Patents Assigned to RAVELLO SYSTEMS LTD.
-
Patent number: 9946870Abstract: A method and apparatus for efficiently executing guest programs in a virtualized computing environment are presented. The method includes executing a virtual machine on a computing hardware; executing a single hypervisor in a first security ring on the virtual machine; executing a single guest program on the virtual machine, wherein the single guest program includes a single kernel being executed in the first security ring and at least one application being executed in a second security ring; and executing at least an instruction issued by the at least one application without trapping the single hypervisor.Type: GrantFiled: October 26, 2015Date of Patent: April 17, 2018Assignee: Ravello Systems Ltd.Inventors: Izik Eidus, Leonid Shatz, Michael Rapoport, Alexander Fishman
-
Patent number: 9866525Abstract: A proxy and method for performing source destination network address translation are presented. The method includes receiving a first message from a node communicatively connected to a first network to access a resource communicatively connected to a second network, wherein the first message contains at least a source address and a destination address used within the first network; translating the destination address designated in the first message to an address of the resource; generating a unique address for the destination address designated in the first message, wherein the unique address is an address not in use on the second network; providing a translated message including the translated destination address and the unique address; and forwarding the translated message to the resource communicatively connected to the second network.Type: GrantFiled: March 20, 2017Date of Patent: January 9, 2018Assignee: Ravello Systems LtdInventors: Boris Figovsky, Alexander Fishman
-
Publication number: 20170230330Abstract: A proxy and method for performing source destination network address translation are presented. The method includes receiving a first message from a node communicatively connected to a first network to access a resource communicatively connected to a second network, wherein the first message contains at least a source address and a destination address used within the first network; translating the destination address designated in the first message to an address of the resource; generating a unique address for the destination address designated in the first message, wherein the unique address is an address not in use on the second network; providing a translated message including the translated destination address and the unique address; and forwarding the translated message to the resource communicatively connected to the second network.Type: ApplicationFiled: March 20, 2017Publication date: August 10, 2017Applicant: Ravello Systems LtdInventors: Boris Figovsky, Alexander Fishman
-
Patent number: 9652274Abstract: A method and apparatus for virtual address mapping are provided. The method includes determining an offset value respective of at least a first portion of code stored on a code memory unit, generating a first virtual code respective of the first portion of code and a second virtual code respective of a second portion of code stored on the code memory unit; mapping the first virtual code to a first virtual code address and the second virtual code to a second virtual code address; generating a first virtual data respective of the first portion of data and a second virtual data respective of the second portion of data; and mapping the first virtual data to a first virtual data address and the second virtual data to a second virtual data address.Type: GrantFiled: December 8, 2014Date of Patent: May 16, 2017Assignee: Ravello Systems Ltd.Inventor: Leonid Shatz
-
Patent number: 9648121Abstract: A proxy and method for performing source destination network address translation are presented. The method includes receiving a first message from a node communicatively connected to a first network to access a resource communicatively connected to a second network, wherein the first message contains at least a source address and a destination address used within the first network; translating the destination address designated in the first message to an address of the resource; generating a unique address for the destination address designated in the first message, wherein the unique address is an address not in use on the second network; providing a translated message including the translated destination address and the unique address; and forwarding the translated message to the resource communicatively connected to the second network.Type: GrantFiled: May 27, 2015Date of Patent: May 9, 2017Assignee: Ravello Systems Ltd.Inventors: Boris Figovsky, Alexander Fishman
-
Patent number: 9647902Abstract: An independent overlay and a method for creating an independent overlay of a virtualized network for virtualized hosts over a physical network to allow access between a first virtualized guest and a second virtualized guest over the physical network. The independent overlay includes a physical network; a first virtualized host instantiating thereon a first guest; a second virtualized host instantiating thereon a second guest, wherein a first communication port and a second communication port are communicatively connected to constitute a distributed communication element that enables a virtualized network for communication between the first guest and the second guest via the first communication port and the second communication port, respectively; and a media access (MAC) discovery mechanism.Type: GrantFiled: March 28, 2016Date of Patent: May 9, 2017Assignee: Ravello Systems Ltd.Inventors: Alexander Fishman, Gil Hoffer, Rami Tamir, Benny Schnaider
-
Publication number: 20170003988Abstract: A method and apparatus for virtual address mapping are provided. The method includes determining an offset value respective of at least a first portion of code stored on a code memory unit, generating a first virtual code respective of the first portion of code and a second virtual code respective of a second portion of code stored on the code memory unit; mapping the first virtual code to a first virtual code address and the second virtual code to a second virtual code address; generating a first virtual data respective of the first portion of data and a second virtual data respective of the second portion of data; and mapping the first virtual data to a first virtual data address and the second virtual data to a second virtual data address.Type: ApplicationFiled: December 8, 2014Publication date: January 5, 2017Applicant: Ravello Systems Ltd.Inventor: Leonid Shatz
-
Publication number: 20160212018Abstract: An independent overlay and a method for creating an independent overlay of a virtualized network for virtualized hosts over a physical network to allow access between a first virtualized guest and a second virtualized guest over the physical network. The independent overlay includes a physical network; a first virtualized host instantiating thereon a first guest; a second virtualized host instantiating thereon a second guest, wherein a first communication port and a second communication port are communicatively connected to constitute a distributed communication element that enables a virtualized network for communication between the first guest and the second guest via the first communication port and the second communication port, respectively; and a media access (MAC) discovery mechanism.Type: ApplicationFiled: March 28, 2016Publication date: July 21, 2016Applicant: Ravello Systems Ltd.Inventors: Alexander FISHMAN, Gil HOFFER, Rami TAMIR, Benny SCHNAIDER
-
Patent number: 9306832Abstract: A method for operating a virtualized network that communicatively connects between a plurality of communication ports, instantiated for a plurality of guest operating systems executed over a plurality of hosts. The method comprises instantiating a communication port for each of the plurality of guests; performing a discovery media access control (MAC) address process of at least one destination guest of the plurality of guests by a source guest; sending a ping request from the source request to the at least one destination guest; and creating the virtualized network to allow communication between the source guest with the at least one destination guest, wherein the virtualized network is created over the physical network.Type: GrantFiled: February 21, 2013Date of Patent: April 5, 2016Assignee: Ravello Systems Ltd.Inventors: Alexander Fishman, Gil Hoffer, Rami Tamir, Benny Schnaider
-
Publication number: 20160048676Abstract: A method and apparatus for efficiently executing guest programs in a virtualized computing environment are presented. The method includes executing a virtual machine on a computing hardware; executing a single hypervisor in a first security ring on the virtual machine; executing a single guest program on the virtual machine, wherein the single guest program includes a single kernel being executed in the first security ring and at least one application being executed in a second security ring; and executing at least an instruction issued by the at least one application without trapping the single hypervisor.Type: ApplicationFiled: October 26, 2015Publication date: February 18, 2016Applicant: RAVELLO SYSTEMS LTD.Inventors: Izik EIDUS, Leonid SHATZ, Michael RAPOPORT, Alexander FISHMAN
-
Publication number: 20150350157Abstract: A proxy and method for performing source destination network address translation are presented. The method includes receiving a first message from a node communicatively connected to a first network to access a resource communicatively connected to a second network, wherein the first message contains at least a source address and a destination address used within the first network; translating the destination address designated in the first message to an address of the resource; generating a unique address for the destination address designated in the first message, wherein the unique address is an address not in use on the second network; providing a translated message including the translated destination address and the unique address; and forwarding the translated message to the resource communicatively connected to the second network.Type: ApplicationFiled: May 27, 2015Publication date: December 3, 2015Applicant: Ravello Systems Ltd.Inventors: Boris FIGOVSKY, Alexander FISHMAN
-
Patent number: 9176763Abstract: A method for efficient execution of a guest in a virtualized computing environment is provided. The method comprises causing an execution of at least one virtual machine on a computing hardware, the virtual machine executes a hypervisor in a first security ring; and causing an execution of a single guest program on one of the at least one virtual machines, the single guest program comprises a kernel being executed in the first security ring and at least one application being executed in a second security ring.Type: GrantFiled: November 26, 2012Date of Patent: November 3, 2015Assignee: Ravello Systems Ltd.Inventors: Izik Eidus, Leonid Shatz, Michael Rapoport, Alexander Fishman
-
Publication number: 20150095612Abstract: A method and apparatus for virtual address mapping are provided. The method includes determining an offset value respective of at least a first portion of code stored on a code memory unit, generating a first virtual code respective of the first portion of code and a second virtual code respective of a second portion of code stored on the code memory unit; mapping the first virtual code to a first virtual code address and the second virtual code to a second virtual code address; generating a first virtual data respective of the first portion of data and a second virtual data respective of the second portion of data; and mapping the first virtual data to a first virtual data address and the second virtual data to a second virtual data address.Type: ApplicationFiled: December 8, 2014Publication date: April 2, 2015Applicant: Ravello Systems Ltd.Inventor: Leonid Shatz
-
Patent number: 8918608Abstract: In a computing system where a plurality of processing units may execute a shared code independently, it is necessary to address data issues related to execution of the shared code and separate data. According to various embodiments disclosed herein, the per-processing unit data can be efficiently addressed in a program counter relative mode where data is accessed using a data offset value for each processing unit when the data blocks are positioned at spaces of a predetermined offset value. Further, the per-processing unit of common code in different virtual addresses is mapped to a common physical address. As a result, while each of the processing units access the exact same instruction code in physical memory it accesses a different area in memory for manipulation of data.Type: GrantFiled: May 30, 2012Date of Patent: December 23, 2014Assignee: Ravello Systems Ltd.Inventor: Leonid Shatz
-
Publication number: 20140052932Abstract: A computerized method for efficient handling of a privileged instruction executed by a virtual machine (VM). The method comprises identifying when the privileged instruction causes a VM executed on a computing hardware to perform a VM exit; replacing a first virtual-to-physical address mapping to a second virtual-to-physical address mapping respective of a virtual pointer associated with the privileged instruction; and invalidating at least a cache entry in a cache memory allocated to the VM, thereby causing a new translation for the virtual pointer to the second virtual-to-physical address, wherein the second virtual-to-physical address provides a pointer to a physical address in a physical memory in the computing hardware allocated to the VM.Type: ApplicationFiled: October 23, 2012Publication date: February 20, 2014Applicant: RAVELLO SYSTEMS LTD.Inventors: Izik Eidus, Leonid Shatz, Alexander Fishman
-
Publication number: 20130227107Abstract: A method for operating a virtualized network that communicatively connects between a plurality of communication ports, instantiated for a plurality of guest operating systems executed over a plurality of hosts. The method comprises instantiating a communication port for each of the plurality of guests; performing a discovery media access control (MAC) address process of at least one destination guest of the plurality of guests by a source guest; sending a ping request from the source request to the at least one destination guest; and creating the virtualized network to allow communication between the source guest with the at least one destination guest, wherein the virtualized network is created over the physical network.Type: ApplicationFiled: February 21, 2013Publication date: August 29, 2013Applicant: RAVELLO SYSTEMS LTD.Inventor: RAVELLO SYSTEMS LTD.
-
Publication number: 20130179651Abstract: In a computing system where a plurality of processing units may execute a shared code independently, it is necessary to address data issues related to execution of the shared code and separate data. According to various embodiments disclosed herein, the per-processing unit data can be efficiently addressed in a program counter relative mode where data is accessed using a data offset value for each processing unit when the data blocks are positioned at spaces of a predetermined offset value. Further, the per-processing unit of common code in different virtual addresses is mapped to a common physical address. As a result, while each of the processing units access the exact same instruction code in physical memory it accesses a different area in memory for manipulation of data.Type: ApplicationFiled: May 30, 2012Publication date: July 11, 2013Applicant: RAVELLO SYSTEMS LTD.Inventor: Leonid Shatz
-
Publication number: 20130145363Abstract: An apparatus and method of operation in a para-virtualized environment. The method includes executing a first hypervisor on a hardware platform of a computing device; and executing a second hypervisor over the first hypervisor, the second hypervisor is configured to capture at least a privileged instruction called by an unmodified guest program executed over the second hypervisor and cause the first hypervisor to execute an instruction corresponding to the captured privileged instruction, wherein the unmodified guest program and the second hypervisor operate in a user space protection domain, e.g., Ring 3, and the at least privileged instruction should be executed in a kernel space protection domain, e.g., Ring 0.Type: ApplicationFiled: March 22, 2012Publication date: June 6, 2013Applicant: RAVELLO SYSTEMS LTD.Inventors: Izik Eidus, Leonid Shatz, Michael Rapoport, Alexander Fishman
-
Publication number: 20130139159Abstract: A method for efficient execution of a guest in a virtualized computing environment is provided. The method comprises causing an execution of at least one virtual machine on a computing hardware, the virtual machine executes a hypervisor in a first security ring; and causing an execution of a single guest program on one of the at least one virtual machines, the single guest program comprises a kernel being executed in the first security ring and at least one application being executed in a second security ring.Type: ApplicationFiled: November 26, 2012Publication date: May 30, 2013Applicant: RAVELLO SYSTEMS LTD.Inventor: Ravello Systems Ltd.