Virtualizing processor memory protection with “L1 iterate and L2 drop/repopulate”

摘要

In a computing system including a processor and virtualization software including a guest operating system (OS) that utilizes a guest domain access control register (DACR) containing domain access information and guest page tables including first level page tables (L1 page tables) and second level page tables (L2 page tables), which guest page tables contain: (a) domain identifiers used to obtain domain access information from the guest DACR and (b) access permission information, wherein the domain access information and the access permission information are combined to provide an effective guest access permission, in accordance with one embodiment, a method for providing shadow page tables and processor DACR settings that virtualize processor memory protection includes: the virtualization software providing a shadow page table wherein: (a) domain identifiers in the shadow page table are used to identify domain access information in the processor DACR that are mapped from the domain access information in the guest DACR; and (b) access permissions in the shadow page table that are mapped from the effective access permission information in the guest page tables and guest DACR; wherein a memory management unit (MMU) in the processor traverses the shadow page table, accesses the processor DACR, and combines the mapped domain access information in the processor with the mapped access permission in the shadow page table to reflect the guest intended effective access permissions while isolating the guest from the virtualization software.

主权项

1. In a computing system comprised of a processor and virtualization software including a guest operating system (OS) that utilizes a guest domain access control register (DACR) containing domain access information and guest page tables including first level page tables (L1 page tables) and second level page tables (L2 page tables), which guest page tables contain: (a) domain identifiers used to obtain domain access information from the guest DACR and (b) access permission information, wherein the domain access information and the access permission information are combined to provide an effective guest access permission, a method for providing shadow page tables and processor DACR settings that virtualize processor memory protection, which method comprises:
the virtualization software providing a shadow page table wherein:
(a) domain identifiers in the shadow page table are used to identify domain access information in the processor DACR that are mapped from the domain access information in the guest DACR; and(b) access permissions in the shadow page table are mapped from the effective access permission information in the guest page tables based on a guest operation mode selected from a privileged mode and a user mode; wherein a memory management unit (MMU) in the processor
traverses the shadow page table,accesses the processor DACR, andcombines the mapped domain access information in the processor DACR with the mapped access permission in the shadow page table to reflect the guest intended effective access permissions while isolating the guest from the virtualization software.