Invention Grant
US07966620B2 Secure network optimizations when receiving data directly in a virtual machine's memory address space
有权
在虚拟机的内存地址空间中直接接收数据时,可以进行安全的网络优化
- Patent Title: Secure network optimizations when receiving data directly in a virtual machine's memory address space
- Patent Title (中): 在虚拟机的内存地址空间中直接接收数据时,可以进行安全的网络优化
-
Application No.: US12267444Application Date: 2008-11-07
-
Publication No.: US07966620B2Publication Date: 2011-06-21
- Inventor: Sambhrama Madhusudhan Mundkur , Alireza Dabagh
- Applicant: Sambhrama Madhusudhan Mundkur , Alireza Dabagh
- Applicant Address: US WA Redmond
- Assignee: Microsoft Corporation
- Current Assignee: Microsoft Corporation
- Current Assignee Address: US WA Redmond
- Agency: Woodcock Washburn LLP
- Main IPC: G06F13/00
- IPC: G06F13/00
Abstract:
Techniques are disclosed for increasing the security of a system where incoming network packets are directly placed into the memory space of a virtual machine (VM) operating system (OS) running on the system via direct memory access (DMA). In an embodiment, each packet is split into a first portion, which requires further processing, and a second portion, which may be immediately placed into the VM OS's memory address space. When the host OS running on the system completes processing the first portion, it places it directly before the second portion in the VM OS memory space and indicates to the VM OS that a packet is available. Techniques are further disclosed that mitigate the security risk in such systems related to VLAN ID configuration.
Public/Granted literature
- US20100118868A1 SECURE NETWORK OPTIMIZATIONS WHEN RECEIVING DATA DIRECTLY IN A VIRTUAL MACHINE'S MEMORY ADDRESS SPACE Public/Granted day:2010-05-13
Information query
