PROTECTING MEMORY OF A VIRTUAL GUEST
First Claim
1. A method comprising:
- initializing a virtual guest on a host computing system, the host computing system comprising a virtual machine manager, the virtual machine manager managing operation of the virtual guest, the virtual guest comprising a distinct operating environment executing in a virtual operation platform provided by the virtual machine manager;
receiving an allocation of run-time memory for the virtual guest, the allocation of run-time memory comprising a portion of run-time memory of the host computing system; and
setting, by the virtual guest, at least a portion of the allocation of run-time memory to be inaccessible by the virtual machine manager.
2 Assignments
0 Petitions
Accused Products
Abstract
The method for protecting memory of a virtual guest includes initializing a virtual guest on a host computing system. The host computing system includes a virtual machine manager that manages operation of the virtual guest. The virtual guest includes a distinct operating environment executing in a virtual operation platform provided by the virtual machine manager. The method includes receiving an allocation of run-time memory for the virtual guest, the allocation of run-time memory comprising a portion of run-time memory of the host computing system. The method includes setting, by the virtual guest, at least a portion of the allocation of run-time memory to be inaccessible by the virtual machine manager.
31 Citations
25 Claims
-
1. A method comprising:
-
initializing a virtual guest on a host computing system, the host computing system comprising a virtual machine manager, the virtual machine manager managing operation of the virtual guest, the virtual guest comprising a distinct operating environment executing in a virtual operation platform provided by the virtual machine manager; receiving an allocation of run-time memory for the virtual guest, the allocation of run-time memory comprising a portion of run-time memory of the host computing system; and setting, by the virtual guest, at least a portion of the allocation of run-time memory to be inaccessible by the virtual machine manager. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14-22. -22. (canceled)
-
23. A computer program product comprising a computer readable storage medium having computer readable program code embodied therewith, the computer readable program code for:
-
initializing a virtual guest on a host computing system, the host computing system comprising a virtual machine manager, the virtual machine manager managing operation of the virtual guest, the virtual guest comprising a distinct operating environment executing in a virtual operation platform provided by the virtual machine manager; receiving an allocation of run-time memory for the virtual guest, the allocation of run-time memory comprising a portion of run-time memory of the host computing system; and setting, by the virtual guest, at least a portion of the allocation of run-time memory to be inaccessible by the virtual machine manager. - View Dependent Claims (24)
-
-
25. A method comprising:
-
deploying a virtual guest security apparatus onto a host computing system, the virtual guest security apparatus capable of; initializing a virtual guest on the host computing system, the host computing system comprising a virtual machine manager, the virtual machine manager managing operation of the virtual guest, the virtual guest comprising a distinct operating environment executing in a virtual operation platform provided by the virtual machine manager; receiving an allocation of run-time memory for the virtual guest, the allocation of run-time memory comprising a portion of run-time memory of the host computing system; and setting, by the virtual guest, at least a portion of the allocation of run-time memory to be inaccessible by the virtual machine manager.
-
Specification