Abstract: Methods and systems are provided to control the execution of a virtual machine (VM). A VM Monitor (VMM) accesses VM Control Structures (VMCS) indirectly through access instructions passed to a processor. In one embodiment, the access instructions include VMCS component identifiers used by the processor to determine the appropriate storage location for the VMCS components. The processor identifies the appropriate storage location for the VMCS component within the processor storage or within memory.

Abstract: In one embodiment, a method for supporting address translation in a virtual-machine environment includes creating a guest translation data structure to be used by a guest operating system for address translation operations, creating an active translation data structure based on the guest translation data structure, and periodically modifying the content of the active translation data structure to conform to the content of the guest translations data structure. The content of the active translation data structure is used by a processor to cache address translations in a translation-lookaside buffer (TLB).

Abstract: An authenticated code module comprises a value that attests to the authenticity of the module. The value is encrypted with a key corresponding to a key of a computing device that is to execute the module.

Abstract: In one embodiment, a request to transition control to a virtual machine (VM) is received from a virtual machine monitor (VMM) and a determination is made as to whether the VMM has requested a delivery of a fault to the VM. If the determination is positive, the fault is delivered to the VM when control is transitioned to the VM.

Abstract: A method and system for support of personal computing in a public computing infrastructure. The system including a plurality of computers to be used by patrons of a public computing infrastructure. The system also includes one or more servers coupled to the plurality of computers via a network connection. Each of the plurality of computers includes a virtual machine monitor. The virtual machine monitor has a plurality of base virtual machine images, each of the base virtual machine images is customized for a particular hardware and software configuration representing a specific computing environment. The virtual machine monitor launches one of the plurality of base virtual machine images, arbitrates access to system resources via the launched virtual machine image, stores the changes in the state of the virtual machine image when a user terminates a session, and returns a computer to an appropriate state to enable the user to resume the terminated session in subsequent sessions.

Abstract: A method and apparatus for constructing host processor soft devices independent of the host processor operating system are provided. In one embodiment, a driver of a soft device is implemented in a virtual machine monitor (VMM), and the soft device is made available for use by one or more virtual machines coupled to the VMM. In an alternative embodiment, a software component of a soft device is implemented in a first virtual machine that is coupled to a VMM, and the soft device is made available for use by a second virtual machine coupled to the VMM.

Abstract: An apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment are described. The method includes disregarding a received load secure region instruction when a currently active load secure region operation is detected. Otherwise, a memory protection element is directed, in response to the received load secure region instruction, to form a secure memory environment. Once directed, unauthorized read/write access to one or more protected memory regions are prohibited. Finally, a cryptographic hash value of the one or more protected memory regions is stored within a digest information repository as a secure software identification value. Once stored, outside agents may request access to a digitally signed software identification value to establish security verification of secure software within the secure memory environment.

Abstract: In one embodiment, a method for providing power management via virtualization includes monitoring the utilization of a host platform device by one or more virtual machines and managing power consumption of the host platform device based on the results of monitoring.

Abstract: Transitions among schedulable entities executing in a computer system are tracked in computer hardware or in a virtual machine monitor. In one aspect, the schedulable entities are operating system processes and threads, virtual machines, and instruction streams executing on the hardware. In another aspect, the schedulable entities are processes or threads executing within the virtual machines under the control of the virtual machine monitor. The virtual machine monitor derives scheduling information from the transitions to enable a virtual machine system to guarantee adequate scheduling quality of service to real-time applications executing in virtual machines that contain both real-time and non-real-time applications. In still another aspect, a parent virtual machine monitor in a recursive virtualization system can use the scheduling information to schedule a child virtual machine monitor that controls multiple virtual machines.

Abstract: In one embodiment, a command pertaining to one or more portions of a register is received from guest software. Further, a determination is made as to whether the guest software has access to all of the requested portions of the register based on indicators within a mask field that correspond to the requested portions of the register. If the guest software has access to all of the requested portions of the register, the command received from the guest software is executed on the requested portions of the register.

Abstract: A method and an apparatus are used to efficiently translate memory addresses. The translation scheme yields a translated address, a memory type for the translated address, and a fault bit for the translation.

Abstract: In one embodiment, fault information relating to a fault associated with the operation of guest software is received. Further, a determination is made as to whether the fault information satisfies one or more filtering criterion. If the determination is positive, control remains with the guest software and is not transferred to the virtual machine monitor (VMM).

Abstract: A conjugate processor includes an instruction set architecture (ISA) visible portion having a main pipeline, and an h-flow portion having an h-flow pipeline. The binary executed on the conjugate processor includes an essential portion that is executed on the main pipeline and a non-essential portion that is executed on the h-flow pipeline. The non-essential portion includes hint calculus that is used to provide hints to the main pipeline. The conjugate processor also includes a conjugate mapping table that maps triggers to h-flow targets. Triggers can be instruction attributes, data attributes, state attributes or event attributes. When a trigger is satisfied, the h-flow code specified by the target is executed in the h-flow pipeline.

Abstract: In one embodiment, when it is determined that a modification of content of an active address translation data structure is required, an entry in the active address translation data structure is modified to conform to a corresponding entry in a guest address translation data structure. During the modification, a bit field including one or more access control indicators in the entry of the active address translation data structure is not overwritten with corresponding data from the guest address translation data structure.

Abstract: In one embodiment, a method for resolving address space conflicts includes detecting that a guest operating system attempts to access a region occupied by a first portion of a virtual machine monitor and relocating the first portion of the virtual machine monitor within the first address space to allow the guest operating system to access the region previously occupied by the first portion of the virtual machine monitor.

Abstract: In one embodiment, a method includes transitioning control to a virtual machine (VM) from a virtual machine monitor (VMM), determining that a VMM timer indicator is set to an enabling value, and identifying a VMM timer value configured by the VMM. The method further includes periodically comparing a current value of a timing source with the VMM timer value, generating an internal event if the current value of the timing source has reached the VMM timer value, and transitioning control to the VMM in response to the internal event without incurring an event handling procedure in any one of the VMM and the VM.

Abstract: An apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment are described. The method includes disregarding a received load secure region instruction when a currently active load secure region operation is detected. Otherwise, a memory protection element is directed, in response to the received load secure region instruction, to form a secure memory environment. Once directed, unauthorized read/write access to one or more protected memory regions are prohibited. Finally, a cryptographic hash value of the one or more protected memory regions is stored within a digest information repository as a secure software identification value. Once stored, outside agents may request access to a digitally signed software identification value in order to establish security verification of secure software within the secure memory environment.

Abstract: One embodiment of the invention is method for resolving address space conflicts between a virtual machine monitor and a guest operating system. The method includes allocating an address space for the operating system and an address space for the monitor. The method also includes mapping a portion of the monitor into the address space allocated for the operating system and the address space allocated for the monitor, and locating another portion of the monitor in the address space allocated for the monitor. The method also includes detecting that the operating system attempts to access a region occupied by the portion of the monitor within the address space allocated for the operating system, and relocating that portion of the monitor within that address space to allow the operating system to access the region previously occupied by that portion of the monitor.

Abstract: A conjugate processor includes an instruction set architecture (ISA) visible portion having a main pipeline, and an h-flow portion having an h-flow pipeline. The binary executed on the conjugate processor includes an essential portion that is executed on the main pipeline and a non-essential portion that is executed on the h-flow pipeline. The non-essential portion includes hint calculus that is used to provide hints to the main pipeline. The conjugate processor also includes a conjugate mapping table that maps triggers to h-flow targets. Triggers can be instruction attributes, data attributes, state attributes or event attributes. When a trigger is satisfied, the h-flow code specified by the target is executed in the h-flow pipeline.

Abstract: In one embodiment, a method for supporting address translation in a virtual-machine environment includes creating a guest translation data structure to be used by a guest operating system for address translation operations, creating an active translation data structure based on the guest translation data structure, and periodically modifying the content of the active translation data structure to conform to the content of the guest translations data structure. The content of the active translation data structure is used by a processor to cache address translations in a translation-lookaside buffer (TLB).