专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070192761A1 Method for adding integrity information to portable executable (PE) object files after compile and link steps 审中-公开
标题翻译：在编译和链接步骤之后，将可靠性可执行文件（PE）对象文件中的完整性信息添加到方法中
公开(公告)号：US20070192761A1
公开(公告)日：2007-08-16
申请号：US11355859
申请日：2006-02-15
申请人： Ravi Sahita , Uday Savagaonkar , Travis Schluessler , Rajan Ralanivel
发明人： Ravi Sahita , Uday Savagaonkar , Travis Schluessler , Rajan Ralanivel
IPC分类号： G06F9/45
CPC分类号： G06F21/53
摘要： A method and apparatus for adding integrity information to portable executable object files after compile and link steps is described. In one embodiment, the invention is a method. The method includes compiling and linking a portable executable file with a data section for aiding in integrity measurement of a measured program when the measured program is loaded into memory. The method further includes overwriting data fields of the data section with an offset before the file is loaded into the memory.
摘要翻译：描述了在编译和链接步骤之后向便携式可执行目标文件添加完整性信息的方法和装置。在一个实施例中，本发明是一种方法。该方法包括在将测量的程序加载到存储器中时将可移植可执行文件与数据部分进行编译和链接，以帮助测量程序的完整性测量。该方法还包括在将文件加载到存储器之前用偏移覆盖数据部分的数据字段。

2. 发明申请

US20070011430A1 SYSTEMS AND METHODS FOR HOST VIRTUAL MEMORY RECONSTITUTION 有权
标题翻译：用于虚拟内存重建的系统和方法
公开(公告)号：US20070011430A1
公开(公告)日：2007-01-11
申请号：US11428335
申请日：2006-06-30
申请人： Hormuzd Khosravi , David Durham , Travis Schluessler , Ravi Sahita , Uday Savagaonkar , Priya Rajagopal
发明人： Hormuzd Khosravi , David Durham , Travis Schluessler , Ravi Sahita , Uday Savagaonkar , Priya Rajagopal
IPC分类号： G06F12/00
CPC分类号： G06F12/1081 , G06F12/00
摘要： Systems and methods are described herein to provide for host virtual memory reconstitution. Virtual memory reconstitution is the ability to translate the host device's virtual memory addresses to the host device's physical memory addresses. The virtual memory reconstitution methods are independent of the operating system running on the host device.
摘要翻译：这里描述了系统和方法来提供主机虚拟存储器重构。虚拟内存重构是将主机设备的虚拟内存地址转换为主机设备的物理内存地址的功能。虚拟内存重构方法与在主机设备上运行的操作系统无关。

3. 发明授权

US07571298B2 Systems and methods for host virtual memory reconstitution 有权
标题翻译：主机虚拟内存重构的系统和方法
公开(公告)号：US07571298B2
公开(公告)日：2009-08-04
申请号：US11428335
申请日：2006-06-30
申请人： Hormuzd M. Khosravi , David M. Durham , Travis Schluessler , Ravi Sahita , Uday Savagaonkar , Priya Rajagopal
发明人： Hormuzd M. Khosravi , David M. Durham , Travis Schluessler , Ravi Sahita , Uday Savagaonkar , Priya Rajagopal
IPC分类号： G06F12/00 , G06F9/26 , G06F9/34
CPC分类号： G06F12/1081 , G06F12/00
摘要： Systems and methods are described herein to provide for host virtual memory reconstitution. Virtual memory reconstitution is the ability to translate the host device's virtual memory addresses to the host device's physical memory addresses. The virtual memory reconstitution methods are independent of the operating system running on the host device.
摘要翻译：这里描述了系统和方法来提供主机虚拟存储器重构。虚拟内存重构是将主机设备的虚拟内存地址转换为主机设备的物理内存地址的功能。虚拟内存重构方法与在主机设备上运行的操作系统无关。

4. 发明申请

US20080077767A1 Method and apparatus for secure page swapping in virtual memory systems 审中-公开
标题翻译：用于在虚拟存储器系统中进行安全页面交换的方法和装置
公开(公告)号：US20080077767A1
公开(公告)日：2008-03-27
申请号：US11528161
申请日：2006-09-27
申请人： Hormuzd M. Khosravi , Uday Savagaonkar , Ravi Sahita , David Durham , Travis Schluessler , Gayathri Nagabhushan
发明人： Hormuzd M. Khosravi , Uday Savagaonkar , Ravi Sahita , David Durham , Travis Schluessler , Gayathri Nagabhushan
IPC分类号： G06F12/00 , G06F13/00
CPC分类号： G06F12/1475 , G06F12/0804 , G06F12/1408 , G06F12/1491
摘要： Embodiments described herein disclose a method and apparatus for secure page swapping in a virtual memory system. An integrity check value mechanism is used to protect software programs from run-time attacks against memory pages while those pages are swapped to secondary memory. A hash value is computed for an agent page as it is swapped from primary memory to secondary memory. When the page is swapped back into primary memory from secondary memory, that hash value is recomputed to verify that the page was not modified while stored in secondary memory. Alternatively, the hash value is pre-computed and placed in an integrity manifest wherein it is retrieved and verified when the page is loaded back into primary memory from secondary memory.
摘要翻译：本文描述的实施例公开了一种用于虚拟存储器系统中的安全页面交换的方法和装置。完整性检查值机制用于保护软件程序免受针对存储器页面的运行时攻击，而这些页面被交换到辅助存储器。当代理页面从主存储器交换到辅助存储器时，计算哈希值。当页面从辅助存储器交换回主存储器时，重新计算该哈希值，以验证在存储在辅助存储器中的页面是否未被修改。或者，哈希值是预先计算的并且被放置在完整性清单中，其中当从第二存储器将页面加载回主存储器时，其被检索和验证。

5. 发明申请

US20070005930A1 Systems and methods for host virtual memory reconstitution 审中-公开
标题翻译：主机虚拟内存重构的系统和方法
公开(公告)号：US20070005930A1
公开(公告)日：2007-01-04
申请号：US11173815
申请日：2005-06-30
申请人： Hormuzd Khosravi , David Durham , Travis Schluessler , Ravi Sahita , Uday Savagaonkar , Priya Rajagopal
发明人： Hormuzd Khosravi , David Durham , Travis Schluessler , Ravi Sahita , Uday Savagaonkar , Priya Rajagopal
IPC分类号： G06F12/00
CPC分类号： G06F12/1081
摘要： Systems and methods are described herein to provide for host virtual memory reconstitution.
摘要翻译：这里描述了系统和方法来提供主机虚拟存储器重构。

6. 发明授权

US08645704B2 Protecting caller function from undesired access by callee function 有权
标题翻译：保护来电功能免受被叫功能的不期望的访问
公开(公告)号：US08645704B2
公开(公告)日：2014-02-04
申请号：US11745399
申请日：2007-05-07
申请人： Uday Savagaonkar , David Durham , Ravi Sahita , Subhash Gutti
发明人： Uday Savagaonkar , David Durham , Ravi Sahita , Subhash Gutti
IPC分类号： G06F21/00
CPC分类号： G06F21/629 , G06F2221/2141
摘要： Disclosed is a method for restricting access of a first code of a plurality of codes of a first function from a second function. The method comprises calling the second function by the first function, addresses of the plurality of codes are stored in a stack page and colored in a first color (102). The method comprises performing access control check in a transition page for verifying whether the first function has permission to call the second function (104). Further the method comprises protecting the first code from the second function by coloring the addresses in a second color (106). Furthermore, the method comprises executing the second function by pushing addresses of the second function on the stack page, the addresses of the second function colored in a third color (108) and unprotecting the first code by coloring the addresses of the first code in the first color (110).
摘要翻译：公开了一种用于从第二功能限制第一功能的多个代码的第一代码的访问的方法。该方法包括通过第一功能调用第二功能，将多个代码的地址存储在堆栈页面中并以第一颜色（102）着色。该方法包括在转换页面中执行访问控制检查，以验证第一功能是否具有调用第二功能的权限（104）。此外，该方法包括通过着色第二颜色（106）中的地址来保护第一代码免受第二功能。此外，该方法包括通过在堆栈页面上推动第二函数的地址来执行第二函数，第二函数的地址以第三颜色（108）着色，并且通过着色第一代码中的第一代码的地址来对第一代码进行保护第一颜色（110）。

7. 发明授权

US08341369B2 Providing protected access to critical memory regions 有权
标题翻译：提供对关键内存区域的保护访问
公开(公告)号：US08341369B2
公开(公告)日：2012-12-25
申请号：US13336913
申请日：2011-12-23
申请人： Uday Savagaonkar , Travis T. Schluessler , Hormuzd Khosravi , Ravi Sahita , Gayathri Nagabhushan , David Durham
发明人： Uday Savagaonkar , Travis T. Schluessler , Hormuzd Khosravi , Ravi Sahita , Gayathri Nagabhushan , David Durham
IPC分类号： G06F12/00
CPC分类号： G06F12/145
摘要： In accordance with disclosed embodiments, there are provided methods, systems, and apparatuses for implementing hardware of a virtualized processor based system detecting a specified type of memory access to an identified region of memory and in response to the detecting generating an interrupt for a virtual machine monitor (VMM) of the virtualized processor based system.
摘要翻译：根据所公开的实施例，提供了用于实现基于虚拟处理器的系统的硬件的方法，系统和装置，该系统检测对所识别的存储器区域的指定类型的存储器访问，并且响应于该检测产生虚拟机的中断基于虚拟化处理器的系统的监视器（VMM）。

8. 发明授权

US08316211B2 Generating multiple address space identifiers per virtual machine to switch between protected micro-contexts 失效
标题翻译：为每个虚拟机生成多个地址空间标识符，以便在受保护的微上下文之间切换
公开(公告)号：US08316211B2
公开(公告)日：2012-11-20
申请号：US12165640
申请日：2008-06-30
申请人： Uday Savagaonkar , Madhavan Parthasarathy , Ravi Sahita , David Durham
发明人： Uday Savagaonkar , Madhavan Parthasarathy , Ravi Sahita , David Durham
IPC分类号： G06F12/00
CPC分类号： G06F12/1027 , G06F12/145
摘要： Embodiments of an invention for generating multiple address space identifiers per virtual machine to switch between protected micro-contexts are disclosed. In one embodiment, an apparatus includes privileged mode logic, an interface, and memory management logic. The privileged mode logic is to transfer control of the processor among a plurality of virtual machines. The interface is to perform a transaction to fetch information from a memory. The memory management logic is to translate an untranslated address to a memory address. The memory management logic includes a storage location, a series of translation stages, determination logic, and a translation lookaside buffer. The storage location is to store an address of a data structure for the first translation stage. Each of the translation stages includes translation logic to find an entry in a data structure based on a portion of the untranslated address. Each entry is to store an address of a different data structure for the first translation stage, an address of a data structure for a successive translation stage, or the physical address. The determination logic is to determine whether an entry is storing an address of a different data structure for the first translation stage. The translation lookaside buffer is to store translations. Each translation lookaside buffer entry includes an address source identifiers. Each address source identifier is to identify a unique micro-context. Each address source identifier is based on a virtual partition identifier. At least two of the of virtual partition identifiers are associated with one of the virtual machines.
摘要翻译：公开了用于在每个虚拟机之间生成多个地址空间标识符以在受保护的微上下文之间切换的发明的实施例。在一个实施例中，装置包括特权模式逻辑，接口和存储器管理逻辑。特权模式逻辑是在多个虚拟机之间传送处理器的控制。该接口是执行一个事务来从内存中获取信息。存储器管理逻辑将非翻译地址转换为存储器地址。存储器管理逻辑包括存储位置，一系列翻译级，确定逻辑和翻译后备缓冲器。存储位置是存储用于第一翻译阶段的数据结构的地址。每个翻译阶段包括翻译逻辑，以基于未翻译地址的一部分在数据结构中找到条目。每个条目是存储用于第一翻译阶段的不同数据结构的地址，用于连续翻译阶段的数据结构的地址或物理地址。确定逻辑是确定条目是否存储用于第一翻译阶段的不同数据结构的地址。翻译后备缓冲区用于存储翻译。每个翻译后备缓冲器条目包括地址源标识符。每个地址源标识符是识别唯一的微观上下文。每个地址源标识符都是基于虚拟分区标识符。至少两个虚拟分区标识符与一个虚拟机相关联。

9. 发明申请

US20120090016A1 Method and apparatus for registering agents onto a virtual machine monitor 有权
公开(公告)号：US20120090016A1
公开(公告)日：2012-04-12
申请号：US13373957
申请日：2011-12-06
申请人： Uday Savagaonkar , Ravi Sahita , Prashant Dewan
发明人： Uday Savagaonkar , Ravi Sahita , Prashant Dewan
IPC分类号： G06F21/00
CPC分类号： G06F21/64 , G06F9/45558 , G06F21/57 , G06F2009/45587
摘要： A method for managing an agent includes verifying an integrity of the agent in response to a registration request. Memory protection is provided for the agent dining integrity verification. An indication is generated when registration of the agent has been completed. According to one aspect of the present invention, providing memory protection includes having a virtual machine monitor limit access to the agent. Other embodiments are described and claimed.

10. 发明授权

US07802050B2 Monitoring a target agent execution pattern on a VT-enabled system 失效
标题翻译：在启用VT的系统上监视目标代理执行模式
公开(公告)号：US07802050B2
公开(公告)日：2010-09-21
申请号：US11541474
申请日：2006-09-29
申请人： Uday Savagaonkar , Ravi Sahita , David Durham
发明人： Uday Savagaonkar , Ravi Sahita , David Durham
IPC分类号： G06F21/00
CPC分类号： G06F21/56 , G06F21/57
摘要： Methods, apparatuses, articles, and systems for observing, by a virtual machine manager of a physical device, execution of a target process of a virtual machine of the physical device, including virtual addresses of the virtual machine referenced during the execution, are described herein. The virtual machine manager further determines whether the target process is executing in an expected manner based at least in part on the observed virtual address references and expected virtual address references.
摘要翻译：本文描述了由物理设备的虚拟机管理器观察物理设备的虚拟机的目标进程（包括在执行期间引用的虚拟机的虚拟地址）的方法，装置，物品和系统。虚拟机管理器进一步基于观察到的虚拟地址引用和预期的虚拟地址引用来进一步确定目标进程是否以预期的方式执行。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式