Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Virtualized address space isolation system and method

An address space and isolation system technology, applied in the field of virtualized address space isolation systems, can solve problems such as increasing chip area, impact on system memory access performance, and increasing access memory delay, so as to reduce complexity and improve memory access performance Effect

Active Publication Date: 2019-11-12
NANJING SEMIDRIVE TECH CO LTD
View PDF9 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The above-mentioned virtual address space isolation system, in order to complete the physical isolation, the hardware capable of DDR / register interrogation in each virtual machine (generally called DDR master) needs to be configured with secondary page table mapping (each master needs to be configured by HYPERVISOR Controlled secondary page table mapping), when performing DDR access, if the translation from virtual address to physical address is not cached (Page Table look-up miss), it will greatly increase the delay of accessing memory (two-level page table mapping requires More page table entry queries), and because the introduction of SMMU greatly increases the complexity from chip design to software design, increases the chip area, and also has a great impact on system memory access performance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Virtualized address space isolation system and method
  • Virtualized address space isolation system and method
  • Virtualized address space isolation system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0036] figure 2 It is an architecture diagram of a virtualized address space isolation system according to the present invention, such as figure 2 As shown, the virtualized address space isolation system of the present invention includes a Dom0 virtual machine 20, a first DomU virtual machine 21, a second DomU virtual machine 22, a virtual machine monitor (HYPERVISOR) 23, an access authority management module (Access Permission Control) 24, and address space 25, wherein,

[0037] The Dom0 virtual machine 20, the first DomU virtual machine 21, and the second DomU virtual machine 22 are respectively set in different hardware domains.

[0038] The Dom0 virtual machine 20 is used to create the DomU virtual machine, and set the accessible physical address space for each DomU virtual machine through the virtual machine monitor 23 .

[0039] In one embodiment of the present invention, the Dom0 virtual machine 20, as a privileged DOM of the Type-I virtual machine monitor, is respo...

Embodiment 2

[0048] image 3 It is a hardware block diagram of the access rights management module according to the present invention, such as image 3 As shown, the access authority management module 24 of the present invention includes an ABP peripheral access authority management module 30 and an AXI peripheral access authority management module 31, wherein,

[0049] The ABP peripheral access authority management module 30 , which checks the authority of the access request from the ABP peripheral, and controls the access of the ABP peripheral to the physical address space of the IP module register 303 .

[0050] The AXI peripheral access authority management module 31 , which checks the authority of the access request from the AXI peripheral, and controls the access of the AXI peripheral to the physical address space of the memory 313 .

[0051] In one embodiment of the present invention, the ABP peripheral access rights management module 30 also includes a first hardware domain ID che...

Embodiment 3

[0056] Figure 4 For the flowchart of the method for isolating virtualized address space according to the present invention, the following will refer to Figure 4 , the method for isolating a virtualized address space of the present invention is described in detail.

[0057] First, in step 401, during the system startup process, hardware domain settings are performed on the virtual machine monitor, the Dom0 virtual machine, the DomU virtual machine, and the access rights management module.

[0058] In this step, the virtual machine monitor, the Dom0 virtual machine, and the DomU virtual machine are respectively set in different hardware domains, and the access rights management module is set in the hardware domain where the virtual machine monitor is located.

[0059] In one embodiment of the present invention, the system startup process (starting with TYPE1 HYPERVISOR XEN as an example: power on the chip -> on-chip ROM -> BOOTLOADER -> HYPERVISOR -> Dom0 -> DomU) sets the ha...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a virtualized address space isolation system. The system comprises a Dom0 virtual machine, a DomU virtual machine, a virtual machine monitor, an access authority management module and an address space; the Dom0 virtual machine is used for creating the DomU virtual machine and setting the physical address space which can be accessed by the DomU virtual machine through the virtual machine monitor; the virtual machine monitor is used for managing resources and trapping and simulating privilege sensitive designation; and the access permission management module performs permission check on the access request of the DomU virtual machine to complete isolation of physical address access between DomUs. The invention further provides a virtualization address space isolation method, hardware isolation of the physical addresses of the virtual machines can be achieved without using SMMU, the complexity of software design is reduced, meanwhile, the chip area is reduced, the memory access delay is prolonged, and the memory access performance of the system is improved.

Description

technical field [0001] Embodiments of the present invention relate to the technical field of computer operating systems and virtualization, and in particular to a system and method for realizing virtualization address space isolation. Background technique [0002] Vehicle-mounted systems usually include vehicle-mounted LCD instrumentation systems and entertainment navigation systems. With the improvement of integrated circuit technology, vehicle-mounted LCD instrumentation systems and entertainment navigation systems tend to be integrated. Multiple software systems with different functions will run on a single chip. To achieve a higher security level and reduce the interference between different systems, software systems need to run in different virtual machines. For virtual machines, there is an address space isolation requirement: OS address spaces running on virtual machines are isolated from each other and cannot be accessed by each other. [0003] In the prior art, in ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F9/455G06F12/14
CPCG06F9/45558G06F12/1416G06F2009/45587
Inventor 冯涛
Owner NANJING SEMIDRIVE TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com