| 摘要 |
Operating system methods and techniques for supporting one or more custom execution environments (CE<2>s) are provided. According to one embodiment, a determination is made with respect to which system resources of a computer system, if any, are to remain under control of a resident operating system of the computer system and which of the system resources are to be placed under control of one or more CE<2>s. The system resources are then partitioned among the resident operating system and the one or more CE<2>s by associating one or more partitions of the system resources with the one or more CE<2>s. Such partitioning may be performed by the resident operating system by employing hardware-based isolation techniques provided by a processor of the computer system, performed by the resident operating system by employing a secure-platform interface, or configured by a system administrator via hardware partitioning capability provided by the computer system platform.
|
