公开(公告)号：US20190130102A1

公开(公告)日：2019-05-02

申请号：US15801649

申请日：2017-11-02

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： Kenneth D. JOHNSON ,  Sai Ganesh RAMACHANDRAN ,  Xin David ZHANG ,  Arun Upadhyaya KISHAN ,  David Alan HEPKIN

IPC: G06F21/55 ,  G06F12/1009 ,  G06F12/1045 ,  G06F12/14 ,  G06F9/455

Abstract: Speculative side channels exist when memory is accessed by speculatively-executed processor instructions. Embodiments use uncacheable memory mappings to close speculative side channels that could allow an unprivileged execution context to access a privileged execution context's memory. Based on allocation of memory location(s) to the unprivileged execution context, embodiments map these memory location(s) as uncacheable within first page table(s) corresponding to the privileged execution context, but map those same memory locations as cacheable within second page table(s) corresponding to the unprivileged execution context. This prevents a processor from carrying out speculative execution of instruction(s) from the privileged execution context that access any of this memory allocated to the unprivileged execution context, due to the unprivileged execution context's memory being mapped as uncacheable for the privileged execution context. Performance for the unprivileged execution context is substantially unaffected, however, since this memory is mapped as cacheable for the unprivileged execution context.

公开(公告)号：US20240311166A1

公开(公告)日：2024-09-19

申请号：US18538237

申请日：2023-12-13

Applicant: Microsoft Technology Licensing, LLC

Inventor： Bruce J. SHERWIN, JR. ,  Sai Ganesh RAMACHANDRAN

IPC: G06F9/455 ,  G06F12/1009 ,  G06F16/14 ,  G06F16/17

CPC classification number: G06F9/45545 ,  G06F9/45558 ,  G06F12/1009 ,  G06F16/144 ,  G06F16/1734 ,  G06F2009/45575 ,  G06F2009/45591 ,  G06F2212/7201

Abstract: Hot restart of a hypervisor by replacing a running first hypervisor by a second hypervisor with minimally perceptible downtime to guest partitions. A first hypervisor is executed on a computing system. The first hypervisor is configured to create one or more guest partitions. During the hot restart, a service partition is generated and initialized with a second hypervisor. At least a portion of runtime state of the first hypervisor is migrated and synchronized to the second hypervisor using inverse hypercalls. After the synchronization, the second hypervisor is devirtualized from the service partition to replace the first hypervisor. Devirtualizing includes transferring control of hardware resources from the first hypervisor to the second hypervisor, using the previously migrated and synchronized runtime state.

公开(公告)号：US20240211288A1

公开(公告)日：2024-06-27

申请号：US18069832

申请日：2022-12-21

Applicant: Microsoft Technology Licensing, LLC

Inventor： Alexander Daniel GREST ,  David Alan HEPKIN ,  Bruce J. SHERWIN, JR. ,  Matthew Jordan SEBEK ,  Sai Ganesh RAMACHANDRAN ,  Xin David ZHANG

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/45566 ,  G06F2009/4557 ,  G06F2009/45583

Abstract: Hierarchical virtualization creates a child guest partition that shares a hypervisor with a parent guest partition. A hypervisor receives a request, from a first guest partition that operates at the hypervisor, to create a second guest partition as a child of the first guest partition. The hypervisor identifies a configuration specification for the second guest partition, which includes (1) an identification of a memory portion, which is allocated to the first guest partition, that is to be mapped into the second guest partition; and (2) a configuration of a virtual processor that is to be utilized by the second guest partition. The hypervisor creates the second guest partition based on the configuration specification.

公开(公告)号：US20230061596A1

公开(公告)日：2023-03-02

申请号：US17882305

申请日：2022-08-05

Applicant: Microsoft Technology Licensing, LLC

Inventor： Bruce J. SHERWIN, JR. ,  Sai Ganesh RAMACHANDRAN

IPC: G06F9/455 ,  G06F16/14 ,  G06F16/17 ,  G06F12/1009

Abstract: Hot restart of a hypervisor by replacing a running first hypervisor by a second hypervisor with minimally perceptible downtime to guest partitions. A first hypervisor is executed on a computing system. The first hypervisor is configured to create one or more guest partitions. During the hot restart, a service partition is generated and initialized with a second hypervisor. At least a portion of runtime state of the first hypervisor is migrated and synchronized to the second hypervisor using inverse hypercalls. After the synchronization, the second hypervisor is devirtualized from the service partition to replace the first hypervisor. Devirtualizing includes transferring control of hardware resources from the first hypervisor to the second hypervisor, using the previously migrated and synchronized runtime state.

公开(公告)号：US20190384591A1

公开(公告)日：2019-12-19

申请号：US16010350

申请日：2018-06-15

Applicant: Microsoft Technology Licensing, LLC

Inventor： Sai Ganesh RAMACHANDRAN ,  Bruce J. SHERWIN, JR. ,  David Alan HEPKIN

IPC: G06F8/656 ,  G06F9/455

Abstract: The disclosed technology is generally directed to the patching of executing binaries. In one example of the technology, at separate times, a plurality of hot patch requests is received. Each hot patch request of the plurality of hot patch requests includes a corresponding hot patch to hot patch the executing binary. A cardinality of the plurality of hot patch requested is greater than the fixed number of logical patch slots. with the executing binary continuing to execute, each time a request to apply a hot patch to the executing binary is received, the corresponding hot patch is assigned to an inactive logical patch slot of the fixed number of logical patch slots. The corresponding hot patch is executed from the assigned logical patch slot to hot patch the executing binary based on the corresponding hot patch.