公开(公告)号：US20210294636A1

公开(公告)日：2021-09-23

申请号：US17343078

申请日：2021-06-09

Applicant: Intel Corporation

Inventor： Chuanxiao Dong ,  Yaozu Dong ,  Zhiyuan LV ,  Zhi Wang

IPC: G06F9/455 ,  G06F9/48

Abstract: Implementations disclosed describe a system and a method to execute a virtual machine on a processing device, receive a request to access a memory page identified by a guest virtual memory address (GVA) in an address space of the virtual machine, translate the GVA to a guest physical memory address (GPA) using a guest page table (GPT) comprising a GPT entry mapping the GVA to the GPA, translate the GPA to a host physical address (HPA) of the memory page, store, in a translation lookaside buffer (TLB), a TLB entry mapping the GVA to the HPA, modify the GPT entry to designate the memory page as accessed, detect an attempt by an application to modify the GPT entry; generate, in response to the attempt to modify the GPT entry, a page fault; and flush, in response to the page fault, the TLB entry.

公开(公告)号：US09736116B2

公开(公告)日：2017-08-15

申请号：US15057176

申请日：2016-03-01

Applicant: Intel Corporation

Inventor： Yaozu Dong ,  Kun Tian

IPC: G06F13/00 ,  H04L29/06 ,  H04L12/931 ,  G06F9/455

CPC classification number: H04L63/0263 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L49/00 ,  H04L63/0245

Abstract: An apparatus, system, method, and machine-readable medium are disclosed. In one embodiment the apparatus is a network interface controller that includes one virtual function owned by a virtual machine present in the computer system. The controller includes a simple filtering agent that is associated with the first virtual function. The agent enforces simple filter rules for received network packets. The simple filter rules are capable of blocking the network packets from reaching the virtual machine. The apparatus also includes another virtual function that is owned by a virtual machine monitor present in the computer system. The controller also includes a side bounce filtering agent to forward the first network packet to the second virtual function if the first packet is blocked by the at least one of the one or more simple filter rules.

公开(公告)号：US20160285830A1

公开(公告)日：2016-09-29

申请号：US15057176

申请日：2016-03-01

Applicant: Intel Corporation

Inventor： Yaozu Dong ,  Kun Tian

IPC: H04L29/06 ,  G06F9/455 ,  H04L12/931

CPC classification number: H04L63/0263 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L49/00 ,  H04L63/0245

Abstract: An apparatus, system, method, and machine-readable medium are disclosed. In one embodiment the apparatus is a network interface controller that includes one virtual function owned by a virtual machine present in the computer system. The controller includes a simple filtering agent that is associated with the first virtual function. The agent enforces simple filter rules for received network packets. The simple filter rules are capable of blocking the network packets from reaching the virtual machine. The apparatus also includes another virtual function that is owned by a virtual machine monitor present in the computer system. The controller also includes a side bounce filtering agent to forward the first network packet to the second virtual function if the first packet is blocked by the at least one of the one or more simple filter rules.

Abstract translation: 公开了一种装置，系统，方法和机器可读介质。 在一个实施例中，该装置是包括由计算机系统中存在的虚拟机拥有的一个虚拟功能的网络接口控制器。 控制器包括与第一虚拟功能相关联的简单过滤代理。 代理对接收到的网络数据包执行简单的过滤规则。 简单的过滤规则能够阻止网络数据包到达虚拟机。 该装置还包括由计算机系统中存在的虚拟机监视器拥有的另一虚拟功能。 如果第一分组被一个或多个简单过滤器规则中的至少一个阻挡，则控制器还包括侧向反弹过滤代理，以将第一网络分组转发到第二虚拟功能。

公开(公告)号：US11886906B2

公开(公告)日：2024-01-30

申请号：US17343078

申请日：2021-06-09

Applicant: Intel Corporation

Inventor： Chuanxiao Dong ,  Yaozu Dong ,  Zhiyuan Lv ,  Zhi Wang

IPC: G06F9/455 ,  G06F9/48

CPC classification number: G06F9/45558 ,  G06F9/485 ,  G06F2009/45583 ,  G06F2009/45591

Abstract: Implementations disclosed describe a system and a method to execute a virtual machine on a processing device, receive a request to access a memory page identified by a guest virtual memory address (GVA) in an address space of the virtual machine, translate the GVA to a guest physical memory address (GPA) using a guest page table (GPT) comprising a GPT entry mapping the GVA to the GPA, translate the GPA to a host physical address (HPA) of the memory page, store, in a translation lookaside buffer (TLB), a TLB entry mapping the GVA to the HPA, modify the GPT entry to designate the memory page as accessed, detect an attempt by an application to modify the GPT entry; generate, in response to the attempt to modify the GPT entry, a page fault; and flush, in response to the page fault, the TLB entry.

公开(公告)号：US20200097313A1

公开(公告)日：2020-03-26

申请号：US16333987

申请日：2019-02-22

Applicant: INTEL CORPORATION

Inventor： Chuanxiao Dong ,  Yaozu Dong ,  Zhiyuan Lv ,  Zhi Wang

IPC: G06F9/455 ,  G06F9/48

Abstract: Implementations disclosed describe a system and a method to execute a virtual machine on a processing device, receive a request to access a memory page identified by a guest virtual memory address (GVA) in an address space of the virtual machine, translate the GVA to a guest physical memory address (GPA) using a guest page table (GPT) comprising a GPT entry mapping the GVA to the GPA, translate the GPA to a host physical address (HPA) of the memory page, store, in a translation lookaside buffer (TLB), a TLB entry mapping the GVA to the HPA, modify the GPT entry to designate the memory page as accessed, detect an attempt by an application to modify the GPT entry; generate, in response to the attempt to modify the GPT entry, a page fault; and flush, in response to the page fault, the TLB entry.

公开(公告)号：US20170329623A1

公开(公告)日：2017-11-16

申请号：US15529426

申请日：2014-11-24

Applicant: INTEL CORPORATION

Inventor： Yaozu Dong ,  Kun Tian

IPC: G06F9/455 ,  G06T1/60 ,  G06T1/20

CPC classification number: G06F9/45558 ,  G06F2009/45579 ,  G06F2009/45583 ,  G06T1/20 ,  G06T1/60

Abstract: Methods, software, and apparatus for application transparent, high available GPU computing with VM checkpointing. The guest access of certain GPU resources, such as MMIO resources, are trapped to keep a copy of guest context per semantics, and/or emulate the guest access of the resources prior to submission to the GPU, while other commands relating to certain graphics memory address regions are trapped before being passed through to the GPU. The trapped commands are scanned before submission to predict: a) potential to-be-dirtied graphics memory pages, and b) the execution time of intercepted commands, so the next checkpointing can be aligned to a predicted execution time. The GPU internal states are drained by flushing internal context/tlb/cache, at the completion of submitted commands, and then a snapshot of the vGPU state is taken, based on tracked GPU state, GPU context (through GPU-specific commands), detected dirty graphics memory pages and predicted to-be dirtied graphics memory pages.

公开(公告)号：US09183026B2

公开(公告)日：2015-11-10

申请号：US14072855

申请日：2013-11-06

Applicant: Intel Corporation

Inventor： Yun Wang ,  Yaozu Dong

IPC: G06F9/46 ,  G06F12/00 ,  G06F9/455 ,  G06F12/02 ,  G06F9/50 ,  G06F12/10

CPC classification number: G06F9/45545 ,  G06F9/45554 ,  G06F9/45558 ,  G06F9/5077 ,  G06F12/0246 ,  G06F12/1036 ,  G06F12/109

Abstract: Machine-readable media, methods, apparatus and system are described. In some embodiments, a virtual machine monitor of a computer platform may comprise a service virtual machine created by the virtual machine monitor partitioning an underlying hardware machine to support execution of a plurality of overlying guest operating systems, wherein the plurality of guest operating systems comprise a guest operating system complying with a non-native guest system architecture different from a host system architecture with which the hardware machine complies. The service virtual machine may further comprise a translation layer to translate instructions from the guest operating system complying with the non-native guest system architecture into instructions complying with the host system architecture.

Abstract translation: 描述了机器可读介质，方法，装置和系统。 在一些实施例中，计算机平台的虚拟机监视器可以包括由虚拟机监视器创建的服务虚拟机，该虚拟机监视器划分底层硬件机器以支持多个重叠的客户操作系统的执行，其中多个客户操作系统包括 符合非本地客户机系统架构的客户机操作系统与硬件机器符合的主机系统架构不同。 服务虚拟机还可以包括翻译层，以将符合非本地客户系统体系结构的来宾操作系统的指令转换为符合主机系统体系结构的指令。

公开(公告)号：US11048542B2

公开(公告)日：2021-06-29

申请号：US16333987

申请日：2019-02-22

Applicant: INTEL CORPORATION

Inventor： Chuanxiao Dong ,  Yaozu Dong ,  Zhiyuan Lv ,  Zhi Wang

IPC: G06F9/455 ,  G06F9/48

Abstract: Implementations disclosed describe a system and a method to execute a virtual machine on a processing device, receive a request to access a memory page identified by a guest virtual memory address (GVA) in an address space of the virtual machine, translate the GVA to a guest physical memory address (GPA) using a guest page table (GPT) comprising a GPT entry mapping the GVA to the GPA, translate the GPA to a host physical address (HPA) of the memory page, store, in a translation lookaside buffer (TLB), a TLB entry mapping the GVA to the HPA, modify the GPT entry to designate the memory page as accessed, detect an attempt by an application to modify the GPT entry; generate, in response to the attempt to modify the GPT entry, a page fault; and flush, in response to the page fault, the TLB entry.

公开(公告)号：US10996968B2

公开(公告)日：2021-05-04

申请号：US15529426

申请日：2014-11-24

Applicant: INTEL CORPORATION

Inventor： Yaozu Dong ,  Kun Tian

IPC: G06T15/00 ,  G06F9/455 ,  G06T1/20 ,  G06T1/60

Abstract: Methods, software, and apparatus for application transparent, high available GPU computing with VM checkpointing. The guest access of certain GPU resources, such as MMIO resources, are trapped to keep a copy of guest context per semantics, and/or emulate the guest access of the resources prior to submission to the GPU, while other commands relating to certain graphics memory address regions are trapped before being passed through to the GPU. The trapped commands are scanned before submission to predict: a) potential to-be-dirtied graphics memory pages, and b) the execution time of intercepted commands, so the next checkpointing can be aligned to a predicted execution time. The GPU internal states are drained by flushing internal context/tlb/cache, at the completion of submitted commands, and then a snapshot of the vGPU state is taken, based on tracked GPU state, GPU context (through GPU-specific commands), detected dirty graphics memory pages and predicted to-be dirtied graphics memory pages.

公开(公告)号：US10375022B2

公开(公告)日：2019-08-06

申请号：US15677829

申请日：2017-08-15

Applicant: Intel Corporation

Inventor： Yaozu Dong ,  Kun Tian

IPC: G06F9/46 ,  H04L29/06 ,  H04L12/931 ,  G06F9/455

Abstract: An apparatus, system, method, and machine-readable medium are disclosed. In one embodiment the apparatus is a network interface controller that includes one virtual function owned by a virtual machine present in the computer system. The controller includes a simple filtering agent that is associated with the first virtual function. The agent enforces simple filter rules for received network packets. The simple filter rules are capable of blocking the network packets from reaching the virtual machine. The apparatus also includes another virtual function that is owned by a virtual machine monitor present in the computer system. The controller also includes a side bounce filtering agent to forward the first network packet to the second virtual function if the first packet is blocked by the at least one of the one or more simple filter rules.