Abstract: A method for protecting memory pages of a computing device using a hypervisor includes detecting, by a hypervisor, a token associated with the trusted program, in response to receiving a hypercall from a trusted program. The token associated with the trusted program is checked against a saved token of the hypervisor to determine trustworthiness of the trusted program. The hypervisor creates a memory page containing a safe hypercall address of the hypervisor. Addresses of the memory page are transmitted from the hypervisor to the trusted program. The hypervisor allows execution of the hypercall by the trusted program accessing the safe hypercall address found at the addresses of the memory page.

Abstract: Disclosed are systems and methods for protecting memory pages of a computing device using a hypervisor. An exemplary method comprises: in response to receiving a hypercall from a trusted program, detecting, by a hypervisor, a token associated with the trusted program, checking the token associated with the trusted program against a saved token of the hypervisor to determine trustworthiness of the trusted program, creating, by the hypervisor, a memory page comprising a safe hypercall address of the hypervisor, transmitting addresses of the memory page from the hypervisor to the trusted program and allowing, by the hypervisor, execution of the hypercall by the trusted program accessing the safe hypercall address found at the addresses of the memory page.

Abstract: Systems and methods for protecting memory pages of a computing device using a hypervisor comprise: in response to receiving a hypercall from a trusted program, detecting by the hypervisor a token associated with the trusted program; checking the token associated with the trusted program against a saved token of the hypervisor; in response to detecting that the token associated with the trusted program matches the saved token of the hypervisor, transmitting addresses of a plurality of memory pages from the hypervisor to the trusted program; and performing a checksums verification for data stored in the plurality of memory pages.

Abstract: Disclosed are systems and methods for protecting memory pages of a computing device using a hypervisor. An exemplary method comprises: in response to receiving a hypercall from a trusted program, detecting by the hypervisor a token associated with the trusted program; checking the token associated with the trusted program against a saved token of the hypervisor; in response to detecting that the token associated with the trusted program matches the saved token of the hypervisor, transmitting addresses of a plurality of memory pages from the hypervisor to the trusted program; and performing a checksums verification for data stored in the plurality of memory pages.

Abstract: Disclosed are systems and methods for enabling secure execution of code in hypervisor mode. An exemplary method comprises: loading a hypervisor configured to check integrity of protected virtual memory pages; loading a trusted program configured to make hypercalls to the hypervisor; making by the trusted program a first hypercall to the hypervisor; responsive to the first hypercall, generating by the hypervisor a token, which is used by the hypervisor to identify the trusted program during subsequent hypercalls; allocating a memory page for storing the token and a memory address of the hypervisor; and returning the allocated memory page address to the trusted program.