Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020091850 - SECURE MEMORY ACCESS IN A VIRTUALIZED COMPUTING ENVIRONMENT

Publication Number WO/2020/091850
Publication Date 07.05.2020
International Application No. PCT/US2019/037950
International Filing Date 19.06.2019
IPC
G06F 21/53 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
52during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure
53by executing in a restricted environment, e.g. sandbox or secure virtual machine
G06F 21/60 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
G06F 9/455 2006.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
CPC
G06F 12/1009
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
12Accessing, addressing or allocating within memory systems or architectures
02Addressing or allocation; Relocation
08in hierarchically structured memory systems, e.g. virtual memory systems
10Address translation
1009using page tables, e.g. page table structures
G06F 2009/45583
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
45533Hypervisors; Virtual machine monitors
45558Hypervisor-specific management and integration aspects
45583Memory management, e.g. access or allocation
G06F 2212/657
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
2212Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
65Details of virtual memory and virtual address translation
657Virtual address space management
G06F 9/45558
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
45533Hypervisors; Virtual machine monitors
45558Hypervisor-specific management and integration aspects
Applicants
  • ADVANCED MICRO DEVICES, INC. [US]/[US]
  • ATI TECHNOLOGIES ULC [CA]/[CA]
Inventors
  • ASARO, Anthony
  • CHENG, Jeffrey G.
  • ACHARYA, Anirudh R.
Agents
  • SHEEHAN, Adam D.
Priority Data
16/176,43131.10.2018US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) SECURE MEMORY ACCESS IN A VIRTUALIZED COMPUTING ENVIRONMENT
(FR) ACCÈS MÉMOIRE SÉCURISÉ DANS UN ENVIRONNEMENT INFORMATIQUE VIRTUALISÉ
Abstract
(EN)
A processor [101] supports secure memory access in a virtualized computing environment by employing requestor identifiers at bus devices [102] (such as a graphics processing unit) to identify the virtual machine [221, 222] associated with each memory access request. The virtualized computing environment uses the requestor identifiers to control access to different regions [111, 112] of system memory [110], ensuring that each VM accesses only those regions of memory that the VM is allowed to access. The virtualized computing environment thereby supports efficient memory access by the bus devices while ensuring that the different regions of memory are protected from unauthorized access.
(FR)
Un processeur [101] prend en charge un accès mémoire sécurisé dans un environnement informatique virtualisé en utilisant des identifiants de demandeurs sur des dispositifs de bus [102] (tels qu'une unité de traitement graphique) afin d’identifier la machine virtuelle [221, 222] associée à chaque demande d'accès mémoire. L'environnement informatique virtualisé utilise les identifiants de demandeurs pour commander l'accès à différentes zones [111, 112] de la mémoire système [110], ce qui garantit que chaque VM accède uniquement aux zones de mémoire auxquelles la VM est autorisée à accéder. L'environnement informatique virtualisé prend donc en charge un accès mémoire efficace par les dispositifs de bus tout en garantissant que les différentes zones de mémoire sont protégées contre un accès non autorisé.
Also published as
Latest bibliographic data on file with the International Bureau