Invention Grant
- Patent Title: Guest protection from application code execution in kernel mode
-
Application No.: US15053899Application Date: 2016-02-25
-
Publication No.: US11429412B2Publication Date: 2022-08-30
- Inventor: Michael Tsirkin , Paolo Bonzini
- Applicant: Red Hat Israel, Ltd.
- Applicant Address: IL Ra'anana
- Assignee: Red Hat Israel, Ltd.
- Current Assignee: Red Hat Israel, Ltd.
- Current Assignee Address: IL Ra'anana
- Agency: Haynes and Boone, LLP
- Main IPC: G06F21/79
- IPC: G06F21/79 ; G06F12/14 ; G06F21/60 ; G06F9/455 ; G06F12/109 ; G06F21/53 ; G06F21/62 ; G06F21/52 ; G06F12/1009
Abstract:
Systems and methods are disclosed for securing an application running on a guest. An example method includes detecting, by a guest running on a virtual machine, that a set of physical memory pages is allocated to an application. The virtual machine runs on a hypervisor, and the application runs on the guest. During runtime, the guest may send a request to the hypervisor to set the set of physical memory pages to an executable-by-user mode in the hypervisor's page tables.
Public/Granted literature
- US20170249173A1 GUEST PROTECTION FROM APPLICATION CODE EXECUTION IN KERNEL MODE Public/Granted day:2017-08-31
Information query
