507015B (en) 2011-08-30 2020-04-29 Hewlett Packard Development Co Communication with a virtual trusted runtime BIOS
US8782224B2 (en) 2011-12-29 2014-07-15 Joyent, Inc. Systems and methods for time-based dynamic allocation of resource management
RU2522019C1 (en) * 2012-12-25 2014-07-10 Закрытое акционерное общество "Лаборатория Касперского" System and method of detecting threat in code executed by virtual machine
RU2535175C2 (en) 2012-12-25 2014-12-10 Закрытое акционерное общество "Лаборатория Касперского" System and method for detecting malware by creating isolated environment
US8677359B1 (en) 2013-03-14 2014-03-18 Joyent, Inc. Compute-centric object stores and methods of use
US8943284B2 (en) 2013-03-14 2015-01-27 Joyent, Inc. Systems and methods for integrating compute resources in a storage area network
US9104456B2 (en) 2013-03-14 2015-08-11 Joyent, Inc. Zone management of compute-centric object stores
US8881279B2 (en) 2013-03-14 2014-11-04 Joyent, Inc. Systems and methods for zone-based intrusion detection
US8826279B1 (en) 2013-03-14 2014-09-02 Joyent, Inc. Instruction set architecture for compute-based object stores
US9092238B2 (en) 2013-03-15 2015-07-28 Joyent, Inc. Versioning schemes for compute-centric object stores
US8793688B1 (en) 2013-03-15 2014-07-29 Joyent, Inc. Systems and methods for double hulled virtualization operations
US8775485B1 (en) 2013-03-15 2014-07-08 Joyent, Inc. Object store management operations within compute-centric object stores
US9330035B2 (en) * 2013-05-23 2016-05-03 Arm Limited Method and apparatus for interrupt handling
CN103927224B (en) * 2014-03-28 2016-06-29 小米科技有限责任公司 Bead performs method and apparatus
US9672354B2 (en) 2014-08-18 2017-06-06 Bitdefender IPR Management Ltd. Systems and methods for exposing a result of a current processor instruction upon exiting a virtual machine
US9471799B2 (en) * 2014-09-22 2016-10-18 Advanced Micro Devices, Inc. Method for privileged mode based secure input mechanism
WO2016112219A1 (en) 2015-01-07 2016-07-14 CounterTack, Inc. System and method for monitoring a computer system using machine interpretable code
GB2539436B (en) * 2015-06-16 2019-02-06 Advanced Risc Mach Ltd Secure initialisation
CN113791865A (en) * 2021-09-08 2021-12-14 山石网科通信技术股份有限公司 Container security processing method and device, storage medium and processor

Citations (98)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3699532A (en) * 1970-04-21 1972-10-17 Singer Co Multiprogramming control for a data handling system
US3996449A (en) * 1975-08-25 1976-12-07 International Business Machines Corporation Operating system authenticator
US4162536A (en) * 1976-01-02 1979-07-24 Gould Inc., Modicon Div. Digital input/output system and method
US4207609A (en) * 1978-05-08 1980-06-10 International Business Machines Corporation Method and means for path independent device reservation and reconnection in a multi-CPU and shared device access system
US4247905A (en) * 1977-08-26 1981-01-27 Sharp Kabushiki Kaisha Memory clear system
US4276594A (en) * 1978-01-27 1981-06-30 Gould Inc. Modicon Division Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same
US4278837A (en) * 1977-10-31 1981-07-14 Best Robert M Crypto microprocessor for executing enciphered programs
US4307214A (en) * 1979-12-12 1981-12-22 Phillips Petroleum Company SC2 activation of supported chromium oxide catalysts
US4307447A (en) * 1979-06-19 1981-12-22 Gould Inc. Programmable controller
US4319323A (en) * 1980-04-04 1982-03-09 Digital Equipment Corporation Communications device for data processing system
US4319233A (en) * 1978-11-30 1982-03-09 Kokusan Denki Co., Ltd. Device for electrically detecting a liquid level
US4347565A (en) * 1978-12-01 1982-08-31 Fujitsu Limited Address control system for software simulation
US4366537A (en) * 1980-05-23 1982-12-28 International Business Machines Corp. Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys
US4403283A (en) * 1980-07-28 1983-09-06 Ncr Corporation Extended memory system and method
US4419724A (en) * 1980-04-14 1983-12-06 Sperry Corporation Main bus interface package
US4430709A (en) * 1980-09-13 1984-02-07 Robert Bosch Gmbh Apparatus for safeguarding data entered into a microprocessor
US4521852A (en) * 1982-06-30 1985-06-04 Texas Instruments Incorporated Data processing device formed on a single semiconductor substrate having secure memory
US4571672A (en) * 1982-12-17 1986-02-18 Hitachi, Ltd. Access control method for multiprocessor systems
US4759064A (en) * 1985-10-07 1988-07-19 Chaum David L Blind unanticipated signature systems
US4795893A (en) * 1986-07-11 1989-01-03 Bull, Cp8 Security device prohibiting the function of an electronic data processing unit after a first cutoff of its electrical power
US4802084A (en) * 1985-03-11 1989-01-31 Hitachi, Ltd. Address translator
US4825052A (en) * 1985-12-31 1989-04-25 Bull Cp8 Method and apparatus for certifying services obtained using a portable carrier such as a memory card
US4907272A (en) * 1986-07-11 1990-03-06 Bull Cp8 Method for authenticating an external authorizing datum by a portable object, such as a memory card
US4907270A (en) * 1986-07-11 1990-03-06 Bull Cp8 Method for certifying the authenticity of a datum exchanged between two devices connected locally or remotely by a transmission line
US4910774A (en) * 1987-07-10 1990-03-20 Schlumberger Industries Method and system for suthenticating electronic memory cards
US4975836A (en) * 1984-12-19 1990-12-04 Hitachi, Ltd. Virtual computer system
US5007082A (en) * 1988-08-03 1991-04-09 Kelly Services, Inc. Computer software encryption apparatus
US5022077A (en) * 1989-08-25 1991-06-04 International Business Machines Corp. Apparatus and method for preventing unauthorized access to BIOS in a personal computer system
US5075842A (en) * 1989-12-22 1991-12-24 Intel Corporation Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism
US5079737A (en) * 1988-10-25 1992-01-07 United Technologies Corporation Memory management unit for the MIL-STD 1750 bus
US5139760A (en) * 1989-02-28 1992-08-18 Mizusawa Industrial Chemicals, Ltd. Amorphous silica-alumina spherical particles and process for preparation thereof
US5187802A (en) * 1988-12-26 1993-02-16 Hitachi, Ltd. Virtual machine system with vitual machine resetting store indicating that virtual machine processed interrupt without virtual machine control program intervention
US5230069A (en) * 1990-10-02 1993-07-20 International Business Machines Corporation Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system
US5237616A (en) * 1992-09-21 1993-08-17 International Business Machines Corporation Secure computer system having privileged and unprivileged memories
US5255379A (en) * 1990-12-28 1993-10-19 Sun Microsystems, Inc. Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 80486 processor
US5287363A (en) * 1991-07-01 1994-02-15 Disk Technician Corporation System for locating and anticipating data storage media failures
US5293424A (en) * 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5295251A (en) * 1989-09-21 1994-03-15 Hitachi, Ltd. Method of accessing multiple virtual address spaces and computer system
US5317705A (en) * 1990-10-24 1994-05-31 International Business Machines Corporation Apparatus and method for TLB purge reduction in a multi-level machine system
US5319760A (en) * 1991-06-28 1994-06-07 Digital Equipment Corporation Translation buffer for virtual machines with address space match
US5355490A (en) * 1991-06-14 1994-10-11 Toshiba America Information Systems, Inc. System and method for saving the state for advanced microprocessor operating modes
US5361375A (en) * 1989-02-09 1994-11-01 Fujitsu Limited Virtual computer system having input/output interrupt control of virtual machines
US5386552A (en) * 1991-10-21 1995-01-31 Intel Corporation Preservation of a computer system processing state in a mass storage device
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
US5434999A (en) * 1988-11-09 1995-07-18 Bull Cp8 Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal
US5437033A (en) * 1990-11-16 1995-07-25 Hitachi, Ltd. System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode
US5442645A (en) * 1989-06-06 1995-08-15 Bull Cp8 Method for checking the integrity of a program or data, and apparatus for implementing this method
US5455909A (en) * 1991-07-05 1995-10-03 Chips And Technologies Inc. Microprocessor with operation capture facility
US5459869A (en) * 1994-02-17 1995-10-17 Spilo; Michael L. Method for providing protected mode services for device drivers and other resident software
US5459867A (en) * 1989-10-20 1995-10-17 Iomega Corporation Kernels, description tables, and device drivers
US5469557A (en) * 1993-03-05 1995-11-21 Microchip Technology Incorporated Code protection in microcontroller with EEPROM fuses
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US5479509A (en) * 1993-04-06 1995-12-26 Bull Cp8 Method for signature of an information processing file, and apparatus for implementing it
US5504922A (en) * 1989-06-30 1996-04-02 Hitachi, Ltd. Virtual machine with hardware display controllers for base and target machines
US5506975A (en) * 1992-12-18 1996-04-09 Hitachi, Ltd. Virtual machine I/O interrupt control method compares number of pending I/O interrupt conditions for non-running virtual machines with predetermined number
US5511217A (en) * 1992-11-30 1996-04-23 Hitachi, Ltd. Computer system of virtual machines sharing a vector processor
US5522075A (en) * 1991-06-28 1996-05-28 Digital Equipment Corporation Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces
US5528231A (en) * 1993-06-08 1996-06-18 Bull Cp8 Method for the authentication of a portable object by an offline terminal, and apparatus for implementing the process
US5533126A (en) * 1993-04-22 1996-07-02 Bull Cp8 Key protection device for smart cards
US5555414A (en) * 1994-12-14 1996-09-10 International Business Machines Corporation Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals
US5555385A (en) * 1993-10-27 1996-09-10 International Business Machines Corporation Allocation of address spaces within virtual machine compute system
US5560013A (en) * 1994-12-06 1996-09-24 International Business Machines Corporation Method of using a target processor to execute programs of a source architecture that uses multiple address spaces
US5564040A (en) * 1994-11-08 1996-10-08 International Business Machines Corporation Method and apparatus for providing a server function in a logically partitioned hardware machine
US5566323A (en) * 1988-12-20 1996-10-15 Bull Cp8 Data processing system including programming voltage inhibitor for an electrically erasable reprogrammable nonvolatile memory
US5574936A (en) * 1992-01-02 1996-11-12 Amdahl Corporation Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB) in a computer system
US5582717A (en) * 1990-09-12 1996-12-10 Di Santo; Dennis E. Water dispenser with side by side filling-stations
US5604805A (en) * 1994-02-28 1997-02-18 Brands; Stefanus A. Privacy-protected transfer of electronic information
US5603499A (en) * 1995-07-26 1997-02-18 Doris G. Jagosz Blackjack play option response indicator
US5606617A (en) * 1994-10-14 1997-02-25 Brands; Stefanus A. Secret-key certificates
US5615263A (en) * 1995-01-06 1997-03-25 Vlsi Technology, Inc. Dual purpose security architecture with protected internal operating system
US5628022A (en) * 1993-06-04 1997-05-06 Hitachi, Ltd. Microcomputer with programmable ROM
US5633929A (en) * 1995-09-15 1997-05-27 Rsa Data Security, Inc Cryptographic key escrow system having reduced vulnerability to harvesting attacks
US5657445A (en) * 1996-01-26 1997-08-12 Dell Usa, L.P. Apparatus and method for limiting access to mass storage devices in a computer system
US5668971A (en) * 1992-12-01 1997-09-16 Compaq Computer Corporation Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data transfer
US5684948A (en) * 1995-09-01 1997-11-04 National Semiconductor Corporation Memory management circuit which provides simulated privilege levels
US5706469A (en) * 1994-09-12 1998-01-06 Mitsubishi Denki Kabushiki Kaisha Data processing system controlling bus access to an arbitrary sized memory area
US5708818A (en) * 1994-02-25 1998-01-13 Munz; Heinrich Method and apparatus for real-time operation of a processor
US5717903A (en) * 1995-05-15 1998-02-10 Compaq Computer Corporation Method and appartus for emulating a peripheral device to allow device driver development before availability of the peripheral device
US5720609A (en) * 1991-01-09 1998-02-24 Pfefferle; William Charles Catalytic method
US5721222A (en) * 1992-04-16 1998-02-24 Zeneca Limited Heterocyclic ketones
US5729760A (en) * 1996-06-21 1998-03-17 Intel Corporation System for providing first type access to register if processor in first mode and second type access to register if processor not in first mode
US5737604A (en) * 1989-11-03 1998-04-07 Compaq Computer Corporation Method and apparatus for independently resetting processors and cache controllers in multiple processor systems
US5740178A (en) * 1996-08-29 1998-04-14 Lucent Technologies Inc. Software for controlling a reliable backup memory
US5752046A (en) * 1993-01-14 1998-05-12 Apple Computer, Inc. Power management system for computer device interconnection bus
US5757919A (en) * 1996-12-12 1998-05-26 Intel Corporation Cryptographically protected paging subsystem
US5764969A (en) * 1995-02-10 1998-06-09 International Business Machines Corporation Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization
US5854913A (en) * 1995-06-07 1998-12-29 International Business Machines Corporation Microprocessor with an architecture mode control capable of supporting extensions of two distinct instruction-set architectures
US5987604A (en) * 1997-10-07 1999-11-16 Phoenix Technologies, Ltd. Method and apparatus for providing execution of system management mode services in virtual mode
US6075938A (en) * 1997-06-10 2000-06-13 The Board Of Trustees Of The Leland Stanford Junior University Virtual machine monitors for scalable multiprocessors
US6182089B1 (en) * 1997-09-23 2001-01-30 Silicon Graphics, Inc. Method, system and computer program product for dynamically allocating large memory pages of different sizes
US6272637B1 (en) * 1997-04-14 2001-08-07 Dallas Semiconductor Corporation Systems and methods for protecting access to encrypted information
US6282650B1 (en) * 1999-01-25 2001-08-28 Intel Corporation Secure public digital watermark
US6314409B2 (en) * 1996-01-11 2001-11-06 Veridian Information Solutions System for controlling access and distribution of digital property
US6374317B1 (en) * 1999-10-07 2002-04-16 Intel Corporation Method and apparatus for initializing a computer interface
US6397242B1 (en) * 1998-05-15 2002-05-28 Vmware, Inc. Virtualization system including a virtual machine monitor for a computer with a segmented architecture
US20020099753A1 (en) * 2001-01-20 2002-07-25 Hardin David S. System and method for concurrently supporting multiple independent virtual machines
US20030037089A1 (en) * 2001-08-15 2003-02-20 Erik Cota-Robles Tracking operating system process and thread execution and virtual machine execution in hardware or in a virtual machine monitor
US6961941B1 (en) * 2001-06-08 2005-11-01 Vmware, Inc. Computer configuration for resource management in systems including a virtual machine

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4253145A (en) * 1978-12-26 1981-02-24 Honeywell Information Systems Inc. Hardware virtualizer for supporting recursive virtual computer systems on a host computer system
WO1993009494A1 (en) * 1991-10-28 1993-05-13 Digital Equipment Corporation Fault-tolerant computer processing using a shadow virtual processor
US6093213A (en) * 1995-10-06 2000-07-25 Advanced Micro Devices, Inc. Flexible implementation of a system management mode (SMM) in a processor
WO1998044411A1 (en) * 1997-04-02 1998-10-08 Microsoft Corporation Method for integrating a virtual machine with input method editors
US6496847B1 (en) * 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
JP2002041305A (en) * 2000-07-26 2002-02-08 Hitachi Ltd Allocating method of computer resource in virtual computer system, and virtual computer system
US6725289B1 (en) * 2002-04-17 2004-04-20 Vmware, Inc. Transparent address remapping for high-speed I/O
US7318141B2 (en) * 2002-12-17 2008-01-08 Intel Corporation Methods and systems to control virtual machines
US7424709B2 (en) * 2003-09-15 2008-09-09 Intel Corporation Use of multiple virtual machine monitors to handle privileged events

Patent Citations (99)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3699532A (en) * 1970-04-21 1972-10-17 Singer Co Multiprogramming control for a data handling system
US3996449A (en) * 1975-08-25 1976-12-07 International Business Machines Corporation Operating system authenticator
US4162536A (en) * 1976-01-02 1979-07-24 Gould Inc., Modicon Div. Digital input/output system and method
US4247905A (en) * 1977-08-26 1981-01-27 Sharp Kabushiki Kaisha Memory clear system
US4278837A (en) * 1977-10-31 1981-07-14 Best Robert M Crypto microprocessor for executing enciphered programs
US4276594A (en) * 1978-01-27 1981-06-30 Gould Inc. Modicon Division Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same
US4207609A (en) * 1978-05-08 1980-06-10 International Business Machines Corporation Method and means for path independent device reservation and reconnection in a multi-CPU and shared device access system
US4319233A (en) * 1978-11-30 1982-03-09 Kokusan Denki Co., Ltd. Device for electrically detecting a liquid level
US4347565A (en) * 1978-12-01 1982-08-31 Fujitsu Limited Address control system for software simulation
US4307447A (en) * 1979-06-19 1981-12-22 Gould Inc. Programmable controller
US4307214A (en) * 1979-12-12 1981-12-22 Phillips Petroleum Company SC2 activation of supported chromium oxide catalysts
US4319323A (en) * 1980-04-04 1982-03-09 Digital Equipment Corporation Communications device for data processing system
US4419724A (en) * 1980-04-14 1983-12-06 Sperry Corporation Main bus interface package
US4366537A (en) * 1980-05-23 1982-12-28 International Business Machines Corp. Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys
US4403283A (en) * 1980-07-28 1983-09-06 Ncr Corporation Extended memory system and method
US4430709A (en) * 1980-09-13 1984-02-07 Robert Bosch Gmbh Apparatus for safeguarding data entered into a microprocessor
US4521852A (en) * 1982-06-30 1985-06-04 Texas Instruments Incorporated Data processing device formed on a single semiconductor substrate having secure memory
US4571672A (en) * 1982-12-17 1986-02-18 Hitachi, Ltd. Access control method for multiprocessor systems
US4975836A (en) * 1984-12-19 1990-12-04 Hitachi, Ltd. Virtual computer system
US4802084A (en) * 1985-03-11 1989-01-31 Hitachi, Ltd. Address translator
US4759064A (en) * 1985-10-07 1988-07-19 Chaum David L Blind unanticipated signature systems
US4825052A (en) * 1985-12-31 1989-04-25 Bull Cp8 Method and apparatus for certifying services obtained using a portable carrier such as a memory card
US4907270A (en) * 1986-07-11 1990-03-06 Bull Cp8 Method for certifying the authenticity of a datum exchanged between two devices connected locally or remotely by a transmission line
US4907272A (en) * 1986-07-11 1990-03-06 Bull Cp8 Method for authenticating an external authorizing datum by a portable object, such as a memory card
US4795893A (en) * 1986-07-11 1989-01-03 Bull, Cp8 Security device prohibiting the function of an electronic data processing unit after a first cutoff of its electrical power
US4910774A (en) * 1987-07-10 1990-03-20 Schlumberger Industries Method and system for suthenticating electronic memory cards
US5007082A (en) * 1988-08-03 1991-04-09 Kelly Services, Inc. Computer software encryption apparatus
US5079737A (en) * 1988-10-25 1992-01-07 United Technologies Corporation Memory management unit for the MIL-STD 1750 bus
US5434999A (en) * 1988-11-09 1995-07-18 Bull Cp8 Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal
US5566323A (en) * 1988-12-20 1996-10-15 Bull Cp8 Data processing system including programming voltage inhibitor for an electrically erasable reprogrammable nonvolatile memory
US5187802A (en) * 1988-12-26 1993-02-16 Hitachi, Ltd. Virtual machine system with vitual machine resetting store indicating that virtual machine processed interrupt without virtual machine control program intervention
US5361375A (en) * 1989-02-09 1994-11-01 Fujitsu Limited Virtual computer system having input/output interrupt control of virtual machines
US5139760A (en) * 1989-02-28 1992-08-18 Mizusawa Industrial Chemicals, Ltd. Amorphous silica-alumina spherical particles and process for preparation thereof
US5442645A (en) * 1989-06-06 1995-08-15 Bull Cp8 Method for checking the integrity of a program or data, and apparatus for implementing this method
US5504922A (en) * 1989-06-30 1996-04-02 Hitachi, Ltd. Virtual machine with hardware display controllers for base and target machines
US5022077A (en) * 1989-08-25 1991-06-04 International Business Machines Corp. Apparatus and method for preventing unauthorized access to BIOS in a personal computer system
US5295251A (en) * 1989-09-21 1994-03-15 Hitachi, Ltd. Method of accessing multiple virtual address spaces and computer system
US5459867A (en) * 1989-10-20 1995-10-17 Iomega Corporation Kernels, description tables, and device drivers
US5737604A (en) * 1989-11-03 1998-04-07 Compaq Computer Corporation Method and apparatus for independently resetting processors and cache controllers in multiple processor systems
US5075842A (en) * 1989-12-22 1991-12-24 Intel Corporation Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism
US5582717A (en) * 1990-09-12 1996-12-10 Di Santo; Dennis E. Water dispenser with side by side filling-stations
US5230069A (en) * 1990-10-02 1993-07-20 International Business Machines Corporation Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system
US5317705A (en) * 1990-10-24 1994-05-31 International Business Machines Corporation Apparatus and method for TLB purge reduction in a multi-level machine system
US5437033A (en) * 1990-11-16 1995-07-25 Hitachi, Ltd. System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode
US5255379A (en) * 1990-12-28 1993-10-19 Sun Microsystems, Inc. Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 80486 processor
US5720609A (en) * 1991-01-09 1998-02-24 Pfefferle; William Charles Catalytic method
US5355490A (en) * 1991-06-14 1994-10-11 Toshiba America Information Systems, Inc. System and method for saving the state for advanced microprocessor operating modes
US5319760A (en) * 1991-06-28 1994-06-07 Digital Equipment Corporation Translation buffer for virtual machines with address space match
US5522075A (en) * 1991-06-28 1996-05-28 Digital Equipment Corporation Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces
US5287363A (en) * 1991-07-01 1994-02-15 Disk Technician Corporation System for locating and anticipating data storage media failures
US5455909A (en) * 1991-07-05 1995-10-03 Chips And Technologies Inc. Microprocessor with operation capture facility
US5386552A (en) * 1991-10-21 1995-01-31 Intel Corporation Preservation of a computer system processing state in a mass storage device
US5574936A (en) * 1992-01-02 1996-11-12 Amdahl Corporation Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB) in a computer system
US5721222A (en) * 1992-04-16 1998-02-24 Zeneca Limited Heterocyclic ketones
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
US5237616A (en) * 1992-09-21 1993-08-17 International Business Machines Corporation Secure computer system having privileged and unprivileged memories
US5293424A (en) * 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5511217A (en) * 1992-11-30 1996-04-23 Hitachi, Ltd. Computer system of virtual machines sharing a vector processor
US5668971A (en) * 1992-12-01 1997-09-16 Compaq Computer Corporation Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data transfer
US5506975A (en) * 1992-12-18 1996-04-09 Hitachi, Ltd. Virtual machine I/O interrupt control method compares number of pending I/O interrupt conditions for non-running virtual machines with predetermined number
US5752046A (en) * 1993-01-14 1998-05-12 Apple Computer, Inc. Power management system for computer device interconnection bus
US5469557A (en) * 1993-03-05 1995-11-21 Microchip Technology Incorporated Code protection in microcontroller with EEPROM fuses
US5479509A (en) * 1993-04-06 1995-12-26 Bull Cp8 Method for signature of an information processing file, and apparatus for implementing it
US5533126A (en) * 1993-04-22 1996-07-02 Bull Cp8 Key protection device for smart cards
US5628022A (en) * 1993-06-04 1997-05-06 Hitachi, Ltd. Microcomputer with programmable ROM
US5528231A (en) * 1993-06-08 1996-06-18 Bull Cp8 Method for the authentication of a portable object by an offline terminal, and apparatus for implementing the process
US5555385A (en) * 1993-10-27 1996-09-10 International Business Machines Corporation Allocation of address spaces within virtual machine compute system
US5459869A (en) * 1994-02-17 1995-10-17 Spilo; Michael L. Method for providing protected mode services for device drivers and other resident software
US5708818A (en) * 1994-02-25 1998-01-13 Munz; Heinrich Method and apparatus for real-time operation of a processor
US5604805A (en) * 1994-02-28 1997-02-18 Brands; Stefanus A. Privacy-protected transfer of electronic information
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US5568552A (en) * 1994-09-07 1996-10-22 Intel Corporation Method for providing a roving software license from one node to another node
US5706469A (en) * 1994-09-12 1998-01-06 Mitsubishi Denki Kabushiki Kaisha Data processing system controlling bus access to an arbitrary sized memory area
US5606617A (en) * 1994-10-14 1997-02-25 Brands; Stefanus A. Secret-key certificates
US5564040A (en) * 1994-11-08 1996-10-08 International Business Machines Corporation Method and apparatus for providing a server function in a logically partitioned hardware machine
US5560013A (en) * 1994-12-06 1996-09-24 International Business Machines Corporation Method of using a target processor to execute programs of a source architecture that uses multiple address spaces
US5555414A (en) * 1994-12-14 1996-09-10 International Business Machines Corporation Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals
US5615263A (en) * 1995-01-06 1997-03-25 Vlsi Technology, Inc. Dual purpose security architecture with protected internal operating system
US5764969A (en) * 1995-02-10 1998-06-09 International Business Machines Corporation Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization
US5717903A (en) * 1995-05-15 1998-02-10 Compaq Computer Corporation Method and appartus for emulating a peripheral device to allow device driver development before availability of the peripheral device
US5854913A (en) * 1995-06-07 1998-12-29 International Business Machines Corporation Microprocessor with an architecture mode control capable of supporting extensions of two distinct instruction-set architectures
US5603499A (en) * 1995-07-26 1997-02-18 Doris G. Jagosz Blackjack play option response indicator
US5684948A (en) * 1995-09-01 1997-11-04 National Semiconductor Corporation Memory management circuit which provides simulated privilege levels
US5633929A (en) * 1995-09-15 1997-05-27 Rsa Data Security, Inc Cryptographic key escrow system having reduced vulnerability to harvesting attacks
US6314409B2 (en) * 1996-01-11 2001-11-06 Veridian Information Solutions System for controlling access and distribution of digital property
US5657445A (en) * 1996-01-26 1997-08-12 Dell Usa, L.P. Apparatus and method for limiting access to mass storage devices in a computer system
US5729760A (en) * 1996-06-21 1998-03-17 Intel Corporation System for providing first type access to register if processor in first mode and second type access to register if processor not in first mode
US5740178A (en) * 1996-08-29 1998-04-14 Lucent Technologies Inc. Software for controlling a reliable backup memory
US5757919A (en) * 1996-12-12 1998-05-26 Intel Corporation Cryptographically protected paging subsystem
US6272637B1 (en) * 1997-04-14 2001-08-07 Dallas Semiconductor Corporation Systems and methods for protecting access to encrypted information
US6075938A (en) * 1997-06-10 2000-06-13 The Board Of Trustees Of The Leland Stanford Junior University Virtual machine monitors for scalable multiprocessors
US6182089B1 (en) * 1997-09-23 2001-01-30 Silicon Graphics, Inc. Method, system and computer program product for dynamically allocating large memory pages of different sizes
US5987604A (en) * 1997-10-07 1999-11-16 Phoenix Technologies, Ltd. Method and apparatus for providing execution of system management mode services in virtual mode
US6397242B1 (en) * 1998-05-15 2002-05-28 Vmware, Inc. Virtualization system including a virtual machine monitor for a computer with a segmented architecture
US6282650B1 (en) * 1999-01-25 2001-08-28 Intel Corporation Secure public digital watermark
US6374317B1 (en) * 1999-10-07 2002-04-16 Intel Corporation Method and apparatus for initializing a computer interface
US20020099753A1 (en) * 2001-01-20 2002-07-25 Hardin David S. System and method for concurrently supporting multiple independent virtual machines
US6961941B1 (en) * 2001-06-08 2005-11-01 Vmware, Inc. Computer configuration for resource management in systems including a virtual machine
US20030037089A1 (en) * 2001-08-15 2003-02-20 Erik Cota-Robles Tracking operating system process and thread execution and virtual machine execution in hardware or in a virtual machine monitor

Cited By (214)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040172629A1 (en) * 2003-02-28 2004-09-02 Azul Systems Segmented virtual machine
US7536688B2 (en) * 2003-02-28 2009-05-19 Azul Systems Segmented virtual machine
US20040250110A1 (en) * 2003-03-28 2004-12-09 Wray Michael John Security policy in trusted computing systems
US8612755B2 (en) * 2003-03-28 2013-12-17 Hewlett-Packard Development Company, L.P. Security policy in trusted computing systems
US20040268332A1 (en) * 2003-04-23 2004-12-30 Masato Mitsumori Memory access control method and processing system with memory access check function
US20050097345A1 (en) * 2003-10-29 2005-05-05 Kelley Brian H. System for selectively enabling operating modes of a device
US7496958B2 (en) * 2003-10-29 2009-02-24 Qualcomm Incorporated System for selectively enabling operating modes of a device
US20050257243A1 (en) * 2004-04-27 2005-11-17 Microsoft Corporation Method and system for enforcing a security policy via a security virtual machine
US8607299B2 (en) 2004-04-27 2013-12-10 Microsoft Corporation Method and system for enforcing a security policy via a security virtual machine
WO2006012197A2 (en) 2004-06-29 2006-02-02 Intel Corporation Method of improving computer security through sandboxing
WO2006012341A1 (en) 2004-06-29 2006-02-02 Intel Corporation System and method for secure inter-platform and intra-platform communications
US7908653B2 (en) * 2004-06-29 2011-03-15 Intel Corporation Method of improving computer security through sandboxing
US20050289311A1 (en) * 2004-06-29 2005-12-29 David Durham System and method for secure inter-platform and intra-platform communications
WO2006012197A3 (en) * 2004-06-29 2006-04-06 Intel Corp Method of improving computer security through sandboxing
US20060021029A1 (en) * 2004-06-29 2006-01-26 Brickell Ernie F Method of improving computer security through sandboxing
US7934076B2 (en) 2004-09-30 2011-04-26 Intel Corporation System and method for limiting exposure of hardware failure information for a secured execution environment
US20060075312A1 (en) * 2004-09-30 2006-04-06 Fischer Stephen A System and method for limiting exposure of hardware failure information for a secured execution environment
US7620953B1 (en) * 2004-10-05 2009-11-17 Azul Systems, Inc. System and method for allocating resources of a core space among a plurality of core virtual machines
US7487222B2 (en) 2005-03-29 2009-02-03 International Business Machines Corporation System management architecture for multi-node computer system
US20060224685A1 (en) * 2005-03-29 2006-10-05 International Business Machines Corporation System management architecture for multi-node computer system
US8276138B2 (en) 2005-06-24 2012-09-25 Azul Systems, Inc. Segmented virtual machine transport mechanism
US20090172665A1 (en) * 2005-06-24 2009-07-02 Azul Systems, Inc. Reducing latency in a segmented virtual machine
US20090178039A1 (en) * 2005-06-24 2009-07-09 Azul Systems, Inc. Segmented virtual machine transport mechanism
US8336048B2 (en) 2005-06-24 2012-12-18 Azul Systems, Inc. Reducing latency in a segmented virtual machine
US7480908B1 (en) 2005-06-24 2009-01-20 Azul Systems, Inc. Segmented virtual machine transport mechanism
US9361471B2 (en) 2005-06-30 2016-06-07 Intel Corporation Secure vault service for software components within an execution environment
US20110231668A1 (en) * 2005-06-30 2011-09-22 Travis Schluessler Signed Manifest for Run-Time Verification of Software Program Identity and Integrity
US8499151B2 (en) 2005-06-30 2013-07-30 Intel Corporation Secure platform voucher service for software components within an execution environment
US9547772B2 (en) 2005-06-30 2017-01-17 Intel Corporation Secure vault service for software components within an execution environment
US8601273B2 (en) 2005-06-30 2013-12-03 Intel Corporation Signed manifest for run-time verification of software program identity and integrity
US20080216096A1 (en) * 2005-07-15 2008-09-04 Lenovo (Beijing) Limited Virtual Computer System Supporting Trusted Computing and Method for Implementing Trusted Computation Thereon
US7752436B2 (en) * 2005-08-09 2010-07-06 Intel Corporation Exclusive access for secure audio program
US7971057B2 (en) * 2005-08-09 2011-06-28 Intel Corporation Exclusive access for secure audio program
US20070038997A1 (en) * 2005-08-09 2007-02-15 Steven Grobman Exclusive access for secure audio program
US20100192150A1 (en) * 2005-08-09 2010-07-29 Steven Grobman Exclusive access for secure audio program
US8266412B2 (en) 2005-08-29 2012-09-11 The Invention Science Fund I, Llc Hierarchical store buffer having segmented partitions
US20080133883A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical store buffer
US8275976B2 (en) 2005-08-29 2012-09-25 The Invention Science Fund I, Llc Hierarchical instruction scheduler facilitating instruction replay
US8296550B2 (en) 2005-08-29 2012-10-23 The Invention Science Fund I, Llc Hierarchical register file with operand capture ports
US9176741B2 (en) 2005-08-29 2015-11-03 Invention Science Fund I, Llc Method and apparatus for segmented sequential storage
US7644258B2 (en) 2005-08-29 2010-01-05 Searete, Llc Hybrid branch predictor using component predictors each having confidence and override signals
US20070083739A1 (en) * 2005-08-29 2007-04-12 Glew Andrew F Processor with branch predictor
US8037288B2 (en) 2005-08-29 2011-10-11 The Invention Science Fund I, Llc Hybrid branch predictor having negative ovedrride signals
US20080133889A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical instruction scheduler
US20080133893A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical register file
US20080133885A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical multi-threading processor
US8028152B2 (en) 2005-08-29 2011-09-27 The Invention Science Fund I, Llc Hierarchical multi-threading processor for executing virtual threads in a time-multiplexed fashion
US8327353B2 (en) * 2005-08-30 2012-12-04 Microsoft Corporation Hierarchical virtualization with a multi-level virtualization mechanism
US20070050764A1 (en) * 2005-08-30 2007-03-01 Microsoft Corporation Hierarchical virtualization with a multi-level virtualization mechanism
US7748037B2 (en) 2005-09-22 2010-06-29 Intel Corporation Validating a memory type modification attempt
US20070067590A1 (en) * 2005-09-22 2007-03-22 Uday Savagaonkar Providing protected access to critical memory regions
US20080163331A1 (en) * 2006-12-29 2008-07-03 Datta Sham M Reconfiguring a secure system
US8316414B2 (en) 2006-12-29 2012-11-20 Intel Corporation Reconfiguring a secure system
US8683191B2 (en) 2006-12-29 2014-03-25 Intel Corporation Reconfiguring a secure system
US8356297B1 (en) 2007-03-21 2013-01-15 Azul Systems, Inc. External data source redirection in segmented virtual machine
US20080263679A1 (en) * 2007-04-23 2008-10-23 Microsoft Corporation Storing information in closed computing devices
US20080294892A1 (en) * 2007-05-25 2008-11-27 Ingo Molnar Method and system for a kernel lock validator
US8145903B2 (en) * 2007-05-25 2012-03-27 Red Hat, Inc. Method and system for a kernel lock validator
US8839450B2 (en) 2007-08-02 2014-09-16 Intel Corporation Secure vault service for software components within an execution environment
US20090038017A1 (en) * 2007-08-02 2009-02-05 David Durham Secure vault service for software components within an execution environment
GB2453652B (en) * 2007-10-08 2010-07-14 Lenovo Method and client system for implementing online secure payment
GB2453652A (en) * 2007-10-08 2009-04-15 Lenovo Implementing secure online payments by switching to a dedicated operating system (OS)
US8099718B2 (en) 2007-11-13 2012-01-17 Intel Corporation Method and system for whitelisting software components
US8473945B2 (en) * 2007-12-31 2013-06-25 Intel Corporation Enabling system management mode in a secure system
US20090172385A1 (en) * 2007-12-31 2009-07-02 Datta Sham M Enabling system management mode in a secure system
US20100057982A1 (en) * 2008-08-26 2010-03-04 Phoenix Technologies Ltd Hypervisor security using SMM
US8843742B2 (en) * 2008-08-26 2014-09-23 Hewlett-Packard Company Hypervisor security using SMM
US8364601B2 (en) 2008-12-31 2013-01-29 Intel Corporation Methods and systems to directly render an image and correlate corresponding user input in a secure memory domain
US20100169666A1 (en) * 2008-12-31 2010-07-01 Prashant Dewan Methods and systems to direclty render an image and correlate corresponding user input in a secuire memory domain
US20120017285A1 (en) * 2009-05-18 2012-01-19 Mark A Piwonka Systems and methods of determining a trust level from system management mode
US8850601B2 (en) * 2009-05-18 2014-09-30 Hewlett-Packard Development Company, L.P. Systems and methods of determining a trust level from system management mode
US20110066783A1 (en) * 2009-09-14 2011-03-17 International Business Machines Corporation Secure Handling and Routing of Message-Signaled Interrupts
US8250273B2 (en) * 2009-09-14 2012-08-21 International Business Machines Corporation Secure handling and routing of message-signaled interrupts
US9223963B2 (en) 2009-12-15 2015-12-29 Mcafee, Inc. Systems and methods for behavioral sandboxing
US9058183B2 (en) 2009-12-29 2015-06-16 Advanced Micro Devices, Inc. Hypervisor isolation of processor cores to enable computing accelerator cores
KR101668399B1 (en) 2009-12-29 2016-10-21 어드밴스드 마이크로 디바이시즈, 인코포레이티드 Hypervisor isolation of processor cores
KR20120111734A (en) * 2009-12-29 2012-10-10 어드밴스드 마이크로 디바이시즈, 인코포레이티드 Hypervisor isolation of processor cores
US8495750B2 (en) 2010-08-31 2013-07-23 International Business Machines Corporation Filesystem management and security system
EP2691908A2 (en) * 2011-03-28 2014-02-05 McAfee, Inc. System and method for virtual machine monitor based anti-malware security
WO2012135192A2 (en) 2011-03-28 2012-10-04 Mcafee, Inc. System and method for virtual machine monitor based anti-malware security
US9747443B2 (en) 2011-03-28 2017-08-29 Mcafee, Inc. System and method for firmware based anti-malware security
US9317690B2 (en) 2011-03-28 2016-04-19 Mcafee, Inc. System and method for firmware based anti-malware security
EP2691908A4 (en) * 2011-03-28 2014-10-29 Mcafee Inc System and method for virtual machine monitor based anti-malware security
US8925089B2 (en) 2011-03-29 2014-12-30 Mcafee, Inc. System and method for below-operating system modification of malicious code on an electronic device
US8959638B2 (en) 2011-03-29 2015-02-17 Mcafee, Inc. System and method for below-operating system trapping and securing of interdriver communication
US9392016B2 (en) 2011-03-29 2016-07-12 Mcafee, Inc. System and method for below-operating system regulation and control of self-modifying code
US9032525B2 (en) 2011-03-29 2015-05-12 Mcafee, Inc. System and method for below-operating system trapping of driver filter attachment
US8813227B2 (en) 2011-03-29 2014-08-19 Mcafee, Inc. System and method for below-operating system regulation and control of self-modifying code
US9087199B2 (en) 2011-03-31 2015-07-21 Mcafee, Inc. System and method for providing a secured operating system execution environment
US20120255004A1 (en) * 2011-03-31 2012-10-04 Mcafee, Inc. System and method for securing access to system calls
US9038176B2 (en) 2011-03-31 2015-05-19 Mcafee, Inc. System and method for below-operating system trapping and securing loading of code into memory
US8863283B2 (en) * 2011-03-31 2014-10-14 Mcafee, Inc. System and method for securing access to system calls
US9262246B2 (en) 2011-03-31 2016-02-16 Mcafee, Inc. System and method for securing memory and storage of an electronic device with a below-operating system security agent
US9530001B2 (en) 2011-03-31 2016-12-27 Mcafee, Inc. System and method for below-operating system trapping and securing loading of code into memory
US8966624B2 (en) 2011-03-31 2015-02-24 Mcafee, Inc. System and method for securing an input/output path of an application against malware with a below-operating system security agent
US8966629B2 (en) 2011-03-31 2015-02-24 Mcafee, Inc. System and method for below-operating system trapping of driver loading and unloading
US20130326288A1 (en) * 2011-12-31 2013-12-05 Shamanna M. Datta Processor that detects when system management mode attempts to reach program code outside of protected space
US9448867B2 (en) * 2011-12-31 2016-09-20 Intel Corporation Processor that detects when system management mode attempts to reach program code outside of protected space
US10140139B1 (en) * 2012-06-19 2018-11-27 Bromium, Inc. Ensuring the privacy and integrity of a hypervisor
US9367691B2 (en) 2012-07-31 2016-06-14 Hewlett-Packard Development Company, L.P. Modify executable bits of system management memory page table
US10102154B2 (en) 2012-07-31 2018-10-16 Hewlett-Packard Development Company, L.P. Protected memory area
US10877903B2 (en) 2012-07-31 2020-12-29 Hewlett-Packard Development Company, L.P. Protected memory area
JP2016511872A (en) * 2013-01-22 2016-04-21 アマゾン・テクノロジーズ、インコーポレイテッド Privileged cryptographic services in a virtualized environment
WO2014158603A1 (en) * 2013-03-13 2014-10-02 Intel Corporation System management interrupt handling for multi-core processors
US10579405B1 (en) * 2013-03-13 2020-03-03 Amazon Technologies, Inc. Parallel virtual machine managers
US9311138B2 (en) 2013-03-13 2016-04-12 Intel Corporation System management interrupt handling for multi-core processors
US9529627B2 (en) 2013-03-19 2016-12-27 Stmicroelectronics (Grenoble 2) Sas Managing multiple systems in a computer device
EP2782038A1 (en) * 2013-03-19 2014-09-24 STMicroelectronics (Grenoble 2) SAS Resource management in a processor for trusted and untrusted applications
US9552477B2 (en) 2013-03-19 2017-01-24 Stmicroelectronics (Grenoble 2) Sas Resource management in a processor
EP2782007A1 (en) * 2013-03-19 2014-09-24 STMicroelectronics (Grenoble 2) SAS Launching multiple applications in containers on a processor
US10140958B2 (en) 2013-03-19 2018-11-27 Stmicroelectronics (Grenoble 2) Sas Managing multiple systems in a computer device
US9317304B2 (en) 2013-03-19 2016-04-19 Stmicroelectronics (Grenoble 2) Sas Launching multiple applications in a processor
US11736530B2 (en) 2013-04-19 2023-08-22 Nicira, Inc. Framework for coordination between endpoint security and network security services
CN110084039A (en) * 2013-04-19 2019-08-02 Nicira股份有限公司 Frame for the coordination between endpoint security and Network Security Service
US11467890B2 (en) 2014-09-30 2022-10-11 Amazon Technologies, Inc. Processing event messages for user requests to execute program code
US11561811B2 (en) 2014-09-30 2023-01-24 Amazon Technologies, Inc. Threading as a service
US10884802B2 (en) 2014-09-30 2021-01-05 Amazon Technologies, Inc. Message-based computation request scheduling
US10108443B2 (en) 2014-09-30 2018-10-23 Amazon Technologies, Inc. Low latency computational capacity provisioning
US20170192804A1 (en) * 2014-09-30 2017-07-06 Amazon Technologies, Inc. Threading as a service
US11263034B2 (en) 2014-09-30 2022-03-01 Amazon Technologies, Inc. Low latency computational capacity provisioning
US10140137B2 (en) * 2014-09-30 2018-11-27 Amazon Technologies, Inc. Threading as a service
US10162688B2 (en) 2014-09-30 2018-12-25 Amazon Technologies, Inc. Processing event messages for user requests to execute program code
US10592269B2 (en) 2014-09-30 2020-03-17 Amazon Technologies, Inc. Dynamic code deployment and versioning
US10956185B2 (en) 2014-09-30 2021-03-23 Amazon Technologies, Inc. Threading as a service
US10824484B2 (en) 2014-09-30 2020-11-03 Amazon Technologies, Inc. Event-driven computing
US10915371B2 (en) 2014-09-30 2021-02-09 Amazon Technologies, Inc. Automatic management of low latency computational capacity
US11126469B2 (en) 2014-12-05 2021-09-21 Amazon Technologies, Inc. Automatic determination of resource sizing
US10353746B2 (en) 2014-12-05 2019-07-16 Amazon Technologies, Inc. Automatic determination of resource sizing
US10067871B2 (en) * 2014-12-13 2018-09-04 Via Alliance Semiconductor Co., Ltd Logic analyzer for detecting hangs
US10324842B2 (en) * 2014-12-13 2019-06-18 Via Alliance Semiconductor Co., Ltd Distributed hang recovery logic
US20160350215A1 (en) * 2014-12-13 2016-12-01 Via Alliance Semiconductor Co., Ltd. Distributed hang recovery logic
US9946651B2 (en) * 2014-12-13 2018-04-17 Via Alliance Semiconductor Co., Ltd Pattern detector for detecting hangs
US20160350223A1 (en) * 2014-12-13 2016-12-01 Via Alliance Semiconductor Co., Ltd. Logic analyzer for detecting hangs
US11461124B2 (en) 2015-02-04 2022-10-04 Amazon Technologies, Inc. Security protocols for low latency execution of program code
US10853112B2 (en) 2015-02-04 2020-12-01 Amazon Technologies, Inc. Stateful virtual compute system
US10387177B2 (en) 2015-02-04 2019-08-20 Amazon Technologies, Inc. Stateful virtual compute system
US11360793B2 (en) 2015-02-04 2022-06-14 Amazon Technologies, Inc. Stateful virtual compute system
US10552193B2 (en) 2015-02-04 2020-02-04 Amazon Technologies, Inc. Security protocols for low latency execution of program code
US10623476B2 (en) 2015-04-08 2020-04-14 Amazon Technologies, Inc. Endpoint management system providing an application programming interface proxy service
US10776171B2 (en) 2015-04-08 2020-09-15 Amazon Technologies, Inc. Endpoint management system and virtual compute system
US20170098092A1 (en) * 2015-10-06 2017-04-06 Symantec Corporation Techniques for generating a virtual private container
US9940470B2 (en) * 2015-10-06 2018-04-10 Symantec Corporation Techniques for generating a virtual private container
US10365985B2 (en) 2015-12-16 2019-07-30 Amazon Technologies, Inc. Predictive management of on-demand code execution
US10437629B2 (en) 2015-12-16 2019-10-08 Amazon Technologies, Inc. Pre-triggers for code execution environments
US10754701B1 (en) 2015-12-16 2020-08-25 Amazon Technologies, Inc. Executing user-defined code in response to determining that resources expected to be utilized comply with resource restrictions
US11243819B1 (en) 2015-12-21 2022-02-08 Amazon Technologies, Inc. Acquisition and maintenance of compute capacity
US10691498B2 (en) 2015-12-21 2020-06-23 Amazon Technologies, Inc. Acquisition and maintenance of compute capacity
US11016815B2 (en) 2015-12-21 2021-05-25 Amazon Technologies, Inc. Code execution request routing
US10747873B2 (en) 2016-01-26 2020-08-18 Hewlett-Packard Development Company, L.P. System management mode privilege architecture
CN108292339A (en) * 2016-01-26 2018-07-17 惠普发展公司,有限责任合伙企业 System Management Mode privilege framework
EP3314516A4 (en) * 2016-01-26 2019-01-09 Hewlett-Packard Development Company, L.P. System management mode privilege architecture
US10891145B2 (en) 2016-03-30 2021-01-12 Amazon Technologies, Inc. Processing pre-existing data sets at an on demand code execution environment
US10162672B2 (en) 2016-03-30 2018-12-25 Amazon Technologies, Inc. Generating data streams from pre-existing data sets
US11132213B1 (en) 2016-03-30 2021-09-28 Amazon Technologies, Inc. Dependency-based process of pre-existing data sets at an on demand code execution environment
US10282229B2 (en) 2016-06-28 2019-05-07 Amazon Technologies, Inc. Asynchronous task management in an on-demand network code execution environment
US11354169B2 (en) 2016-06-29 2022-06-07 Amazon Technologies, Inc. Adjusting variable limit on concurrent code executions
US10402231B2 (en) 2016-06-29 2019-09-03 Amazon Technologies, Inc. Adjusting variable limit on concurrent code executions
US10102040B2 (en) 2016-06-29 2018-10-16 Amazon Technologies, Inc Adjusting variable limit on concurrent code executions
US10277708B2 (en) 2016-06-30 2019-04-30 Amazon Technologies, Inc. On-demand network code execution with cross-account aliases
US10203990B2 (en) 2016-06-30 2019-02-12 Amazon Technologies, Inc. On-demand network code execution with cross-account aliases
US10528390B2 (en) 2016-09-23 2020-01-07 Amazon Technologies, Inc. Idempotent task execution in on-demand network code execution systems
US10884787B1 (en) 2016-09-23 2021-01-05 Amazon Technologies, Inc. Execution guarantees in an on-demand network code execution system
US11119813B1 (en) 2016-09-30 2021-09-14 Amazon Technologies, Inc. Mapreduce implementation using an on-demand network code execution system
US10564946B1 (en) 2017-12-13 2020-02-18 Amazon Technologies, Inc. Dependency handling in an on-demand network code execution system
US10733085B1 (en) 2018-02-05 2020-08-04 Amazon Technologies, Inc. Detecting impedance mismatches due to cross-service calls
US10831898B1 (en) 2018-02-05 2020-11-10 Amazon Technologies, Inc. Detecting privilege escalations in code including cross-service calls
US10353678B1 (en) 2018-02-05 2019-07-16 Amazon Technologies, Inc. Detecting code characteristic alterations due to cross-service calls
US10725752B1 (en) 2018-02-13 2020-07-28 Amazon Technologies, Inc. Dependency handling in an on-demand network code execution system
US10776091B1 (en) 2018-02-26 2020-09-15 Amazon Technologies, Inc. Logging endpoint in an on-demand code execution system
US11875173B2 (en) 2018-06-25 2024-01-16 Amazon Technologies, Inc. Execution of auxiliary functions in an on-demand network code execution system
US10884722B2 (en) 2018-06-26 2021-01-05 Amazon Technologies, Inc. Cross-environment application of tracing information for improved code execution
US11146569B1 (en) 2018-06-28 2021-10-12 Amazon Technologies, Inc. Escalation-resistant secure network services using request-scoped authentication information
US11171983B2 (en) * 2018-06-29 2021-11-09 Intel Corporation Techniques to provide function-level isolation with capability-based security
US10949237B2 (en) 2018-06-29 2021-03-16 Amazon Technologies, Inc. Operating system customization in an on-demand network code execution system
US11836516B2 (en) 2018-07-25 2023-12-05 Amazon Technologies, Inc. Reducing execution times in an on-demand network code execution system using saved machine states
US11099870B1 (en) 2018-07-25 2021-08-24 Amazon Technologies, Inc. Reducing execution times in an on-demand network code execution system using saved machine states
US11243953B2 (en) 2018-09-27 2022-02-08 Amazon Technologies, Inc. Mapreduce implementation in an on-demand network code execution system and stream data processing system
US11099917B2 (en) 2018-09-27 2021-08-24 Amazon Technologies, Inc. Efficient state maintenance for execution environments in an on-demand code execution system
CN109542610A (en) * 2018-12-04 2019-03-29 中国航空工业集团公司西安航空计算技术研究所 A kind of multi partition operating system void interrupt criteria component realization method
US10884812B2 (en) 2018-12-13 2021-01-05 Amazon Technologies, Inc. Performance-based hardware emulation in an on-demand network code execution system
US11010188B1 (en) 2019-02-05 2021-05-18 Amazon Technologies, Inc. Simulated data object storage using on-demand computation of data objects
US11861386B1 (en) 2019-03-22 2024-01-02 Amazon Technologies, Inc. Application gateways in an on-demand network code execution system
US11119809B1 (en) 2019-06-20 2021-09-14 Amazon Technologies, Inc. Virtualization-based transaction handling in an on-demand network code execution system
US11714675B2 (en) 2019-06-20 2023-08-01 Amazon Technologies, Inc. Virtualization-based transaction handling in an on-demand network code execution system
US11115404B2 (en) 2019-06-28 2021-09-07 Amazon Technologies, Inc. Facilitating service connections in serverless code executions
US11159528B2 (en) 2019-06-28 2021-10-26 Amazon Technologies, Inc. Authentication to network-services using hosted authentication information
US11190609B2 (en) 2019-06-28 2021-11-30 Amazon Technologies, Inc. Connection pooling for scalable network services
US11394761B1 (en) 2019-09-27 2022-07-19 Amazon Technologies, Inc. Execution of user-submitted code on a stream of data
US10996961B2 (en) 2019-09-27 2021-05-04 Amazon Technologies, Inc. On-demand indexing of data in input path of object storage service
US11023311B2 (en) 2019-09-27 2021-06-01 Amazon Technologies, Inc. On-demand code execution in input path of data uploaded to storage service in multiple data portions
US11250007B1 (en) 2019-09-27 2022-02-15 Amazon Technologies, Inc. On-demand execution of object combination code in output path of object storage service
US10908927B1 (en) 2019-09-27 2021-02-02 Amazon Technologies, Inc. On-demand execution of object filter code in output path of object storage service
US11360948B2 (en) 2019-09-27 2022-06-14 Amazon Technologies, Inc. Inserting owner-specified data processing pipelines into input/output path of object storage service
US11386230B2 (en) 2019-09-27 2022-07-12 Amazon Technologies, Inc. On-demand code obfuscation of data in input path of object storage service
US11106477B2 (en) 2019-09-27 2021-08-31 Amazon Technologies, Inc. Execution of owner-specified code during input/output path to object storage service
US11023416B2 (en) 2019-09-27 2021-06-01 Amazon Technologies, Inc. Data access control system for object storage service based on owner-defined code
US11416628B2 (en) 2019-09-27 2022-08-16 Amazon Technologies, Inc. User-specific data manipulation system for object storage service based on user-submitted code
US11656892B1 (en) 2019-09-27 2023-05-23 Amazon Technologies, Inc. Sequential execution of user-submitted code and native functions
US11055112B2 (en) 2019-09-27 2021-07-06 Amazon Technologies, Inc. Inserting executions of owner-specified code into input/output path of object storage service
US11860879B2 (en) 2019-09-27 2024-01-02 Amazon Technologies, Inc. On-demand execution of object transformation code in output path of object storage service
US11263220B2 (en) 2019-09-27 2022-03-01 Amazon Technologies, Inc. On-demand execution of object transformation code in output path of object storage service
US11550944B2 (en) 2019-09-27 2023-01-10 Amazon Technologies, Inc. Code execution environment customization system for object storage service
WO2021080601A1 (en) * 2019-10-25 2021-04-29 Hewlett-Packard Development Company, L.P. Integrity monitor
US10942795B1 (en) 2019-11-27 2021-03-09 Amazon Technologies, Inc. Serverless call distribution to utilize reserved capacity without inhibiting scaling
US11119826B2 (en) 2019-11-27 2021-09-14 Amazon Technologies, Inc. Serverless call distribution to implement spillover while avoiding cold starts
US11449601B2 (en) * 2020-01-08 2022-09-20 Red Hat, Inc. Proof of code compliance and protected integrity using a trusted execution environment
US11714682B1 (en) 2020-03-03 2023-08-01 Amazon Technologies, Inc. Reclaiming computing resources in an on-demand code execution system
US11188391B1 (en) 2020-03-11 2021-11-30 Amazon Technologies, Inc. Allocating resources to on-demand code executions under scarcity conditions
US11775640B1 (en) 2020-03-30 2023-10-03 Amazon Technologies, Inc. Resource utilization-based malicious task detection in an on-demand code execution system
CN112800431A (en) * 2020-08-28 2021-05-14 支付宝(杭州)信息技术有限公司 Method and device for safely entering trusted execution environment in hyper-thread scene
US11550713B1 (en) 2020-11-25 2023-01-10 Amazon Technologies, Inc. Garbage collection in distributed systems using life cycled storage roots
US11593270B1 (en) 2020-11-25 2023-02-28 Amazon Technologies, Inc. Fast distributed caching using erasure coded object parts
US11388210B1 (en) 2021-06-30 2022-07-12 Amazon Technologies, Inc. Streaming analytics using a serverless compute system
US20230061511A1 (en) * 2021-08-30 2023-03-02 International Business Machines Corporation Inaccessible prefix pages during virtual machine execution

Also Published As

Publication number Publication date
WO2003104981A3 (en) 2004-05-13
JP4846660B2 (en) 2011-12-28
EP1512074A2 (en) 2005-03-09
RU2313126C2 (en) 2007-12-20
JP2007265434A (en) 2007-10-11
CN1675623A (en) 2005-09-28
CN100377092C (en) 2008-03-26
MY146723A (en) 2012-09-14
AU2003231237A1 (en) 2003-12-22
RU2004139086A (en) 2005-07-10
WO2003104981A2 (en) 2003-12-18
JP4708016B2 (en) 2011-06-22
US20060015869A1 (en) 2006-01-19
US7581219B2 (en) 2009-08-25
JP5242747B2 (en) 2013-07-24
JP2011227939A (en) 2011-11-10
JP2005529401A (en) 2005-09-29
AU2003231237A8 (en) 2003-12-22

Similar Documents

Publication Publication Date Title
US20030229794A1 (en) System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container
JP6404283B2 (en) System and method for executing instructions to initialize a secure environment
US7631160B2 (en) Method and apparatus for securing portions of memory
US7260848B2 (en) Hardened extensible firmware framework
US5944821A (en) Secure software registration and integrity assessment in a computer system
US7020772B2 (en) Secure execution of program code
KR100950102B1 (en) A computer system including a secure execution mode-capable processor and a method of initializing the computer system
US10360386B2 (en) Hardware enforcement of providing separate operating system environments for mobile devices
JP3982687B2 (en) Controlling access to multiple isolated memories in an isolated execution environment
JP2006012170A (en) Method to enable user mode process to operate in privileged execution mode
US20230066447A1 (en) Execution of code in system memory
Kcholi The Foundation of Device Driver Development for Windows Embedded Compact

Legal Events

Date Code Title Description
AS Assignment

Owner name: INTEL CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:GLEW, ANDY;REEL/FRAME:012995/0740

Effective date: 20020603

AS Assignment

Owner name: INTEL CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SUTTON, JAMES A. II;GRAWROCK, DAVID W.;UHLIG, RICHARD A.;AND OTHERS;REEL/FRAME:013389/0650;SIGNING DATES FROM 20020813 TO 20021004

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION

AS Assignment

Owner name: TAHOE RESEARCH, LTD., IRELAND

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTEL CORPORATION;REEL/FRAME:061175/0176

Effective date: 20220718