Abstract: One disclosed embodiment includes a method for memory management. The method includes receiving a first request to clear one or more entries of a translation lookaside buffer (TLB), receiving a second request to clear one or more entries of the TLB, bundling the first request with the second request, determining that a processor associated with the TLB transitioned to an inactive mode, and dropping the bundled first and second requests based on the determination.

Abstract: Provided is a method of controlling memory access. In a system including a first layer element executed in a privileged mode having a first priority of permission to access the entire region of a memory and second and third layer elements executed in an unprivileged mode having a second priority of permission to access a partial region of the memory, the method of controlling memory access determines whether the memory is accessible for each page that is an address space unit, based on which mode a layer element currently accessing the memory is executed in between the privileged mode and the unprivileged mode; and determines whether the memory is accessible based on which one of the first, second and third layer elements corresponds to a domain currently being attempted to be accessed from among a plurality of domains of the memory.

Abstract: A method in one embodiment for operating a virtual server supporting at least one Write Once Read Many (WORM) logical data object and at least one read-write logical object includes initializing a logical data object from a common pool of the logical data objects, the logical data object bound with a member of a media type group, the member of the media type group comprising a WORM logical data object and a read-write logical data object; and reusing one of the logical data objects as the member of the media type group without ejection and reinsertion by mounting the logical data object with a write from beginning of logical data object to bind at least one data attribute to the member of the media type group to replace any previous attribute and data associated with the logical data object.

Abstract: A secure hardware comprises a secure pipe, a secure DMA, a secure assist and a secure bus, which connects between those blocks. The secure pipe stores a common encryption key in an encryption key table so as not to be able to access from software. The secure DMA comprises a data common key system process function and a hashing process function. The secure assist comprises a common key system process function and an authentication process function, receives an issued command from a program executed by the processor core via a public IF, and performs setting/control of the secure pipe and the secure DMA via the secure bus.

Abstract: In a virtualized system using memory page sharing, a method is provided for maintaining sharing when Guest code attempts to write to the shared memory. In one embodiment, virtualization logic uses a pattern matcher to recognize and intercept page zeroing code in the Guest OS. When the page zeroing code is about to run against a page that is already zeroed, i.e., contains all zeros, and is being shared, the memory writes in the page zeroing code have no effect. The virtualization logic skips over the writes, providing an appearance that the Guest OS page zeroing code has run to completion but without performing any of the writes that would have caused a loss of page sharing. The pattern matcher can be part of a binary translator that inspects code before it executes.

Abstract: A secure hardware comprises a secure pipe, a secure DMA, a secure assist and a secure bus, which connects between those blocks. The secure pipe stores a common encryption key in an encryption key table so as not to be able to access from software. The secure DMA comprises a data common key system process function and a hashing process function. The secure assist comprises a common key system process function and an authentication process function, receives an issued command from a program executed by the processor core via a public IF, and performs setting/control of the secure pipe and the secure DMA via the secure bus.

Abstract: A method of controlling data access to non-volatile memory is disclosed. The method includes storing a data file in a non-volatile memory. The non-volatile memory includes a memory array including a plurality of address ranges one or more of which corresponding to a protected portion of the memory array and one or more of which corresponding to an unprotected portion of the memory array. The method also includes communicating to a host device an indication that a memory request with respect to the protected portion of the memory array is denied. The indication is communicated for instructing the host device to avoid a timeout when the memory request is denied.

Abstract: According to an embodiment of the invention, a method for operating a data processing machine is described in which data about a state of the machine is written to a location in storage. The location is one that is accessible to software that may be written for the machine. The state data as written is encoded. This state data may be recovered from the storage according to a decoding process. Other embodiments are also described and claimed.

Abstract: In a virtualized system using memory page sharing, a method is provided for maintaining sharing when Guest code attempts to write to the shared memory. In one embodiment, virtualization logic uses a pattern matcher to recognize and intercept page zeroing code in the Guest OS. When the page zeroing code is about to run against a page that is already zeroed, i.e., contains all zeros, and is being shared, the memory writes in the page zeroing code have no effect. The virtualization logic skips over the writes, providing an appearance that the Guest OS page zeroing code has run to completion but without performing any of the writes that would have caused a loss of page sharing. The pattern matcher can be part of a binary translator that inspects code before it executes.

Abstract: Protection of shared data in a multi-core processing environment is disclosed. A page-fault handling mechanism is adapted to synchronize access to shared memory. An application of the present invention is for synchronizing access to potentially shared data, where the shared data is opaque in that it does not have a well-defined structure.

Abstract: A system and method to trigger synchronization and validation actions at memory access, in one aspect, identifies a storage class associated with a region of shared memory being accessed by a thread, determines whether the thread holds the storage class and acquires the storage class if the thread does not hold the storage class, identifies a programmable action associated with the storage class and the thread, and triggers the programmable action. One or more storage classes are respectively associated with one or more regions of shared memory. An array of storage classes associated with a thread holds one or more storage classes acquired by the thread. A configurable action table associated with a thread indicates one or more programmable actions associated with a storage class.

Abstract: In a computing system including a processor and virtualization software including a guest operating system (OS) that utilizes a guest domain access control register (DACR) containing domain access information and guest page tables including first level page tables (L1 page tables) and second level page tables (L2 page tables), which guest page tables contain: (a) domain identifiers used to obtain domain access information from the guest DACR and (b) access permission information, wherein the domain access information and the access permission information are combined to provide an effective guest access permission, in accordance with one embodiment, a method for providing shadow page tables and processor DACR settings that virtualize processor memory protection includes: the virtualization software providing a shadow page table wherein: (a) domain identifiers in the shadow page table are used to identify domain access information in the processor DACR that are mapped from the domain access information in the

Abstract: In a virtualized system using memory page sharing, a method is provided for maintaining sharing when Guest code attempts to write to the shared memory. In one embodiment, virtualization logic uses a pattern matcher to recognize and intercept page zeroing code in the Guest OS. When the page zeroing code is about to run against a page that is already zeroed, i.e., contains all zeros, and is being shared, the memory writes in the page zeroing code have no effect. The virtualization logic skips over the writes, providing an appearance that the Guest OS page zeroing code has run to completion but without performing any of the writes that would have caused a loss of page sharing. The pattern matcher can be part of a binary translator that inspects code before it executes.

Abstract: Computer-based methods, techniques, and systems for automatically protecting a storage device from unwanted alterations are provided. Example embodiments provide a Disk Access Redirection System, which includes a Redirection Driver, an Available Space Table (“AST”), a Protected Space Redirection Table (“PSRT”), and optionally an Unprotected Space Table (“UST”). The Redirection Driver is installed and registered with the computer operating system so that it can intercept storage device access requests (such as a disk read/write). When a storage access request for a read or write is sent, the request is intercepted by the Redirection Driver, transparent to the code that invokes the storage access request.

Abstract: A network component useful in tracking write activity by writing logs containing write address information is described. The tracking component may be used in networked systems employing data mirrors to record data block addresses written to a primary storage volume during the time a data mirror is unavailable. The tracking component can be available to any network originating node, and may therefore track write activity on multiple volumes. At the time a data mirror is reconstructed, the log written may be used to construct a list of block addresses pointing to locations on a primary storage volume wherein data differs from a secondary storage volume member of the mirror. The locations may be copied from the primary to secondary storage volume to reconstruct the data mirror. The performance impact of the tracking component is minimal and a shared network resource is offered that increases fault tolerance in the event of backup device failures.

Abstract: A memory is disclosed comprising a first memory portion, a second memory portion, and an interface, wherein the memory portions are electrically isolated from each other and the interface is capable of receiving a row command and a column command in the time it takes to cycle the memory once. By interleaving access requests (comprising row commands and column commands) to the different portions of the memory, and by properly timing these access requests, it is possible to achieve full data bus utilization in the memory without increasing data granularity.