Implementation of memory access control using optimizations
First Claim
Patent Images
1. A computer-readable storage medium encoded with computer-executable instructions to perform a method of processing a memory access request, the method comprising:
- receiving a request to access a portion of a memory, said request identifying the portion of memory to be accessed through an identifier that is translatable through an address translation map;
determining, based on cached information about said address translation map, whether execution of said request will violate a policy that limits access to said memory, wherein said cached information includes data identifying a set of pages of said address translation map that have a predetermined property;
if execution of said request will not violate said policy, then allowing access to said memory in accordance with said request; and
if execution of said request will violate said policy, then either;
blocking said request;
ormodifying said request such that said request does not violate the policy, and carrying out the modifying request.
2 Assignments
0 Petitions
Accused Products
Abstract
Mechanisms are disclosed that may allow certain memory access control algorithms to be implemented efficiently. When memory access control is based on controlling changes to an address translation map (or set of maps), it may be necessary to determine whether a particular map change would allow memory to be accessed in an impermissible way. Certain data about the map may be cached in order to allow the determination to be made more efficiently than performing an evaluation of the entire map.
-
Citations
31 Claims
-
1. A computer-readable storage medium encoded with computer-executable instructions to perform a method of processing a memory access request, the method comprising:
-
receiving a request to access a portion of a memory, said request identifying the portion of memory to be accessed through an identifier that is translatable through an address translation map; determining, based on cached information about said address translation map, whether execution of said request will violate a policy that limits access to said memory, wherein said cached information includes data identifying a set of pages of said address translation map that have a predetermined property; if execution of said request will not violate said policy, then allowing access to said memory in accordance with said request; and if execution of said request will violate said policy, then either; blocking said request;
ormodifying said request such that said request does not violate the policy, and carrying out the modifying request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of managing a computer memory to which access is provided through an address translation map, the method comprising:
-
storing information about at least one aspect of the state of the address translation map, wherein the stored information includes data identifying a set of pages of the address translation map that have a predetermined property; receiving a request to access the computer memory; determining, based at least in part on the stored information, that carrying out of the request will not violate a policy that limits access to the computer memory; allowing the request to be carried out; and updating the stored information to reflect the state of the address translation map resulting from carring out the request. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system for controlling access to a memory that is addressed by way of an address translation map, the system comprising:
-
one or more storage locations that store a policy that limits access to the memory; a cache that stores information about the address translation map, wherein the information stored in said cache comprises data identifying a set of pages of said address translation map that have a predetermined property; and logic that receives a request to access the memory, and that determines, based at least in part on the information stored in the cache, whether the request is allowable under said policy, said logic allowing the request to proceed if said request is determined to be allowable under the policy, said logic either (1) blocking said request, or (2) modifying said request into a form that is allowable under the policy and allowing the modified request to proceed, if said request is determined not to be allowable under the policy. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification