CONFIGURATION SPACE VIRTUALIZATION
First Claim
Patent Images
1. A method for managing communications between a virtual machine and an I/O device, comprising:
- constructing a representation of configuration space for the I/O device indicating actions that can be performed on the I/O device by the virtual machine for memory locations within said configuration space;
constructing a representation of memory mapped I/O space, wherein each page of the memory mapped I/O space is mapped into said virtual machine or excluded from said virtual machine; and
controlling access to said I/O device in accordance with said representation of configuration space and said representation of memory mapped I/O space.
2 Assignments
0 Petitions
Accused Products
Abstract
Various aspects are disclosed herein for bounding the behavior of a non-privileged virtual machine that interacts with a device by creating a description of the device which indicates to a privileged authority (1) which operations on the device may have system-wide effects and (2) which operations have effects local to the device. The privileged authority may then permit or deny these actions. The privileged authority may also translate these actions into other actions with benign consequences.
51 Citations
20 Claims
-
1. A method for managing communications between a virtual machine and an I/O device, comprising:
-
constructing a representation of configuration space for the I/O device indicating actions that can be performed on the I/O device by the virtual machine for memory locations within said configuration space; constructing a representation of memory mapped I/O space, wherein each page of the memory mapped I/O space is mapped into said virtual machine or excluded from said virtual machine; and controlling access to said I/O device in accordance with said representation of configuration space and said representation of memory mapped I/O space. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system adapted to managing communications between a virtual machine and a device, comprising:
-
at least one processor; and at least one memory communicatively coupled to said at least one processor, the memory having stored therein computer-executable instructions capable of; receiving a description of the device, the description comprising information regarding which operations on the device have system-wide effects and which have effects that are local to the device; creating a representation of the description; and embedding said representation in an installation file for a driver for said device, wherein the representation enables the construction of a map of configuration space for the device and a map of memory mapped I/O space, wherein said map of configuration space and said map of memory mapped I/O space may be used to access the device. - View Dependent Claims (13, 14)
-
-
15. A computer readable storage medium storing thereon computer executable instructions for controlling access to a PCI, PCI-X or PCI-Express device wherein the device is communicatively coupled to a physical machine that hosts virtual machines, comprising instructions for:
-
receiving an installation file for the device, wherein the installation file comprises information regarding which operations on the device have system-wide effects and which have effects that are local to the device; constructing at least one map of attributes for the device'"'"'s configuration space, memory mapped I/O space and I/O space, wherein each page or each bit associated with the at least one map is mapped into said virtual machine and wherein a static page of bits can be provided to a virtual machine as the state of the device; populating the at least one map based on said received installation file; and using the at least one map to manage access the device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification