-
公开(公告)号:PL3935532T3
公开(公告)日:2025-03-03
申请号:PL20708469
申请日:2020-02-28
Applicant: IBM
Inventor: BORNTRAEGER CHRISTIAN , IMBRENDA CLAUDIO , BUSABA FADI , BRADBURY JONATHAN , HELLER LISA
-
公开(公告)号:AU2020233907A1
公开(公告)日:2021-06-17
申请号:AU2020233907
申请日:2020-02-27
Applicant: IBM
Inventor: IMBRENDA CLAUDIO , BUSABA FADI , HELLER LISA , BRADBURY JONATHAN
IPC: G06F9/455
Abstract: According to one or more embodiments of the present invention, a computer implemented method includes initiating, by a non-secure entity that is executing on a host server, a secure entity, the non-secure entity prohibited from directly accessing any data of the secure entity. The method further includes injecting, into the secure entity, an interrupt that is generated by the host server. The injecting includes adding, by the non-secure entity, information about the interrupt into a portion of non-secure storage, which is then associated with the secure entity. The injecting further includes injecting, by a secure interface control of the host server, the interrupt into the secure entity.
-
公开(公告)号:ZA202106314B
公开(公告)日:2022-07-27
申请号:ZA202106314
申请日:2021-08-30
Applicant: IBM
Inventor: MIHAJLOVSKI VIKTOR , IMBRENDA CLAUDIO
Abstract: A method for starting a secure guest includes receiving, by a hypervisor that is executing on a host server, a request to dispatch a virtual machine (VM) on the host server. The VM is dispatched on the host server by the hypervisor. The VM includes a reboot instruction. The reboot instruction is triggered by the hypervisor to restart the VM in a secure mode.
-
公开(公告)号:CA3132760A1
公开(公告)日:2020-09-17
申请号:CA3132760
申请日:2020-02-27
Applicant: IBM
Inventor: IMBRENDA CLAUDIO , BUSABA FADI , HELLER LISA , BRADBURY JONATHAN
IPC: G06F9/455
Abstract: According to one or more embodiments of the present invention, a computer implemented method includes initiating, by a non-secure entity that is executing on a host server, a secure entity, the non-secure entity prohibited from directly accessing any data of the secure entity. The method further includes injecting, into the secure entity, an interrupt that is generated by the host server. The injecting includes adding, by the non-secure entity, information about the interrupt into a portion of non-secure storage, which is then associated with the secure entity. The injecting further includes injecting, by a secure interface control of the host server, the interrupt into the secure entity.
-
公开(公告)号:CA3132752A1
公开(公告)日:2020-09-17
申请号:CA3132752
申请日:2020-02-28
Applicant: IBM
Inventor: BORNTRAEGER CHRISTIAN , IMBRENDA CLAUDIO , BUSABA FADI , BRADBURY JONATHAN , HELLER LISA
Abstract: A method is provided by a secure interface control of a computer that provides a partial instruction interpretation for an instruction which enables an interruption. The secure interface control fetches a program status word or a control register value from a secure guest storage. The secure interface control notifies an untrusted entity of guest interruption mask updates. The untrusted entity is executed on and in communication with hardware of the computer through the secure interface control to support operations of a secure entity executing on the untrusted entity. The secure interface control receives, from the untrusted entity, a request to present a highest priority, enabled guest interruption in response to the notifying of the guest interruption mask updates. The secure interface control moves interruption information into a guest prefix page and injecting the interruption in the secure entity when an injection of the interruption is determined to be valid.
-
Patent Agency Ranking
公开(公告)号:AU2020237597B2
公开(公告)日:2022-11-24
申请号:AU2020237597
申请日:2020-02-28
Applicant: IBM
Inventor: BORNTRAEGER CHRISTIAN , IMBRENDA CLAUDIO , BUSABA FADI , BRADBURY JONATHAN , HELLER LISA
Abstract: A method is provided by a secure interface control of a computer that provides a partial instruction interpretation for an instruction which enables an interruption. The secure interface control fetches a program status word or a control register value from a secure guest storage. The secure interface control notifies an untrusted entity of guest interruption mask updates. The untrusted entity is executed on and in communication with hardware of the computer through the secure interface control to support operations of a secure entity executing on the untrusted entity. The secure interface control receives, from the untrusted entity, a request to present a highest priority, enabled guest interruption in response to the notifying of the guest interruption mask updates. The secure interface control moves interruption information into a guest prefix page and injecting the interruption in the secure entity when an injection of the interruption is determined to be valid.
-
公开(公告)号:SG11202105425TA
公开(公告)日:2021-06-29
申请号:SG11202105425T
申请日:2020-03-06
Applicant: IBM
Inventor: IMBRENDA CLAUDIO , BORNTRAEGER CHRISTIAN , HELLER LISA , BUSABA FADI , BRADBURY JONATHAN
Abstract: According to one or more embodiments of the present invention, a computer implemented method includes receiving, at a secure interface control of a computer system, an access request for a data structure related to a secure entity in a secure domain of the computer system. The secure interface control can check for a virtual storage address associated with a location of the data structure. The secure interface control can request an address translation using a virtual address space of a non-secure entity of the computer system based on determining that the location of the data structure is associated with the virtual storage address. The secure interface control can access the data structure based on a result of the address translation.
-
公开(公告)号:AU2020235010A1
公开(公告)日:2021-06-17
申请号:AU2020235010
申请日:2020-03-06
Applicant: IBM
Inventor: MIHAJLOVSKI VIKTOR , IMBRENDA CLAUDIO
Abstract: A method for starting a secure guest includes receiving, by a hypervisor that is executing on a host server, a request to dispatch a virtual machine (VM) on the host server. The VM is dispatched on the host server by the hypervisor. The VM includes a reboot instruction. The reboot instruction is triggered by the hypervisor to restart the VM in a secure mode.
-
公开(公告)号:CA3132756A1
公开(公告)日:2020-09-17
申请号:CA3132756
申请日:2020-03-06
Applicant: IBM
Inventor: MIHAJLOVSKI VIKTOR , IMBRENDA CLAUDIO
Abstract: A method for starting a secure guest includes receiving, by a hypervisor that is executing on a host server, a request to dispatch a virtual machine (VM) on the host server. The VM is dispatched on the host server by the hypervisor. The VM includes a reboot instruction. The reboot instruction is triggered by the hypervisor to restart the VM in a secure mode.
-
10.发明专利
公开(公告)号:MX395008B
公开(公告)日:2025-03-24
申请号:MX2021010589
申请日:2021-09-02
Applicant: IBM
Inventor: BORNTRAEGER CHRISTIAN , IMBRENDA CLAUDIO , BUSABA FADI , BRADBURY JONATHAN , HELLER LISA
IPC: G06F12/1009 , G06F9/455 , G06F12/10 , G06F21/62
Abstract: De acuerdo con una o más modalidades de la presente invención, un método implementado por computadora incluye recibir, en un control de interfaz segura de un sistema de computadora, una solicitud de acceso para una estructura de datos relacionada con una entidad segura en un dominio seguro del sistema de computadora. El control de interfaz segura puede verificar una dirección de almacenamiento virtual asociada con una ubicación de la estructura de datos. El control de interfaz segura puede solicitar una traducción de direcciones usando un espacio de dirección virtual de una entidad no segura del sistema de computadora con base en la determinación de que la ubicación de la estructura de datos se asocia con la dirección de almacenamiento virtual. El control de interfaz segura puede acceder a la estructura de datos con base en un resultado de la traducción de direcciones.
-
-
-
-
-
-
-
-
-
Search Results
18
records
(took 0.033 seconds)
