Abstract: A system and method of translation bypass includes a hypervisor reserving a range of host virtual addresses. The hypervisor detects that a guest address is unmapped. The hypervisor determines a host virtual address. Determining the host virtual address includes adding the guest address to a host virtual address base offset. The host virtual address is within the range of host virtual addresses. The hypervisor maps the guest address to the host virtual address.
Abstract: Methods, systems, and computer program products are included for the intelligent garbage collection of containers. An example method includes providing a garbage collection data structure, the garbage collection data structure including metadata and one or more resource consumption parameters corresponding to the container. The one or more resource consumption parameters are analyzed by a machine-learning function. Based on the analyzing, the container is classified into one or more classes, the one or more classes including at least one of a suspicious container class, a malicious container class, or a normal container class. Based on the classifying, one or more garbage collection actions are performed on the container, including at least one of generating an alert corresponding to the container or reducing the resource consumption of the container.
Abstract: Methods, systems, and computer program products are included for providing snapshot version control. A method includes creating a snapshot corresponding to a file system at a first point in time. After creating the snapshot, a file management data structure of the file system is modified corresponding to a file creation, deletion, or modification. The modified file management data structure is compared to the snapshot to identify differences between the snapshot and the file management data structure. A user may select one or more of the identified differences for merging the selected differences from the snapshot to the file management data structure or from the file management data structure to the snapshot.
June 8, 2016
Date of Patent:
September 14, 2021
RED HAT ISRAEL, LTD.
Simcha Zacks, Oded Ramraz, Ilia Meerovich
Abstract: In an example embodiment, a hypervisor exposes a first guest device to a first virtual machine. The hypervisor exposes a virtual host device and a pass-through device to a second virtual machine. The hypervisor maps a first memory and a second memory into the second virtual machine at a first base address register and a second base address register associated with the virtual host device and pass-through device. The hypervisor sends a mapping from the first virtual machine to the second virtual machine. The hypervisor sends a first address of a first ring of the first guest device and a second address of a second ring of an assigned device to the second virtual machine.
Abstract: Technology for configuring and executing a shallow virtual machine to enhance memory protection between different portions of user space memory of a particular computing process. An example method may involve: associating a computing process with a virtual machine data structure, wherein the computing process initiates an update to the virtual machine data structure to cause a processor to switch between a page table structures; loading first and second executable code into user space memory of the computing process, wherein a first page table structure comprises mapping data for the first and second executable code and wherein the second executable code comprises driver code of a device; updating the second page table structure to disable execution of the first executable code and to map a portion of the user space memory to the device; and restricting the first executable code from accessing the memory mapped device.
Abstract: A method, system and computer readable medium for remote control of a remote device by a remote dashboard console of a client device. The method includes identifying the remote device for management via the remote dashboard console of the client device. The remote dashboard console receives a set of plug-ins associated with multiple remote device applications installed on the remote device from a remote dashboard agent of the remote device. The remote dashboard console of the client device executes a target application of the multiple remote device applications device using a corresponding plug-in of the set of plug-ins.
Abstract: An indication that a virtual machine has been migrated may be received. In response to receiving the indication, one or more network addresses associated with the virtual machine may be identified. A notification message corresponding to the one or more network addresses may be generated. The notification message may be transmitted on networks for the one or more network addresses. The virtual machine may determine whether a response message has been received for each of the one or more network addresses. The virtual machine may transmit a subsequent notification message in view of determining that at least one response message has not been received for at least one of the one or more network addresses.
Abstract: Implementations of the disclosure provide for hot-plugging of virtual functions in a virtualized environment. In one implementation, a computer system determines that virtual functions associated with a logical network for a virtual machine hosted on a first host system are unavailable on the first host system, identifies a logical network device on a second host system that is communicably accessible from the first host system, and determines that the logical network device on the second host system has a number of available virtual functions associated with the logical network. The computer system then migrates the virtual machine from the first host computer system to the second host computer system to allow the virtual machine to access the number of available virtual functions associated with the logical network on the second host system and associates a virtual device of the virtual machine with the number of available virtual functions.
Abstract: A system and method for scheduling of hyper-threaded CPUs using memory monitoring includes a memory with an operating system memory and a physical processor in communication with the memory. The physical processor includes a first hyper-thread and a second hyper-thread. A monitor instruction to monitor for updates to a designated memory location is executed in the first hyper-thread. The system further includes an operating system to execute on the physical processor and a system call configured to record in the operating system memory that the first hyper-thread is in a memory wait state. The system call is further configured to execute a memory wait instruction in the first hyper-thread. A task is executed in the second hyper-thread while the first hyper-thread is in the memory wait state.
Abstract: Authenticator plugin interface for an enterprise virtualization portal is provided. An example method for evaluating a portal access request may comprise: receiving, by a virtualization management platform, a request initiated by a requestor for access to an enterprise virtualization portal associated with the virtualization management platform, the request comprising a login credential; transmitting, to a first authentication system, a first authentication query comprising an identifier of a first data type, and a first value of the first data type, wherein the first value is derived from the login credential; receiving a first response message comprising an identifier of a second data type, and an authentication response of the second data type; and responsive to evaluating the authentication response, granting the requestor access to the enterprise virtualization portal.
Abstract: Systems and methods for managing interrupts generated by network interface controllers. An example method may comprise: responsive to determining that a memory pressure metric in a computer system does not exceed a threshold value, disabling interrupts that signal completion of a packet transmission by a network interface controller; transmitting a plurality of data packets by the network interface controller; and responsive to detecting that the memory pressure metric exceeds the threshold value, releasing a memory buffer allocated to a data packet of the plurality of data packets.
Abstract: Log record analysis based on reverse engineering of log record formats is disclosed. A computing device receives log record template data associated with a log record template comprising a plurality of field identifiers for a log record. The log record template data is analyzed to identify the plurality of field identifiers. Based on the log record template data and the plurality of field identifiers, a log record analysis function is automatically generated that is configured to receive a log record that was generated based on the log record template, extract a plurality of log data items from the log record, each log data item corresponding to one of the plurality of field identifiers, and output information that identifies the plurality of field identifiers and the plurality of log data items.
Abstract: Systems and methods for asynchronous mapping of a hot-plugged I/O device associated with a virtual machine. An example method comprises: executing, by a host computer system, a virtual machine managed by a hypervisor, wherein the virtual machine is associated with a hot-pluggable input/output (I/O) device; responsive to detecting removal of the I/O device, unpin a memory buffer associated with the I/O device; and responsive to receiving a signal indicating completion of unpinning the memory buffer, release the I/O device from the hypervisor.
Abstract: A method includes identifying a cloud and virtualization management system application programming interface (API), and identifying a software defined networking (SDN) API. The method further includes determining, by a processing device, one or more resources, relationships, or fields corresponding to the cloud and virtualization management system API and the SDN API. The method further includes generating, by the processing device, a skeleton model representing mappings between the one or more resources, relationships, or fields corresponding to the cloud and virtualization management system API and the SDN API. The method further includes and providing the skeleton model to a client device for display.
Abstract: Methods, systems, and computer program products are included for incorporating functionalities of a version control system into a package manager. An example method includes providing to a package manager a source file path corresponding to a source. A software version control system corresponding to the source is determined from the source file path. A command translation driver corresponding to the software version control system of the source is loaded by the package manager. The loaded command translation driver translates a package manager command to a corresponding command of the software version control system. The translated package manager command is executed by the package manager.
Abstract: Implementations of the disclosure provide for secret keys management in a virtualized data-center. In one implementation, a system is provided. The system comprises a memory to store secret key data and a processing device coupled to the memory. The processing device is to identify authentication information provided by a user, the authentication information comprising access information associated with a data storage domain, receive a secret key to access the data storage domain in view of the authentication information, wherein the secret key comprises a universally unique identifier (UUID), and register the secret key, wherein to register the secret key, the processing device to store a data structure in volatile memory indicating an association between the UUID of the secret key and the hypervisor.
Abstract: A method of adjusting a virtual machine GPU refresh rate to match a given remote desktop stream frame rate is described. The GPU refresh rate of a virtual machine in a virtual machine server environment can be adjusted to a value stored either in the virtual machine GPU or a graphics driver of the virtual machine. The value represents a desired refresh rate or desired frame rate and can be determine by a plurality of parameters that characterized a remote desktop client or a hypervisor in the virtual machine server environment based on network conditions and/or other factors. A guest operating system of the virtual machine receives the frame rate information, and adjusts a refresh rate of a virtual machine GPU, which uses the adjusted refresh rate to draw framebuffers to create a portion of a remote desktop image for transmission to the remote desktop client.
Abstract: A method performed by a physical computing system includes, with a hypervisor, presenting a virtualized Remote Direct Memory Access (RDMA) device to a guest, with the hypervisor, allocating a portion of total guest memory to the guest, with the hypervisor, determining a memory threshold for the guest, the memory threshold being based on a number of virtual machines managed by the hypervisor and a size of total guest memory, with the hypervisor, receiving from the guest, a first request to register a first size sub-portion of the portion of total guest memory to the virtualized RDMA device, and with the hypervisor, in response to determining that the first size sub-portion exceeds the memory threshold, returning a notification to the guest, the notification indicating that the first request failed. The first size sub-portion is less than the portion of total guest memory.
Abstract: An initiation of a network device on a host system may be detected and an IP address may be assigned to the network device. Furthermore, a network gateway may be associated with the IP address. In some embodiments, a network may be assigned to the network device. The network may be configured to route outgoing data from the network through the network gateway as opposed to a default network gateway.
Abstract: Virtualized computing resources can be managed in a cloud computing environment. For example, a system can receive input indicating that a cloud computing environment is to be reverted back to a prior state prior to an event occurring. Based on the input, the system can determine actions that were performed in the cloud computing environment in response to the event. Each action can involve a creation, a modification, or a deletion of a virtualized computing resource in the cloud computing environment. The system can determine a particular order in which the actions were performed by analyzing timestamps corresponding to the actions. The system can then revert the cloud computing environment back to the prior state by performing an inverse of each action in the plurality of actions in a reverse order to the particular order.