Ensuring the privacy and integrity of a hypervisor
First Claim
1. One or more non-transitory computer-readable storage mediums storing one or more sequences of instructions, which when executed by one or more processors, cause:
- a host operating system managing a set of resources;
preventing the host operating system from accessing a portion of said set of resources comprising a set of memory pages belonging to a hypervisor or allocated by the hypervisor to prevent the host operating system from violating the privacy and integrity of said portion of said set of resources, wherein preventing comprises;
in response to receiving a request, from a virtual machine, to read one or more memory pages in said set of resources managed by said host operating system, the hypervisor requesting the one or more memory pages from the host operating system,the host operating system providing said one or more memory pages managed by the host operating system to the hypervisor, andafter the hypervisor receives said one or more memory pages from the host operating system, the hypervisor using a hardware component that establishes and enforces constraints on what areas of memory the host operating system is allowed to access to protect the one or more memory pages from the host operating system by preventing said host operating system access to an unencrypted version of said one or more memory pages.
2 Assignments
0 Petitions
Accused Products
Abstract
Approaches for ensuring the privacy and integrity of a hypervisor. A host operating system manages a set of resources. The host operating system is prevented from accessing a portion of the resources belonging to or allocated by the hypervisor. The host operating system may be prevented from accessing resources belonging to or allocated by the hypervisor by transferring execution of the host operating system into a virtual machine container that does not have sufficient privilege to access any portion of the memory pages in which the hypervisor is executing. After the host operating system provides a requested resource to the hypervisor, the hypervisor may use a hardware component that establishes and enforces constraints on what portions of memory the host operating system is allowed to access to protect the requested resource from the host operating system.
58 Citations
25 Claims
-
1. One or more non-transitory computer-readable storage mediums storing one or more sequences of instructions, which when executed by one or more processors, cause:
-
a host operating system managing a set of resources; preventing the host operating system from accessing a portion of said set of resources comprising a set of memory pages belonging to a hypervisor or allocated by the hypervisor to prevent the host operating system from violating the privacy and integrity of said portion of said set of resources, wherein preventing comprises; in response to receiving a request, from a virtual machine, to read one or more memory pages in said set of resources managed by said host operating system, the hypervisor requesting the one or more memory pages from the host operating system, the host operating system providing said one or more memory pages managed by the host operating system to the hypervisor, and after the hypervisor receives said one or more memory pages from the host operating system, the hypervisor using a hardware component that establishes and enforces constraints on what areas of memory the host operating system is allowed to access to protect the one or more memory pages from the host operating system by preventing said host operating system access to an unencrypted version of said one or more memory pages. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. An apparatus for ensuring the privacy and integrity of a hypervisor from a host operating system, comprising:
-
one or more processors; and one or more non-transitory computer-readable mediums storing one or more sequences of instructions, which when executed by the one or more processors, cause; the host operating system managing a set of resources; and preventing the host operating system from accessing a portion of said set of resources comprising a set of memory pages belonging to a hypervisor or allocated by the hypervisor to prevent the host operating system from violating the privacy and integrity of said portion of said set of resources, wherein preventing comprises; in response to receiving a request, from a virtual machine, to read one or more memory pages in said set of resources managed by said host operating system, the hypervisor requesting the one or more memory pages from host operating system, the host operating system providing said one or more memory pages managed by the host operating system to the hypervisor, and after the hypervisor receives said one or more memory pages form the host operating system, the hypervisor using a hardware component that establishes and enforces constraints on what areas of memory the host operating system is allowed to access to protect the one or more memory pages from the host operating system by preventing said host operating system access to an unencrypted version of said one or more memory pages.
-
-
25. A method for ensuring the privacy and integrity of a hypervisor, comprising:
-
a host operating system managing a set of resources; and preventing the host operating system from accessing a portion of said set of resources comprising a set of memory pages belonging to the hypervisor or allocated by the hypervisor to prevent the host operating system from violating the privacy and integrity of said portion of said set of resources, wherein preventing comprises; in response to receiving a request, from a virtual machine, to read one or more memory pages in said set of resources managed by the host operating system, the hypervisor requesting the one or more memory pages from the host operating system, the host operating system providing said one or more memory pages managed by the host operating system to the hypervisor, and after the hypervisor receives said one or more memory pages from the host operating system, the hypervisor using a hardware component that establishes and enforces constraints on what areas of memory the host operating system is allowed to access to protect the one or more memory pages from the host operating system by preventing said host operating system access to an unencrypted version of said one or more memory pages.
-
Specification