Protection domain groups to isolate access to memory windows
First Claim
Patent Images
1. A protection domain group, comprising:
- a memory region associated with a process;
a plurality of memory windows associated with the memory region;
a plurality of protection domains, each of the protection domains corresponding to one of the plurality of memory windows, each of the plurality of protection domains being adapted to allow access to the memory region only via the corresponding one of the plurality of memory windows to provide isolation between clients or processes seeking to access each one of the plurality of memory windows; and
an identifier assigned to the protection domain group and used to verify access to each one of the plurality protection domains within the protection domain group.
3 Assignments
0 Petitions
Accused Products
Abstract
The disclosed embodiments may relate to protection domain group, which may include a memory region associated with a process. The protection domain group may also include a plurality of memory windows associated with the memory region. Also included may be a plurality of protection domains, each of which may correspond to a memory window. The protection domains may allow access to the memory region via a corresponding memory window.
-
Citations
30 Claims
-
1. A protection domain group, comprising:
-
a memory region associated with a process; a plurality of memory windows associated with the memory region; a plurality of protection domains, each of the protection domains corresponding to one of the plurality of memory windows, each of the plurality of protection domains being adapted to allow access to the memory region only via the corresponding one of the plurality of memory windows to provide isolation between clients or processes seeking to access each one of the plurality of memory windows; and an identifier assigned to the protection domain group and used to verify access to each one of the plurality protection domains within the protection domain group. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer system, comprising:
-
a processor; a storage device that is adapted to store data for use by the processor; a user input device that is adapted to receive input from a user; and a system memory that is adapted to store data retrieved from the storage device for access by the processor, the system memory being organized into a protection domain group, the protection domain group comprising; a memory region associated with a process; a plurality of memory windows associated with the memory region; a plurality of protection domains, each of the protection domains corresponding to one of the plurality of memory windows, each of the plurality of protection domains being adapted to allow access to the memory region only via the corresponding one of the plurality of memory windows to provide isolation between clients or processes seeking to access each one of the plurality of memory windows; and an identifier assigned to the protection domain group and used to verify access to each one of the plurality protection domains within the protection domain group. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
defining a memory region, the memory region being associated with a process; defining a plurality of memory windows associated with the memory region; creating a plurality of protection domains corresponding to a protection domain group, each of the protection domains corresponding to one of the plurality of memory windows, each of the plurality of protection domains being adapted to allow access to the memory region only via the corresponding one of the plurality of memory windows to provide isolation between clients or processes seeking to access each one of the plurality of memory windows; and assigning an identifier to the protection domain group, the identifier used to verify access to each one of the plurality protection domains within the protection domain group. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 30)
-
-
27. A method of managing a memory access in a computer system, the computer system having a protection domain group comprising a plurality of protection domains, each of the protection domains corresponding to one of a plurality of memory windows to provide isolation between clients or processes seeking to access the memory windows, the method comprising the acts of:
-
receiving a request for memory access from a queue pair, the queue pair having a queue pair context that includes data that specifies an associated protection domain; comparing the data that specifies an associated protection domain to an identifier that is assigned to the protection domain group to determine if the associated protection domain is one of the plurality of protection domains in the protection domain group, wherein the identifier used to verify access to each one of the plurality protection domains within the protection domain group; and performing the request for memory access if the associated protection domain is one of the plurality of protection domains in the protection domain group. - View Dependent Claims (28, 29)
-
Specification