发明名称 |
SECURE IDENTIFICATION OF EXECUTION CONTEXTS |
摘要 |
A virtual-machine-based system that identifies an application or process in a virtual machine in order to locate resources associated with the identified application. Access to the located resources is then controlled based on a context of the identified application. Those applications without the necessary context will have a different view of the resource. |
申请公布号 |
US2016239339(A1) |
申请公布日期 |
2016.08.18 |
申请号 |
US201615138136 |
申请日期 |
2016.04.25 |
申请人 |
VMware, Inc. |
发明人 |
CHEN Xiaoxin;WALDSPURGER Carl A.;SUBRAHMANYAM Pratap |
分类号 |
G06F9/46;G06F9/48;G06F11/14;G06F9/455 |
主分类号 |
G06F9/46 |
代理机构 |
|
代理人 |
|
主权项 |
1. In a computer system comprising a virtual machine monitor (VMM) running on system hardware and supporting a virtual machine (VM) having a first execution context running therein, a method of facilitating a guest operating system (OS) running in the VM to respond to a first event occurrence issued from the first execution context comprising:
(1) the VMM intercepting the first event occurrence and taking control from the first execution context; (2) the VMM saving a state of the first execution context in a first memory space provided for the first execution context; (3) the VMM redirecting control to a dispatch handler program; (3A) the dispatch handler program creating a second event occurrence as a function of the first event occurrence and issuing the second event occurrence to the guest OS; (4) the VMM intercepting the second event occurrence, saving a state of the dispatch handler, modifying control return information of the second event occurrence and forwarding the modified second event occurrence to the guest OS; (5) the guest OS processing the second event occurrence and returning control as a function of the modified control return information; (6) the VMM restoring the state of the saved dispatch handler and the dispatch handler processing data returned by the guest OS in response to the modified second event occurrence; (7) the dispatch handler requesting the VMM to resume execution of the first execution context; and (8) the VMM restoring the state of the first execution context saved in step (2) and returning control to the first execution context. |
地址 |
Palo Alto CA US |