Unlock instant, AI-driven research and patent intelligence for your innovation.

Physical memory access control and isolation method

An access control, physical memory technology, applied in program control devices, software simulation/interpretation/simulation, etc., can solve problems such as lack of data integrity protection, inability to dynamically detect data changes in real time, and protection failures

Active Publication Date: 2018-01-09
TANGRAM MICROELECTRONICS TECH SHANGHAI CO LTD
View PDF14 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are three main security risks in this kind of memory protection based on encryption: 1) If the attacker cracks the encryption algorithm, the protection will be completely invalid or there are some loopholes in the algorithm implementation, which will reduce the protection strength; 2) The data is not complete. The attacker can modify the encrypted data and the CPU cannot dynamically detect the changes in the data in real time; 3) The same key is used between the tasks inside the virtual machine, so the encrypted data is transparent to the tasks inside the virtual machine , the attacker can still exploit the vulnerabilities of the virtual machine to access the data that should be protected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Physical memory access control and isolation method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0011] The technical solutions of the present invention will be described in further detail below with reference to the accompanying drawings and embodiments.

[0012] In the field of memory management, the CPU manages memory in units of pages. The page size can be 4K or 2M Bytes, for example. The tasks / virtual machines running in the CPU use virtual addresses, which pass through the page table (Pagetable) Only after being mapped to a physical address can it be accessed by the CPU. The page table attribute is used to describe the information of the current page. For example, the R / W attribute indicates whether the page is read-write or read-only, and the NX attribute indicates whether the page can be executed.

[0013] In order to control and isolate virtual machine memory access, in the embodiment of the present invention, we add a physical page attribute table (page frame attribute table) for each physical page. When running, if the virtual machine needs to access the memor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a physical memory access control and isolation method. The method comprises the steps of obtaining first owner information (VMID) of a virtual machine and first task information (TID) of a task according to a memory access request sent by the task in the virtual machine; according to a virtual address generated by the request, looking for a system page table, and finding aphysical address corresponding to the virtual address; looking for a physical page attribute table, and obtaining second owner information (VMID) and second task information (TID) corresponding to the physical address; and at least according to the first owner information (VMID), the first task information (TID), the second owner information (VMID) and the second task information (TID), determining whether memory access is allowed or not. The problem of illegal access of a virtual machine management program, other tasks in the virtual machine and illegal codes of the current task in a virtualplatform to current task data can be well solved.

Description

technical field [0001] The invention relates to a physical memory access control and isolation method, in particular to a method for adding physical page attributes to realize the physical memory access control and isolation method at the task level in a virtual machine. Background technique [0002] AMD's SEV technology can encrypt the physical memory used by the virtual machine. The encrypted key can only be accessed by the security processor. The keys used by different virtual machines are different, and the keys used by the virtual machine and the hypervisor are also different, so it can ensure that the memory of the virtual machine cannot be accessed by other virtual machines or hypervisors. access. There are three main security risks in this kind of memory protection based on encryption: 1) If the attacker cracks the encryption algorithm, the protection will be completely invalid or there are some loopholes in the algorithm implementation, which will reduce the protec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/455
Inventor 冯浩应志伟杜朝晖
Owner TANGRAM MICROELECTRONICS TECH SHANGHAI CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com