-
1.发明授权Method to prevent vulnerability to virus and worm attacks through instruction remapping 有权通过指令重映射来防止易受病毒和蠕虫攻击的方法公开(公告)号:US07493483B2
公开(公告)日:2009-02-17
申请号:US10782672
申请日:2004-02-19
申请人: Gordon D. McIntosh
发明人: Gordon D. McIntosh
IPC分类号: H04L9/00
CPC分类号: G06F9/30145 , G06F9/3017 , G06F9/30174 , G06F9/30196 , G06F21/126 , G06F21/56
摘要: A method for processing instructions by a processing unit. An instruction set is dynamically set for the processing unit using a selected instruction map. The selected instruction map is selected as one being different from a normal instruction map for the processing unit. The instructions are processed at the processor using the instruction set. A set of authorized instructions are encoded using the selected instruction map.
摘要翻译: 一种处理单元处理指令的方法。 使用所选择的指令图对处理单元动态地设置指令集。 选择的指令图被选择为与处理单元的正常指令图不同的指令图。 使用指令集在处理器处理指令。 使用所选指令图对一组授权指令进行编码。
-
公开(公告)号:US06981079B2
公开(公告)日:2005-12-27
申请号:US10105125
申请日:2002-03-21
CPC分类号: G06F9/3861 , G06F9/3885 , G06F9/4812 , G06F11/0712 , G06F11/0724 , G06F11/0793
摘要: A interrupt is generated for all processors in a multiprocessor system when a critical datapath experiences an error. Serialization code in the interrupt handling routine for that interrupt suspends all processors except one and places the suspended processors in a waiting queue while the one processor handles the error. After the error has been handled, the remaining processors are allow to execute the interrupt handler, which simply exits detecting no error.
摘要翻译: 当关键数据路径遇到错误时,会在多处理器系统中为所有处理器生成中断。 该中断的中断处理例程中的序列化代码会挂起除1个以外的所有处理器,并在一个处理器处理错误时将挂起的处理器置于等待队列中。 在处理错误之后,剩下的处理器允许执行中断处理程序,它只是退出检测没有错误。
-
3.发明授权Virtualization of input/output devices in a logically partitioned data processing system 失效逻辑分区数据处理系统中输入/输出设备的虚拟化公开(公告)号:US06944847B2
公开(公告)日:2005-09-13
申请号:US10138896
申请日:2002-05-02
CPC分类号: G06F3/0601 , G06F9/5077 , G06F9/52 , G06F2003/0697
摘要: A hypervisor (management) layer synchronizes use of virtualized input/output (I/O) devices that may regularly be used by multiple partitions of a logically partitioned data processing system by making them callable by any system partition to the hypervisor layer. A partition makes a call to the hypervisor to reserve an I/O resource. If the I/O resource is presently allocated to another partition when a call is made to reserve the resource, the hypervisor rejects the request to reserve the device. If the resource is available, the hypervisor issues a command to the resource to service calls made from the reserving partition. After utilizing the resource as necessary, the reserving partition releases control over the I/O device and sends a notification to hypervisor that it has released the I/O device. Upon release, the I/O device will automatically be available for use by another partition via a call to the hypervisor.
摘要翻译: 虚拟机管理程序(管理)层同步使用由逻辑分区的数据处理系统的多个分区定期使用的虚拟化输入/输出(I / O)设备,使其可由任何系统分区调用到管理程序层。 分区调用虚拟机管理程序来保留I / O资源。 如果在进行呼叫以保留资源时I / O资源目前被分配给另一个分区,则管理程序将拒绝保留该设备的请求。 如果资源可用,管理程序将向资源发出一个命令来服务从保留分区进行的呼叫。 在必要时使用资源后,预留分区释放对I / O设备的控制,并向管理程序发送已发布I / O设备的通知。 发布后,I / O设备将自动通过对虚拟机管理程序的调用由另一个分区使用。
-
4.发明授权Handling multiple operating system capabilities in a logical partition data processing system 有权在逻辑分区数据处理系统中处理多个操作系统功能公开(公告)号:US06920587B2
公开(公告)日:2005-07-19
申请号:US10132136
申请日:2002-04-25
CPC分类号: G06F11/0793 , G06F11/0712 , G06F11/0781
摘要: A method, computer program product, and data processing system for handling errors or other events in a logical partition (LPAR) data processing system is disclosed. When an operating system is initialized in a logical partition, it registers its capabilities for handling particular errors or other events with management software. When an error or other event affecting that logical partition occurs, the management software checks to see if the particular error or event is one that the operating system is capable of handling. If so, the operating system is notified. Otherwise, the management software directs the operating system to take other appropriate action, such as termination of the operating system and/or partition.
摘要翻译: 公开了一种用于处理逻辑分区(LPAR)数据处理系统中的错误或其他事件的方法,计算机程序产品和数据处理系统。 当操作系统在逻辑分区中初始化时,它会通过管理软件注册其处理特定错误或其他事件的功能。 当发生影响该逻辑分区的错误或其他事件时,管理软件将检查特定错误或事件是否是操作系统能够处理的错误或事件。 如果是这样,则会通知操作系统。 否则,管理软件指示操作系统采取其他适当的操作,例如终止操作系统和/或分区。
-
5.发明授权Method for preventing loading and execution of rogue operating systems in a logical partitioned data processing system 失效防止在逻辑分区数据处理系统中加载和执行流氓操作系统的方法公开(公告)号:US07464405B2
公开(公告)日:2008-12-09
申请号:US10809674
申请日:2004-03-25
IPC分类号: G06F13/00
CPC分类号: G06F21/575
摘要: A method for managing operating systems. A request from an operating system is received in the multi-partitioned data processing system to register for access to hardware in the multi-partitioned data processing system. The request includes a key code for the operating system. A determination is made as to whether the operating system is an authorized operating system using the key code in response to receiving the request. The operating system is registered if the operating system is the authorized operating system. Otherwise, the operating system is terminated.
摘要翻译: 一种管理操作系统的方法。 在多分区数据处理系统中接收到来自操作系统的请求,以注册对多分区数据处理系统中的硬件的访问。 该请求包括操作系统的密钥代码。 确定操作系统是否是响应于接收请求而使用密钥代码的授权操作系统。 如果操作系统是授权操作系统,则注册操作系统。 否则,操作系统终止。
-
公开(公告)号:US07343521B2
公开(公告)日:2008-03-11
申请号:US10857459
申请日:2004-05-28
IPC分类号: G06F11/00
CPC分类号: G06F11/0775 , G06F11/0712
摘要: A method, apparatus, and computer instructions for processing trace data in a logical partitioned data processing system. A partition causing an exception is identified in response to detecting the exception. The partition is one within a set of partitions in the logical partitioned data processing system. The trace data for the identified partition is stored in an error log or other data structure for a machine check interrupt handler.
摘要翻译: 一种用于在逻辑分区数据处理系统中处理跟踪数据的方法,装置和计算机指令。 响应于检测到异常,识别导致异常的分区。 该分区是逻辑分区数据处理系统中的一组分区内的分区。 识别分区的跟踪数据存储在机器检查中断处理程序的错误日志或其他数据结构中。
-
公开(公告)号:US08392725B2
公开(公告)日:2013-03-05
申请号:US13301227
申请日:2011-11-21
IPC分类号: G06F11/30
CPC分类号: G06F21/57 , G06F9/30178 , G06F9/3802 , G06F21/71 , G06F21/72 , G06F21/85
摘要: A processor, circuit and method provide for fast decryption of encrypted program instructions for execution by the processor. A programmable look-up coding is used to decode a field within the instructions. The decoded field for the instructions are recombined with the remaining portion of the same instructions to yield the decoded instructions. The programmable look-up coding can be programmed and controlled by a process executing at a higher privilege level than the program represented by the instructions, so that security against code-modifying attacks is enhanced.
摘要翻译: 处理器,电路和方法提供加密程序指令的快速解密以供处理器执行。 使用可编程查找编码来对指令内的字段进行解码。 用于指令的解码字段与相同指令的剩余部分重组以产生解码指令。 可编程查找编码可以由比由指令表示的程序更高的特权级别执行的进程来编程和控制,从而增强了针对代码修改攻击的安全性。
-
8.发明授权Method and apparatus to prevent vulnerability to virus and worm attacks through instruction remapping 有权通过指令重新映射来防止易受病毒和蠕虫攻击的方法和装置公开(公告)号:US08117433B2
公开(公告)日:2012-02-14
申请号:US12267681
申请日:2008-11-10
申请人: Gordon D. McIntosh
发明人: Gordon D. McIntosh
IPC分类号: H04L9/00
CPC分类号: G06F9/30145 , G06F9/3017 , G06F9/30174 , G06F9/30196 , G06F21/126 , G06F21/56
摘要: A method, apparatus, and computer instructions for processing instructions by a processing unit. An instruction set is dynamically set for the processing unit using a selected instruction map. The selected instruction map is selected as one being different from a normal instruction map for the processing unit. The instructions are processed at the processor using the instruction set. A set of authorized instructions are encoded using the selected instruction map.
摘要翻译: 一种用于由处理单元处理指令的方法,装置和计算机指令。 使用所选择的指令图对处理单元动态地设置指令集。 选择的指令图被选择为与处理单元的正常指令图不同的指令图。 使用指令集在处理器处理指令。 使用所选指令图对一组授权指令进行编码。
-
9.发明授权Method for fast decryption of processor instructions in an encrypted instruction power architecture 有权用于在加密的指令电力架构中快速解密处理器指令的方法公开(公告)号:US08086871B2
公开(公告)日:2011-12-27
申请号:US11114552
申请日:2005-04-26
IPC分类号: G06F11/30
CPC分类号: G06F21/57 , G06F9/30178 , G06F9/3802 , G06F21/71 , G06F21/72 , G06F21/85
摘要: A method and apparatus for an independent operating system that prevents certain classes of computer attacks. Instruction decryption is performed on an existing instruction set for a processor. The processor architecture limits the impact on processor execution timing. The instruction execution timing is not altered in the processor core and any additional processing is overlapped into existing operations.
摘要翻译: 一种用于防止某些类型的计算机攻击的独立操作系统的方法和装置。 对处理器的现有指令集执行指令解密。 处理器架构限制了对处理器执行时间的影响。 指令执行定时在处理器核心中不改变,任何附加处理与现有操作重叠。
-
公开(公告)号:US07930594B2
公开(公告)日:2011-04-19
申请号:US12022511
申请日:2008-01-30
IPC分类号: G06F11/00
CPC分类号: G06F11/0775 , G06F11/0712
摘要: A method, apparatus, and computer instructions for processing trace data in a logical partitioned data processing system. A partition causing an exception is identified in response to detecting the exception. The partition is one within a set of partitions in the logical partitioned data processing system. The trace data for the identified partition is stored in an error log or other data structure for a machine check interrupt handler.
摘要翻译: 一种用于在逻辑分区数据处理系统中处理跟踪数据的方法,装置和计算机指令。 响应于检测到异常,识别导致异常的分区。 该分区是逻辑分区数据处理系统中的一组分区内的分区。 识别分区的跟踪数据存储在机器检查中断处理程序的错误日志或其他数据结构中。
-
-
-
-
-
-
-
-
-
搜索结果
26 条记录 (耗时 0.015 秒)
