公开(公告)号：US20190228145A1

公开(公告)日：2019-07-25

申请号：US16370921

申请日：2019-03-30

Applicant: Vedvyas Shanbhogue ,  Ravi Sahita ,  Abhishek Basak ,  Pradeep Pappachan ,  Utkarsh Kakaiya ,  Ravi Sahita ,  Rupin Vakharwala

Inventor： Vedvyas Shanbhogue ,  Ravi Sahita ,  Abhishek Basak ,  Pradeep Pappachan ,  Utkarsh Kakaiya ,  Ravi Sahita ,  Rupin Vakharwala

IPC: G06F21/44 ,  G06F13/16 ,  G06F3/06

Abstract: Systems, methods, and apparatuses relating to performing an attachment of an input-output memory management unit (IOMMU) to a device, and a verification of the attachment. In one embodiment, a protocol and IOMMU extensions are used by a secure arbitration mode (SEAM) module and/or circuitry to determine if the IOMMU that is attached to the device requested to be mapped to a trusted domain.

公开(公告)号：US20180096136A1

公开(公告)日：2018-04-05

申请号：US15283317

申请日：2016-10-01

Applicant: Michael LeMay ,  Barry E. Huntley ,  Ravi Sahita

Inventor： Michael LeMay ,  Barry E. Huntley ,  Ravi Sahita

IPC: G06F21/53 ,  G06F9/50 ,  G06F21/12

CPC classification number: G06F21/53 ,  G06F9/5016 ,  G06F21/121 ,  G06F21/74 ,  G06F2221/2113

Abstract: Technologies for memory management with memory protection extension include a computing device having a processor with one or more protection extensions. The processor may load a logical address including a segment base, effective limit, and effective address and generate a linear address as a function of the logical address with the effective limit as a mask. The processor may switch to a new task described by a task state segment extension. The task state extension may specify a low-latency segmentation mode. The processor may prohibit access to a descriptor in a local descriptor table with a descriptor privilege level lower than the current privilege level of the processor. The computing device may load a secure enclave using secure enclave support of the processor. The secure enclave may load an unsandbox and a sandboxed application in a user privilege level of the processor. Other embodiments are described and claimed.

公开(公告)号：US09858411B2

公开(公告)日：2018-01-02

申请号：US14576665

申请日：2014-12-19

Applicant: Ravi Sahita ,  Xiaoning Li ,  Barry E. Huntley ,  Ofer Levy ,  Vedvyas Shanbhogue ,  Yuriy Bulygin ,  Ido Ouziel ,  Michael Lemay ,  John M. Esper

Inventor： Ravi Sahita ,  Xiaoning Li ,  Barry E. Huntley ,  Ofer Levy ,  Vedvyas Shanbhogue ,  Yuriy Bulygin ,  Ido Ouziel ,  Michael Lemay ,  John M. Esper

IPC: G06F9/45 ,  G06F21/52 ,  G06F21/55 ,  G06F9/455 ,  G06F11/30

CPC classification number: G06F21/52 ,  G06F9/45558 ,  G06F11/30 ,  G06F21/554 ,  G06F2009/45591 ,  G06F2221/033

Abstract: A method comprises filtering branch trap events at a branch event filter, monitoring a branch event filter to capture indirect branch trap events that cause a control flow trap exception, receiving the indirect branch trap events at a handler and the handler processing the indirect branch trap events.

公开(公告)号：US08826378B2

公开(公告)日：2014-09-02

申请号：US12655024

申请日：2009-12-22

Applicant: David Durham ,  Ravi Sahita ,  Karanvir Grewal ,  Ned Smith ,  Kapil Sood

Inventor： David Durham ,  Ravi Sahita ,  Karanvir Grewal ,  Ned Smith ,  Kapil Sood

IPC: G06F7/04 ,  H04L29/06

CPC classification number: H04L63/10 ,  G06F2221/2141 ,  H04L9/3234 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/0209 ,  H04L63/08 ,  H04L63/20

Abstract: Architectures and techniques that allow a firmware agent to operate as a tamper-resistant agent on a host platform that may be used as a trusted policy enforcement point (PEP) on the host platform to enforce policies even when the host operating system is compromised. The PEP may be used to open access control and/or remediation channels on the host platform. The firmware agent may also act as a local policy decision point (PDP) on the host platform in accordance with an authorized enterprise PDP entity by providing policies if a host trust agent is non-responsive and may function as a passive agent when the host trust agent is functional.

公开(公告)号：US08645704B2

公开(公告)日：2014-02-04

申请号：US11745399

申请日：2007-05-07

Applicant: Uday Savagaonkar ,  David Durham ,  Ravi Sahita ,  Subhash Gutti

Inventor： Uday Savagaonkar ,  David Durham ,  Ravi Sahita ,  Subhash Gutti

IPC: G06F21/00

CPC classification number: G06F21/629 ,  G06F2221/2141

Abstract: Disclosed is a method for restricting access of a first code of a plurality of codes of a first function from a second function. The method comprises calling the second function by the first function, addresses of the plurality of codes are stored in a stack page and colored in a first color (102). The method comprises performing access control check in a transition page for verifying whether the first function has permission to call the second function (104). Further the method comprises protecting the first code from the second function by coloring the addresses in a second color (106). Furthermore, the method comprises executing the second function by pushing addresses of the second function on the stack page, the addresses of the second function colored in a third color (108) and unprotecting the first code by coloring the addresses of the first code in the first color (110).

Abstract translation: 公开了一种用于从第二功能限制第一功能的多个代码的第一代码的访问的方法。 该方法包括通过第一功能调用第二功能，将多个代码的地址存储在堆栈页面中并以第一颜色（102）着色。 该方法包括在转换页面中执行访问控制检查，以验证第一功能是否具有调用第二功能的权限（104）。 此外，该方法包括通过着色第二颜色（106）中的地址来保护第一代码免受第二功能。 此外，该方法包括通过在堆栈页面上推动第二函数的地址来执行第二函数，第二函数的地址以第三颜色（108）着色，并且通过着色第一代码中的第一代码的地址来对第一代码进行保护 第一颜色（110）。

公开(公告)号：US08448222B2

公开(公告)日：2013-05-21

申请号：US13373957

申请日：2011-12-06

Applicant: Uday Savagankar ,  Ravi Sahita ,  Prashant Dewan

Inventor： Uday Savagankar ,  Ravi Sahita ,  Prashant Dewan

IPC: G06F7/04 ,  G06F12/14 ,  G06F11/30 ,  G06F1/00 ,  G06G7/48 ,  H04L9/32 ,  G06F9/46 ,  G06F9/455 ,  G06F1/32 ,  G06F12/08

CPC classification number: G06F21/64 ,  G06F9/45558 ,  G06F21/57 ,  G06F2009/45587

Abstract: A method for managing an agent includes verifying an integrity of the agent in response to a registration request. Memory protection is provided for the agent dining integrity verification. An indication is generated when registration of the agent has been completed. According to one aspect of the present invention, providing memory protection includes having a virtual machine monitor limit access to the agent. Other embodiments are described and claimed.

Abstract translation: 用于管理代理的方法包括响应于注册请求验证代理的完整性。 在完整性验证期间为代理提供内存保护。 当代理商的注册已经完成时生成指示。 根据本发明的一个方面，提供存储器保护包括具有虚拟机监视器对代理的限制访问。 描述和要求保护其他实施例。

公开(公告)号：US08341369B2

公开(公告)日：2012-12-25

申请号：US13336913

申请日：2011-12-23

Applicant: Uday Savagaonkar ,  Travis T. Schluessler ,  Hormuzd Khosravi ,  Ravi Sahita ,  Gayathri Nagabhushan ,  David Durham

Inventor： Uday Savagaonkar ,  Travis T. Schluessler ,  Hormuzd Khosravi ,  Ravi Sahita ,  Gayathri Nagabhushan ,  David Durham

IPC: G06F12/00

CPC classification number: G06F12/145

Abstract: In accordance with disclosed embodiments, there are provided methods, systems, and apparatuses for implementing hardware of a virtualized processor based system detecting a specified type of memory access to an identified region of memory and in response to the detecting generating an interrupt for a virtual machine monitor (VMM) of the virtualized processor based system.

Abstract translation: 根据所公开的实施例，提供了用于实现基于虚拟处理器的系统的硬件的方法，系统和装置，该系统检测对所识别的存储器区域的指定类型的存储器访问，并且响应于该检测产生虚拟机的中断 基于虚拟化处理器的系统的监视器（VMM）。

公开(公告)号：US08316211B2

公开(公告)日：2012-11-20

申请号：US12165640

申请日：2008-06-30

Applicant: Uday Savagaonkar ,  Madhavan Parthasarathy ,  Ravi Sahita ,  David Durham

Inventor： Uday Savagaonkar ,  Madhavan Parthasarathy ,  Ravi Sahita ,  David Durham

IPC: G06F12/00

CPC classification number: G06F12/1027 ,  G06F12/145

Abstract: Embodiments of an invention for generating multiple address space identifiers per virtual machine to switch between protected micro-contexts are disclosed. In one embodiment, an apparatus includes privileged mode logic, an interface, and memory management logic. The privileged mode logic is to transfer control of the processor among a plurality of virtual machines. The interface is to perform a transaction to fetch information from a memory. The memory management logic is to translate an untranslated address to a memory address. The memory management logic includes a storage location, a series of translation stages, determination logic, and a translation lookaside buffer. The storage location is to store an address of a data structure for the first translation stage. Each of the translation stages includes translation logic to find an entry in a data structure based on a portion of the untranslated address. Each entry is to store an address of a different data structure for the first translation stage, an address of a data structure for a successive translation stage, or the physical address. The determination logic is to determine whether an entry is storing an address of a different data structure for the first translation stage. The translation lookaside buffer is to store translations. Each translation lookaside buffer entry includes an address source identifiers. Each address source identifier is to identify a unique micro-context. Each address source identifier is based on a virtual partition identifier. At least two of the of virtual partition identifiers are associated with one of the virtual machines.

Abstract translation: 公开了用于在每个虚拟机之间生成多个地址空间标识符以在受保护的微上下文之间切换的发明的实施例。 在一个实施例中，装置包括特权模式逻辑，接口和存储器管理逻辑。 特权模式逻辑是在多个虚拟机之间传送处理器的控制。 该接口是执行一个事务来从内存中获取信息。 存储器管理逻辑将非翻译地址转换为存储器地址。 存储器管理逻辑包括存储位置，一系列翻译级，确定逻辑和翻译后备缓冲器。 存储位置是存储用于第一翻译阶段的数据结构的地址。 每个翻译阶段包括翻译逻辑，以基于未翻译地址的一部分在数据结构中找到条目。 每个条目是存储用于第一翻译阶段的不同数据结构的地址，用于连续翻译阶段的数据结构的地址或物理地址。 确定逻辑是确定条目是否存储用于第一翻译阶段的不同数据结构的地址。 翻译后备缓冲区用于存储翻译。 每个翻译后备缓冲器条目包括地址源标识符。 每个地址源标识符是识别唯一的微观上下文。 每个地址源标识符都是基于虚拟分区标识符。 至少两个虚拟分区标识符与一个虚拟机相关联。

公开(公告)号：US20120117614A1

公开(公告)日：2012-05-10

申请号：US13305902

申请日：2011-11-29

Applicant: Ravi Sahita ,  Travis T. Schluessler

Inventor： Ravi Sahita ,  Travis T. Schluessler

IPC: G06F21/00 ,  G06F9/455

CPC classification number: H04L9/3234 ,  G06F9/45558 ,  G06F12/1433 ,  G06F12/1491 ,  G06F21/53 ,  G06F21/72 ,  G06F2009/45587 ,  G06F2221/034 ,  G06F2221/2149 ,  G06F2221/2153

Abstract: A system and method for high performance secure access to a trusted platform module on a hardware virtualization platform, which includes Virtual Machine Monitor (VMM) managed components coupled to the VMM and a plurality of Virtual Machines (VMs). One of the VMM managed components is a Trusted Platform Module (TPM) Each virtual machine includes a guest Operating System, a TPM device driver (TDD), and at least one security application. The VMM creates an intra-partition in memory for each TDD such that other code and information at a same or higher privilege level in the VM cannot access the TDD's memory contents. The VMM also maps access only from the TDD to a TPM register space specifically designated for the VM requesting access. Contents of the TPM requested by the TDD are stored in an exclusively VMM-managed protected page table that provides hardware-based memory isolation for the TDD.

Abstract translation: 用于高性能安全访问硬件虚拟化平台上的可信平台模块的系统和方法，其包括耦合到VMM的虚拟机监视器（VMM）被管理的组件和多个虚拟机（VM）。 VMM管理的组件之一是可信平台模块（TPM）每个虚拟机包括客户操作系统，TPM设备驱动程序（TDD）和至少一个安全应用程序。 VMM在每个TDD的存储器中创建内部分区，使得VM中相同或更高特权级别的其他代码和信息不能访问TDD的存储器内容。 VMM还将来自TDD的访问映射到为VM请求访问专门指定的TPM寄存器空间。 由TDD请求的TPM的内容存储在专用的VMM管理的受保护的页表中，该表为TDD提供基于硬件的存储器隔离。

公开(公告)号：US20120090016A1

公开(公告)日：2012-04-12

申请号：US13373957

申请日：2011-12-06

Applicant: Uday Savagaonkar ,  Ravi Sahita ,  Prashant Dewan

Inventor： Uday Savagaonkar ,  Ravi Sahita ,  Prashant Dewan

IPC: G06F21/00

CPC classification number: G06F21/64 ,  G06F9/45558 ,  G06F21/57 ,  G06F2009/45587

Abstract: A method for managing an agent includes verifying an integrity of the agent in response to a registration request. Memory protection is provided for the agent dining integrity verification. An indication is generated when registration of the agent has been completed. According to one aspect of the present invention, providing memory protection includes having a virtual machine monitor limit access to the agent. Other embodiments are described and claimed.