SAFELY DISCOVERING SECURE MONITORS AND HYPERVISOR IMPLEMENTATIONS IN SYSTEMS OPERABLE AT MULTIPLE HIERARCHICAL PRIVILEGE LEVELS

摘要

In a computer system operable at multiple hierarchical privilege levels, a “wait-for-event” (WFE) communication channel between components operating at different privilege levels is established. Initially, a central processing unit (CPU) is configured to to “trap” WFE instructions issued by a client, such as an operating system, operating at one privilege level to an agent, such as a hypervisor, operating at a more privileged level. After storing a predefined special sequence in a storage component (e.g., a register), the client executes a WFE instruction. As part of trapping the WFE instruction, the agent reads and interprets the special sequence from the storage component and may respond to the special sequence by storing another special sequence in a storage component that is accessible to the client. Advantageously, a client may leverage this WFE communication channel to safely and reliably detect whether an agent is present.

主权项

1. In a computer system operating at a first privilege level, a method of detecting an agent operating at a second privilege level that is a higher privilege level than the first privilege level, wherein the agent is configured to trap wait-for-event (WFE) instructions generated at the first privilege level, the method comprising:
storing a value in a first memory component that is accessible by the agent to indicate to the agent that the WFE instruction is intended to detect the agent; executing one or more WFE instructions; and in response to a notification of successful completion of the WFE instructions, reading a second memory component in which the agent, in response to the WFE instructions, is to store a value indicating that the agent is present, and determining whether the agent is present based on the value stored in the second memory component.