| 发明名称 | System and method for protection of memory in a hypervisor | ||
| 摘要 | Disclosed are systems and methods for enabling secure execution of code in hypervisor mode. An exemplary method comprises: loading a hypervisor configured to check integrity of protected virtual memory pages; loading a trusted program configured to make hypercalls to the hypervisor; making by the trusted program a first hypercall to the hypervisor; responsive to the first hypercall, generating by the hypervisor a token, which is used by the hypervisor to identify the trusted program during subsequent hypercalls; allocating a memory page for storing the token and a memory address of the hypervisor; and returning the allocated memory page address to the trusted program. | ||
| 申请公布号 | US9536088(B1) | 申请公布日期 | 2017.01.03 |
| 申请号 | US201514935852 | 申请日期 | 2015.11.09 |
| 申请人 | AO Kaspersky Lab | 发明人 | Igotti Nikolay N.;Ershov Mikhail A. |
| 分类号 | G06F12/14;G06F21/56;G06F9/455 | 主分类号 | G06F12/14 |
| 代理机构 | Arent Fox LLP | 代理人 | Arent Fox LLP ;Fainberg Michael |
| 主权项 | 1. A method for secure execution of a hypervisor, the method comprising: loading, by a hardware processor of a computing device, a hypervisor configured to check integrity of protected virtual memory pages; loading, by the hardware processor, a trusted program configured to make hypercalls to the hypervisor; making by the trusted program a first hypercall to the hypervisor; responsive to the first hypercall, generating by the hypervisor a token, which is used by the hypervisor to identify the trusted program during subsequent hypercalls; allocating, by the hardware processor, a memory page for storing the token and a memory address of the hypervisor; and returning the allocated memory page address to the trusted program. | ||
| 地址 | Moscow RU | ||