US20050080934A1 - Invalidating translation lookaside buffer entries in a virtual machine (VM) system - Google Patents

Invalidating translation lookaside buffer entries in a virtual machine (VM) system Download PDF

Info

Publication number
US20050080934A1
US20050080934A1 US10/676,584 US67658403A US2005080934A1 US 20050080934 A1 US20050080934 A1 US 20050080934A1 US 67658403 A US67658403 A US 67658403A US 2005080934 A1 US2005080934 A1 US 2005080934A1
Authority
US
United States
Prior art keywords
word
vmx
processor
tlbvmx
tlb
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/676,584
Inventor
Erik Cota-Robles
Andy Glew
Stalinselvaraj Jeyasingh
Alain Kagi
Michael Kozuch
Gilbert Neiger
Richard Uhlig
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Intel Corp
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Priority to US10/676,584 priority Critical patent/US20050080934A1/en
Assigned to INTEL CORPORATION reassignment INTEL CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: NEIGER, GILBERT, UHLIG, RICHARD, KOZUCH, MICHAEL A., COTA-ROBLES, ERIK C., GLEW, ANDY, JEYASINGH, STALINSELVARAJ, KAGI, ALAIN
Priority to US10/973,678 priority patent/US7865670B2/en
Publication of US20050080934A1 publication Critical patent/US20050080934A1/en
Priority to US12/959,109 priority patent/US8543772B2/en
Priority to US13/837,648 priority patent/US8751752B2/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1027Address translation using associative or pseudo-associative address translation means, e.g. translation look-aside buffer [TLB]
    • G06F12/1036Address translation using associative or pseudo-associative address translation means, e.g. translation look-aside buffer [TLB] for multiple virtual address spaces, e.g. segmentation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1027Address translation using associative or pseudo-associative address translation means, e.g. translation look-aside buffer [TLB]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30003Arrangements for executing specific machine instructions
    • G06F9/30076Arrangements for executing specific machine instructions to perform miscellaneous control operations, e.g. NOP
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/15Use in a specific computing environment
    • G06F2212/151Emulated environment, e.g. virtual machine

Definitions

  • This invention relates to virtual machines.
  • the invention relates to translation lookaside buffers that support a virtual-machine system.
  • a virtual-machine system is a computer system that includes a virtual machine monitor (VMM) supporting one or more virtual machines (VMs).
  • VMM virtual machine monitor
  • a Virtual Machine Monitor (VMM) is a software program that controls physical computer hardware and presents programs executing within a Virtual Machine (VM) with the illusion that they are executing on real physical computer hardware.
  • Each VM typically functions as a self-contained platform, controlled by a “guest” operating system (OS), i.e., an OS hosted by the VMM, which executes as if it were running on a real machine instead of within a VM.
  • OS guest operating system
  • a VM e.g., attempts to configure device hardware
  • VMM virtual hardware resources
  • a memory address generated by software (a “virtual” address) is translated by hardware into a physical address which is then used to reference memory. This translation process is called paging, and the hardware used to perform the translation is called the paging hardware.
  • the virtual-to-physical address translation is defined by system software in a set of data structures (called page tables) that reside in memory.
  • page tables data structures
  • Modem virtual-memory systems typically incorporate into a system's central processing unit (CPU) a specialized caching structure, often called a translation lookaside buffer (TLB), which stores information about virtual-to-physical address translations and which can be accessed far more quickly than memory.
  • TLB translation lookaside buffer
  • an OS When an OS stops executing one process and begins executing another, it will typically change the address space by directing the hardware to use a new set of paging structures. This can be accomplished using a software or hardware mechanism to invalidate or remove the entire contents of the TLB. More frequent than changes between processes are transitions of control between a process and OS software. Because of this, system performance would suffer significantly if the TLB were invalidated on each such transition. Thus, modern operating systems are typically constructed so that no change of address space is required. One or more ranges of (virtual) memory addresses in every address space are protected so that only the OS can access addresses in those ranges.
  • FIG. 1 is a diagram illustrating a system in which one embodiment of the invention can be practiced.
  • FIG. 2 is a diagram illustrating a translation lookaside buffer (TLB) shown in FIG. 1 according to one embodiment of the invention.
  • TLB translation lookaside buffer
  • FIG. 3 is a flowchart illustrating an invalidating policy for the TLB entries shown in FIG. 2 according to one embodiment of the invention.
  • FIG. 4 is a list of operations that cause TLB entry invalidations according to one embodiment of the invention. Such operations are referred to as invalidation operations in the following description.
  • One embodiment of the present invention is a technique to invalidate entries in a translation lookaside buffer (TLB).
  • TLB translation lookaside buffer
  • a translation lookaside buffer (TLB) in a processor has a plurality of TLB entries. Each TLB entry is associated with a virtual machine extension (VMX) tag word indicating if the associated TLB entry is invalidated according to a processor mode when an invalidation operation is performed.
  • the processor mode is one of execution in a virtual machine (VM) and execution not in a virtual machine.
  • VMCS Virtual Machine Control Structure
  • the VMCS is stored in a region of memory and contains, for example, state of the guest, state of the VMM, and control information indicating under which conditions the VMM wishes to regain control during guest execution.
  • the one or more processors in the physical machine read information from the VMCS to determine the execution environment of the VM and VMM, and to constrain the behavior of the guest software appropriately.
  • the translation process will require one or more memory references because the paging hardware may need to fetch from memory data from one or more page tables.
  • the virtual-to-physical address translation defined by a set of page tables is called an address space.
  • operating systems execute each application program, or process, in a separate address space.
  • the TLB is largely under the control of the paging hardware.
  • One embodiment of the present invention relates to systems in which the paging hardware determines when to cache in the TLB a virtual-to-physical address translation that has been fetched from the page tables in memory.
  • the paging structures that define the address translation reside in memory and may be modified by system software. This may cause translation information cached in the TLB to become out of date.
  • systems allow software to direct the hardware to use an entirely different set of paging structures so that the entire contents of the TLB may become out of date.
  • the hardware of some virtual-memory systems may detect such changes and then remove or modify out-of-date translation information while other systems provide software with special instructions to remove such information and still other systems use a combination of the two techniques.
  • FIG. 1 is a diagram illustrating a computer system 100 in which one embodiment of the invention can be practiced.
  • the computer system 100 includes a processor 110 , a host bus 120 , a memory control hub (MCH) 130 , a system memory 140 , an input/output control hub (ICH) 150 , a mass storage device 170 , and input/output devices 180 1 to 180 K .
  • MCH memory control hub
  • ICH input/output control hub
  • the processor 110 represents a central processing unit of any type of architecture, such as embedded processors, micro-controllers, digital signal processors, superscalar computers, vector processors, single instruction multiple data (SIMD) computers, complex instruction set computers (CISC), reduced instruction set computers (RISC), very long instruction word (VLIW), or hybrid architecture.
  • the processor 110 is compatible with the Intel Architecture (IA) processor, sometimes referred to as IA-32.
  • the processor 110 typically contains a number of control registers to support memory management tasks such as virtual memory and cache memory. These tasks may include paging and segmentation.
  • the processor I 10 also has a cache unit 117 .
  • the cache unit 117 has a translation lookaside buffer (TLB) I 19 .
  • the processor 110 is compatible with the Intel Architecture (IA) processor, has control registers and a TLB and further supports a Virtual Machine eXtension (VMX) mode.
  • the VMX mode is a mode whereby all virtualization holes in the processor's instruction set are trapped.
  • Software in this new mode executes with as many protection rings (e.g., 4) and with the same paging protection as it would ordinarily have, but whenever privileged software in a VM attempts to change machine state that is virtualized (e.g., mask interrupts) a variety of hardware and software techniques are used by hardware (e.g., the processor), software (e.g., the VMM) or both to provide software in the VM with the illusion that it has effected the change to the actual hardware state when in fact only the model presented to the VM has changed state.
  • hardware e.g., the processor
  • software e.g., the VMM
  • the control registers include a first control register CR_PA 112 and a second control register CR_PM 114 .
  • the CR_PA register contains the (physical) address of the currently active page table while the CR_PM register contains various “paging_mode” fields such as a “page mode” bit to enable paging.
  • these control registers are mapped onto the control registers with the same functionality in the Intel Instruction Set Architecture as follows: CR_PA 112 is CR3, and some fields of CR_PM are located in CR0 and others in CR4.
  • the CR_PM 114 register has a new control word of 1 or more bits in size that is only configurable by software when the processor is not in VMX mode: Translation Lookaside Buffer Virtual Machine eXtension (TLBVMX).
  • CR_PM 114 register has two new control words of identical size of 1 or more bits that are only configurable by software when the processor is not in VMX mode: Translation Lookaside Buffer Virtual Machine eXtension (TLBVMX word) and Invalidation Translation Lookaside Buffer Virtual Machine eXtension (TLBVMX invalidation word).
  • CR_PM 114 register has two new control words of identical size of 1 or more bits that are only configurable by software when the processor is not in VMX mode: Translation Lookaside Buffer Virtual Machine extension (TLBVMX word) and Translation Lookaside Buffer Virtual Machine extension Mask (TLBVMX mask word).
  • CR_PM 114 register has one new control word of size of 1 or more bits that is fully configurable by software when the processor is not in VMX mode: Translation Lookaside Buffer Virtual Machine extension (TLBVMX word) and the Virtual Machine Control Structure (VMCS) has a new field of identical size, Translation Lookaside Buffer Virtual Machine eXtension Mask (TLBVMX mask field).
  • TLBVMX mask field is inverted and the condition for access is inverted such that access to bits of the TLBVMX word is only allowed for bits that are set in the TLBVMX mask field in the currently active VMCS.
  • the host bus 120 provides interface signals to allow the processor 110 to communicate with other processors or devices, e.g., the MCH 130 .
  • the host bus 120 may support a uni-processor or multiprocessor configuration.
  • the host bus 120 may be parallel, sequential, pipelined, asynchronous, synchronous, or any combination thereof.
  • the MCH 130 provides control and configuration of memory and input/output devices such as the system memory 140 and the ICH 150 .
  • the MCH 130 may be integrated into a chipset that integrates multiple functionalities such as the isolated execution mode, host-to-peripheral bus interface, memory control. For clarity, not all the peripheral buses are shown. It is contemplated that the system 100 may also include peripheral buses such as Peripheral Component Interconnect (PCI), accelerated graphics port (AGP), Industry Standard Architecture (ISA) bus, and Universal Serial Bus (USB), etc.
  • PCI Peripheral Component Interconnect
  • AGP accelerated graphics port
  • ISA Industry Standard Architecture
  • USB Universal Serial Bus
  • the system memory 140 stores system code and data.
  • the system memory 140 is typically implemented with dynamic random access memory (DRAM) or static random access memory (SRAM).
  • the system memory may include program code or code segments implementing one embodiment of the invention.
  • the system memory includes a virtual machine (VM) module 145 and a virtual machine monitor (VMM) module 148 .
  • the VM and VMM 145 and 148 may also be implemented by hardware, software, firmware, microcode, or any combination thereof.
  • the system memory 140 may also include other programs or data which are not shown, such as one or more guest operating systems, as well as sets of page tables 190 1 to 190 L .
  • the sets of page tables 190 1 to 190 L may be created and maintained by software and reside in system memory 140 or they may be implemented and maintained by hardware, firmware, microcode, or any combination thereof. There may be one or more sets of page tables for the Virtual Machine Monitor (VMM) and one or more sets of page tables for each of one or more Virtual Machines (VMs).
  • VMM Virtual Machine Monitor
  • VMs Virtual Machines
  • the ICH 150 has a number of functionalities that are designed to support I/O functions.
  • the ICH 150 may also be integrated into a chipset together or separate from the MCH 130 to perform I/O functions.
  • the ICH 150 may include a number of interface and I/O functions such as PCI bus interface, processor interface, interrupt controller, direct memory access (DMA) controller, power management logic, timer, universal serial bus (USB) interface, mass storage interface, low pin count (LPC) interface, etc.
  • the mass storage device 170 stores archive information such as code, programs, files, data, applications, and operating systems.
  • the mass storage device 170 may include compact disk (CD) ROM 172 , floppy diskettes 174 , and hard drive 176 , and any other magnetic or optic storage devices.
  • the mass storage device 170 provides a mechanism to read machine-readable media.
  • the I/O devices 180 1 to 180 K may include any I/O devices to perform I/O functions.
  • I/O devices 180 1 to 180 K include controller for input devices (e.g., keyboard, mouse, trackball, pointing device), media card (e.g., audio, video, graphics), network card, and any other peripheral controllers.
  • Elements of one embodiment of the invention may be implemented by hardware, firmware, software or any combination thereof.
  • hardware generally refers to an element having a physical structure such as electronic, electromagnetic, optical, electro-optical, mechanical, electromechanical parts, etc.
  • software generally refers to a logical structure, a method, a procedure, a program, a routine, a process, an algorithm, a formula, a function, an expression, etc.
  • firmware generally refers to a logical structure, a method, a procedure, a program, a routine, a process, an algorithm, a formula, a function, an expression, etc. that is implemented or embodied in a hardware structure (e.g., flash memory).
  • firmware may include microcode, writable control store, and micro-programmed structure.
  • the elements of an embodiment of the present invention are essentially the code segments to perform the necessary tasks.
  • the software/firmware may include the actual code to carry out the operations described in one embodiment of the invention, or code that emulates or simulates the operations.
  • the program or code segments can be stored in a processor or machine accessible medium or transmitted by a computer data signal embodied in a carrier wave, or a signal modulated by a carrier, over a transmission medium.
  • the “processor readable or accessible medium” or “machine readable or accessible medium” may include any medium that can store, transmit, or transfer information.
  • Examples of the processor readable or machine accessible medium include an electronic circuit, a semiconductor memory device, a read only memory (ROM), a flash memory, an erasable ROM (EROM), a floppy diskette, a compact disk (CD) ROM, an optical disk, a hard disk, a fiber optic medium, a radio frequency (RF) link, etc.
  • the computer data signal may include any signal that can propagate over a transmission medium such as electronic network channels, optical fibers, air, electromagnetic, RF links, etc.
  • the code segments may be downloaded via computer networks such as the Internet, Intranet, etc.
  • the machine accessible medium may be embodied in an article of manufacture.
  • the machine accessible medium may include data that, when accessed by a machine, cause the machine to perform the operations described in the following.
  • the machine accessible medium may also include program code embedded therein.
  • the program code may include machine readable code to perform the operations described in the following.
  • the term “data” here refers to any type of information that is encoded for machine-readable purposes. Therefore, it may include program, code, data, file, etc.
  • All or part of an embodiment of the invention may be implemented by hardware, software, or firmware, or any combination thereof.
  • the hardware, software, or firmware element may have several modules coupled to one another.
  • a hardware module is coupled to another module by mechanical, electrical, optical, electromagnetic or any physical connections.
  • a software module is coupled to another module by a function, procedure, method, subprogram, or subroutine call, a jump, a link, a parameter, variable, and argument passing, a function return, etc.
  • a software module is coupled to another module to receive variables, parameters, arguments, pointers, etc. and/or to generate or pass results, updated variables, pointers, etc.
  • a firmware module is coupled to another module by any combination of hardware and software coupling methods above.
  • a hardware, software, or firmware module may be coupled to any one of another hardware, software, or firmware module.
  • a module may also be a software driver or interface to interact with the operating system running on the platform.
  • a module may also be a hardware driver to configure, set up, initialize, send and receive data to and from a hardware device.
  • An apparatus may include any combination of hardware, software, and firmware modules.
  • One embodiment of the invention may be described as a process which is usually depicted as a flowchart, a flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed. A process may correspond to a method, a program, a procedure, a method of manufacturing or fabrication, etc.
  • FIG. 2 is a diagram illustrating a translation lookaside buffer (TLB) 119 shown in FIG. 1 according to one embodiment of the invention.
  • the TLB 119 includes a storage 210 and an invalidating mechanism 240 .
  • the storage 210 is a fast memory organized with two fields TLB entry 220 and virtual machine extension (VMX) tag word 230 .
  • the TLB 220 has N TLB entries 220 1 to 220 N and the VMX tag word array 230 has N VMX tag words 230 1 to 230 N .
  • Each of the N TLB entries 220 1 to 220 N has an associated VMX tag word.
  • Each of the N TLB entries 220 1 to 220 N is referred to as a TLB translation or translation for short.
  • Each of the VMX tag words 230 1 to 230 N indicates if the associated TLB entry is invalidated according to a processor mode when an invalidation operation is performed.
  • a VMX tag word When a VMX tag word is non-zero, the corresponding TLB entry is referred to as a VMX translation. When a VMX tag word is zero (0), the corresponding TLB entry is referred to as a non-VMX translation.
  • the processor may be in VMX mode.
  • VMX mode is the mode when the processor is executing guest code in a VM.
  • the processor is not in VMX mode when the VMM is executing.
  • the VMM operates in the protected mode of operation of an Intel Architecture processor.
  • the VMM may create several VMs and each of the VMs operates in VMX mode.
  • the processor mode may be set by a hardware circuit or by a configuration word programmed by software.
  • Each of the VMX tag words 230 1 to 230 N may correspond to a VM created by the VMM.
  • the VMX tag word field 230 has a word size of one bit.
  • the VMX tag word is a single bit, so it is always 1 when in VMX mode and 0 when not in VMX mode (or vice versa).
  • the active level of logical 1 or 0 is for illustrative purposes. Other active levels may be used.
  • a bit is said to be asserted when it is set to its active level and to be negated when it is set to the complement of its active level. In the Intel Architecture, the value of this bit could be stored in a control register, a model-specific register, a new architectural register, or a new register.
  • the value of this bit need not be visible at all and the Translation Lookaside Buffer Virtual Machine eXtension (TLBVMX word) need not exist per se since the necessary information can be derived automatically from other processor state (i.e., 1 when in VMX mode, 0 when not, or vice versa).
  • the VMX tag word is larger than one bit and it is then set to the new value of the TLBVMX control word, which corresponds to the particular VM being executed, as the processor transitions into VMX mode. To maintain proper operation of the processor, the VMM would naturally prevent direct accesses by guest OSes to the TLBVMX control word
  • the VMX tag word field 230 has a word size of greater than one bit, which we denote by M, and distinct VMX tag word values, excepting the zero (0) value that is reserved for the VMM, are assigned to VMs as they are created by the VMM until the largest possible value is reached, said value being shared by all subsequently created VMs (e.g., if M is 8 then 0 is for the VMM, 1 through 6 are for the first 6 VMs created and 7 is shared by all additional VMs).
  • the VMX word field 230 again has a word size of greater than one bit and multiple distinct VMX tag word values are reserved for one or more VMMs and the remaining values are assigned to VMs as they are created by the VMMs until the largest possible value is reached, said value being shared by all subsequently created VMs.
  • Some embodiments of this invention may support a TLBVMX word 116 in a new or existing control register.
  • the width of this field is the same as the width of the VMX tag words 230 associated with the TLB entries. It determines the number of different address spaces whose translations may be cached in the TLB at any one time.
  • Some embodiments may report the width of this field to software through some mechanism. For example, IA-32 processors report capabilities such as this through the CPUID instruction or through capability registers. Any such mechanism might be used to report the width of the TLBVMX word supported by a CPU.
  • Some virtual-machine systems may support layers of virtual machine monitors (VMMs). For example, a single VMM ultimately controls the CPU. This “root” VMM may support, in guest VMs, other VMMs (“guest” VMMs) that may themselves support guest VMs. The support for layering may be provided by software, hardware, or a combination of the two.
  • the multiple VMMs e.g., root and guest VMMs
  • the multiple VMMs may all seek to manage the address spaces of their respective guests using the CPU's TLBVMX word. For embodiments that support a single TLBVMX word, this represents a challenge.
  • the root VMM partitions the bits in the TLBVMX word into those that it controls and those whose control is yielded to its guest VMMs. If the width (in bits) of the CPU's TLBVMX word is M and the root VMM wants to support 2 L ⁇ 1 guest VMMs, where L ⁇ M, then the root VMM can assign to each of its guest VMMs a unique value in the range 1 to 2 L ⁇ 1. Whenever the guest VMM with value I (1 ⁇ I ⁇ 2 L ⁇ 1) is running, the root VMM will ensure that the high L bits of the CPU's TLB tag word will contain the value I.
  • the root VMM will present to each guest VMM (through a capability reporting mechanism described above) the abstraction of a VM with a virtual CPU in which the width of the TLBVMX word is M-L.
  • the guest VMMs will each be allowed to control only the low M-L bits of the TLBVMX word. Each such guest can thus support up to 2 M-L ⁇ 1 guests whose address spaces can concurrently use the TLB.
  • This embodiment requires that the root VMM is able to (a) control the reporting of the width of the TLBVMX word to its guest VMMs, and (b) prevent its guest VMMs from modifying or reading selected bits of the TLBVMX word.
  • Trapping to the root VMM from a higher level guest VMM so that the root VMM can emulate a single guest instruction is expensive but, since that reporting the width of the TLBVMX word should be an infrequent operation, this manner of support should not adversely affect performance.
  • guest VMMs will be modifying and/or reading bits in the TLBVMX word frequently as they do VM entrances to their guest VMs.
  • the processor provides a TLBVMX mask word to provide bit-by-bit capability to mask and shadow fields for control registers to constrain the ability of guest software to read and modify control registers
  • software in a VM is only allowed to access those bits of the TLBVMX word whose corresponding bits are cleared in the TLBVMX mask word.
  • the TLBVMX word is 10100000 and the TLBVMX mask word is 111110000 then a read by software of the TLBVMX word might return 0000 and software can set the TLBVMX word to any desired value from 10100000 to 10101111 by simply writing the low order bits, the high order bits are automatically supplied by the logical AND of the TLBVMX mask word and the TLBVMX word.
  • the (intermediate) VMM sets the TLBVMX word to 10101100 and specifies that the new TLBVMX mask word will be 1100 then upon VM entrance the TLBVMX mask word is actually set to 11111100 and the TLBVMX word for the guest will be limited to the values 10101100 through 10101111.
  • software specifies the new TLBVMX mask word value for the VM by loading an appropriate field in a Virtual Machine Control Structure
  • the TLBVMX mask word is replaced by a TLBVMX inverted mask word which functions identically except that it is the logical NOT of the TLBVMX mask word and may thus be logically NOTed in the above formulas. Storing and using such an inverted mask word could simplify an actual implementation depending on the underlying logic circuitry in the processor.
  • the invalidation mechanism 240 invalidates the TLB entries according to an invalidation policy 250 .
  • the invalidation mechanism 240 may be implemented as a circuit having a control logic consistent with the invalidation policy 250 .
  • the control logic provides an efficient way to update or invalidate the TLB entries in a virtual-machine system.
  • FIG. 3 is a flowchart illustrating a process 300 to implement the invalidation policy 250 for the TLB entries shown in FIG. 2 according to one embodiment of the invention.
  • the process 300 determines if an invalidation operation has been performed (Block 345 ). If so, the process 300 proceeds to invalidate one or more TLB entries, as appropriate to the invalidation operation being performed (e.g., INVLPG on an Intel Architecture processor), providing that the VMX tag word for the entry or entries match according to one of three rules or implementations. The selection of which rule is to be used depends on performance enhancement and implementation risk. In the conservative rule, the process 300 invalidates one or more TLB entries regardless of the VMX tag words (Block 350 ).
  • the process 300 invalidates only those zero or more TLB entries that have the associated VMX tag word matched with the high order M-M′ bits of the TLBVMX word ( FIG. 1 ) by using the TLBVMX mask word to perform a logical AND on the VMX tag word (Block 372 ). In another embodiment of the configurable rule, only those zero or more TLB entries having a VMX tag word set to match the current (possibly logical) value of the TLBVMX invalidation word are invalidated (Block 374 ). For all rules, if an invalidation operation is not performed, the process 300 is terminated.
  • FIG. 4 is a list of invalidation operations according to one embodiment of the invention. Specifically, for an Intel Architecture processor there are basically five invalidation operations.
  • Invalidation operation 2 (Block 420 ): Execution of the page invalidation instruction (e.g., INVLPG instruction in the Intel Architecture)
  • page invalidation instruction e.g., INVLPG instruction in the Intel Architecture
  • Invalidation operation 3 (Block 430 ): Task switching that modifies the first control register CR3.
  • Invalidation operation 5 (Block 450 ): Loading the third register CR4 that changes one or more of the PSE bit, PGE bit, or PAE bit.
  • a VM system can efficiently trap to the VMM and resume execution of the VM without invalidating the TLB. This significantly increases the efficiency of the VMM system.

Abstract

One embodiment of the present invention is a technique to invalidate entries in a translation lookaside buffer (TLB). A TLB in a processor has a plurality of TLB entries. Each TLB entry is associated with a virtual machine extension (VMX) tag word indicating if the associated TLB entry is invalidated according to a processor mode when an invalidation operation is performed. The processor mode is one of execution in a virtual machine (VM) and execution not in a virtual machine. The invalidation operation belongs to a non-empty set of invalidation operations composed of a union of (1) a possibly empty set of operations that invalidate a variable number of TLB entries, (2) a possibly empty set of operations that invalidate exactly one TLB entry, (3) a possibly empty set of operations that invalidate the plurality of TLB entries, (4) a possibly empty set of operations that enable and disable use of virtual memory, and (5) a possibly empty set of operations that configure physical address size, page size or other virtual memory system behavior in a manner that changes the manner in which a physical machine interprets the TLB entries.

Description

    BACKGROUND
  • 1. Field of the Invention
  • This invention relates to virtual machines. In particular, the invention relates to translation lookaside buffers that support a virtual-machine system.
  • 2. Description of Related Art
  • A virtual-machine system is a computer system that includes a virtual machine monitor (VMM) supporting one or more virtual machines (VMs). A Virtual Machine Monitor (VMM) is a software program that controls physical computer hardware and presents programs executing within a Virtual Machine (VM) with the illusion that they are executing on real physical computer hardware. Each VM typically functions as a self-contained platform, controlled by a “guest” operating system (OS), i.e., an OS hosted by the VMM, which executes as if it were running on a real machine instead of within a VM.
  • To accomplish this simulation, it is necessary for some operations within a VM (e.g., attempts to configure device hardware) to be trapped and emulated by the VMM, which will perform operations to simulate virtual hardware resources (e.g., a simulated device) to maintain the illusion that the guest OS is manipulating real hardware. Thus, in a virtual-machine system transitions from a VM to the VMM and back will occur with some frequency, depending upon the number of instructions and events that the VMM must emulate.
  • In a virtual-memory system, a memory address generated by software (a “virtual” address) is translated by hardware into a physical address which is then used to reference memory. This translation process is called paging, and the hardware used to perform the translation is called the paging hardware. In many virtual-memory systems, the virtual-to-physical address translation is defined by system software in a set of data structures (called page tables) that reside in memory. Modem virtual-memory systems typically incorporate into a system's central processing unit (CPU) a specialized caching structure, often called a translation lookaside buffer (TLB), which stores information about virtual-to-physical address translations and which can be accessed far more quickly than memory.
  • When an OS stops executing one process and begins executing another, it will typically change the address space by directing the hardware to use a new set of paging structures. This can be accomplished using a software or hardware mechanism to invalidate or remove the entire contents of the TLB. More frequent than changes between processes are transitions of control between a process and OS software. Because of this, system performance would suffer significantly if the TLB were invalidated on each such transition. Thus, modern operating systems are typically constructed so that no change of address space is required. One or more ranges of (virtual) memory addresses in every address space are protected so that only the OS can access addresses in those ranges.
  • In a virtual-machine system, certain operations within a VM must be trapped and emulated by the VMM. While this is much as an OS supports a user process, the situation here is different. Applications designed to run in user processes are bound by the address-space constraints imposed by the OS. In contrast, software that executes in a VM is not aware that it is being supported by a VMM and thus expects to have access to all memory addresses. For this reason, a VM and its supporting VMM cannot easily share an address space.
  • If a VM and its support VMM do not share an address space, then transitions between the VM and the VMM will adversely affect performance because all entries in the TLB must be invalidated on each such transition. Therefore, there is a need to have an efficient technique to allow translations for different address spaces to coexist in the TLB in a VM system.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The features and advantages of the present invention will become apparent from the following detailed description of the present invention in which:
  • FIG. 1 is a diagram illustrating a system in which one embodiment of the invention can be practiced.
  • FIG. 2 is a diagram illustrating a translation lookaside buffer (TLB) shown in FIG. 1 according to one embodiment of the invention.
  • FIG. 3 is a flowchart illustrating an invalidating policy for the TLB entries shown in FIG. 2 according to one embodiment of the invention.
  • FIG. 4 is a list of operations that cause TLB entry invalidations according to one embodiment of the invention. Such operations are referred to as invalidation operations in the following description.
  • DESCRIPTION
  • One embodiment of the present invention is a technique to invalidate entries in a translation lookaside buffer (TLB). A translation lookaside buffer (TLB) in a processor has a plurality of TLB entries. Each TLB entry is associated with a virtual machine extension (VMX) tag word indicating if the associated TLB entry is invalidated according to a processor mode when an invalidation operation is performed. The processor mode is one of execution in a virtual machine (VM) and execution not in a virtual machine. The invalidation operation belongs to a non-empty set of invalidation operations composed of a union of (1) a possibly empty set of operations that invalidate a variable number of TLB entries, (2) a possibly empty set of operations that invalidate exactly one TLB entry, (3) a possibly empty set of operations that invalidate the plurality of TLB entries, (4) a possibly empty set of operations that enable and disable use of virtual memory, and (5) a possibly empty set of operations that configure physical address size, page size or other virtual memory system behavior in a manner that changes the manner in which a physical machine interprets the TLB entries.
  • In the following description, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In other instances, well-known circuits, structures, and techniques have not been shown in order not to obscure the understanding of this description.
  • Existing physical machines that support VM operation control the execution environment of a VM using a structure herein referred to as a Virtual Machine Control Structure (VMCS). The VMCS is stored in a region of memory and contains, for example, state of the guest, state of the VMM, and control information indicating under which conditions the VMM wishes to regain control during guest execution. The one or more processors in the physical machine read information from the VMCS to determine the execution environment of the VM and VMM, and to constrain the behavior of the guest software appropriately.
  • In systems using paging, the translation process will require one or more memory references because the paging hardware may need to fetch from memory data from one or more page tables. The virtual-to-physical address translation defined by a set of page tables is called an address space. Typically, operating systems execute each application program, or process, in a separate address space. In some virtual-memory systems, the TLB is largely under the control of the paging hardware. One embodiment of the present invention relates to systems in which the paging hardware determines when to cache in the TLB a virtual-to-physical address translation that has been fetched from the page tables in memory.
  • The paging structures that define the address translation reside in memory and may be modified by system software. This may cause translation information cached in the TLB to become out of date. In addition, systems allow software to direct the hardware to use an entirely different set of paging structures so that the entire contents of the TLB may become out of date. The hardware of some virtual-memory systems may detect such changes and then remove or modify out-of-date translation information while other systems provide software with special instructions to remove such information and still other systems use a combination of the two techniques.
  • FIG. 1 is a diagram illustrating a computer system 100 in which one embodiment of the invention can be practiced. The computer system 100 includes a processor 110, a host bus 120, a memory control hub (MCH) 130, a system memory 140, an input/output control hub (ICH) 150, a mass storage device 170, and input/output devices 180 1 to 180 K.
  • The processor 110 represents a central processing unit of any type of architecture, such as embedded processors, micro-controllers, digital signal processors, superscalar computers, vector processors, single instruction multiple data (SIMD) computers, complex instruction set computers (CISC), reduced instruction set computers (RISC), very long instruction word (VLIW), or hybrid architecture. In one embodiment, the processor 110 is compatible with the Intel Architecture (IA) processor, sometimes referred to as IA-32. The processor 110 typically contains a number of control registers to support memory management tasks such as virtual memory and cache memory. These tasks may include paging and segmentation. The processor I 10 also has a cache unit 117. The cache unit 117 has a translation lookaside buffer (TLB) I 19. In one embodiment, the processor 110 is compatible with the Intel Architecture (IA) processor, has control registers and a TLB and further supports a Virtual Machine eXtension (VMX) mode. The VMX mode is a mode whereby all virtualization holes in the processor's instruction set are trapped. Software in this new mode executes with as many protection rings (e.g., 4) and with the same paging protection as it would ordinarily have, but whenever privileged software in a VM attempts to change machine state that is virtualized (e.g., mask interrupts) a variety of hardware and software techniques are used by hardware (e.g., the processor), software (e.g., the VMM) or both to provide software in the VM with the illusion that it has effected the change to the actual hardware state when in fact only the model presented to the VM has changed state.
  • The control registers include a first control register CR_PA 112 and a second control register CR_PM 114. The CR_PA register contains the (physical) address of the currently active page table while the CR_PM register contains various “paging_mode” fields such as a “page mode” bit to enable paging. In one embodiment of the invention these control registers are mapped onto the control registers with the same functionality in the Intel Instruction Set Architecture as follows: CR_PA 112 is CR3, and some fields of CR_PM are located in CR0 and others in CR4. Specifically, the CR0 register has two control bits from CR_PM: protected mode enable (PE) and page mode (PG), and the CR4 register has three control bits from CR_PM: Page Size Extension (PSE), Page Global Enable (PGE), and Physical Address Extension (PAE).
  • In another embodiment, the CR_PM 114 register has a new control word of 1 or more bits in size that is only configurable by software when the processor is not in VMX mode: Translation Lookaside Buffer Virtual Machine eXtension (TLBVMX). In an alternative embodiment, CR_PM 114 register has two new control words of identical size of 1 or more bits that are only configurable by software when the processor is not in VMX mode: Translation Lookaside Buffer Virtual Machine eXtension (TLBVMX word) and Invalidation Translation Lookaside Buffer Virtual Machine eXtension (TLBVMX invalidation word). In yet another alternative embodiment, CR_PM 114 register has two new control words of identical size of 1 or more bits that are only configurable by software when the processor is not in VMX mode: Translation Lookaside Buffer Virtual Machine extension (TLBVMX word) and Translation Lookaside Buffer Virtual Machine extension Mask (TLBVMX mask word). In still another alternative embodiment, CR_PM 114 register has one new control word of size of 1 or more bits that is fully configurable by software when the processor is not in VMX mode: Translation Lookaside Buffer Virtual Machine extension (TLBVMX word) and the Virtual Machine Control Structure (VMCS) has a new field of identical size, Translation Lookaside Buffer Virtual Machine eXtension Mask (TLBVMX mask field). When the processor is in VMX mode access to the TLBVMX word is controlled by the TLBVMX mask field in the currently active VMCS such that the processor can only access those bits of the TLBVMX word whose corresponding bits are cleared in the TLBVMX mask field in the currently active VMCS. In still another embodiment the TLBVMX mask field is inverted and the condition for access is inverted such that access to bits of the TLBVMX word is only allowed for bits that are set in the TLBVMX mask field in the currently active VMCS.
  • The host bus 120 provides interface signals to allow the processor 110 to communicate with other processors or devices, e.g., the MCH 130. The host bus 120 may support a uni-processor or multiprocessor configuration. The host bus 120 may be parallel, sequential, pipelined, asynchronous, synchronous, or any combination thereof.
  • The MCH 130 provides control and configuration of memory and input/output devices such as the system memory 140 and the ICH 150. The MCH 130 may be integrated into a chipset that integrates multiple functionalities such as the isolated execution mode, host-to-peripheral bus interface, memory control. For clarity, not all the peripheral buses are shown. It is contemplated that the system 100 may also include peripheral buses such as Peripheral Component Interconnect (PCI), accelerated graphics port (AGP), Industry Standard Architecture (ISA) bus, and Universal Serial Bus (USB), etc.
  • The system memory 140 stores system code and data. The system memory 140 is typically implemented with dynamic random access memory (DRAM) or static random access memory (SRAM). The system memory may include program code or code segments implementing one embodiment of the invention. The system memory includes a virtual machine (VM) module 145 and a virtual machine monitor (VMM) module 148. The VM and VMM 145 and 148 may also be implemented by hardware, software, firmware, microcode, or any combination thereof. The system memory 140 may also include other programs or data which are not shown, such as one or more guest operating systems, as well as sets of page tables 190 1 to 190 L. The sets of page tables 190 1 to 190 L may be created and maintained by software and reside in system memory 140 or they may be implemented and maintained by hardware, firmware, microcode, or any combination thereof. There may be one or more sets of page tables for the Virtual Machine Monitor (VMM) and one or more sets of page tables for each of one or more Virtual Machines (VMs).
  • The ICH 150 has a number of functionalities that are designed to support I/O functions. The ICH 150 may also be integrated into a chipset together or separate from the MCH 130 to perform I/O functions. The ICH 150 may include a number of interface and I/O functions such as PCI bus interface, processor interface, interrupt controller, direct memory access (DMA) controller, power management logic, timer, universal serial bus (USB) interface, mass storage interface, low pin count (LPC) interface, etc.
  • The mass storage device 170 stores archive information such as code, programs, files, data, applications, and operating systems. The mass storage device 170 may include compact disk (CD) ROM 172, floppy diskettes 174, and hard drive 176, and any other magnetic or optic storage devices. The mass storage device 170 provides a mechanism to read machine-readable media.
  • The I/O devices 180 1 to 180 K may include any I/O devices to perform I/O functions. Examples of I/O devices 180 1 to 180 K include controller for input devices (e.g., keyboard, mouse, trackball, pointing device), media card (e.g., audio, video, graphics), network card, and any other peripheral controllers.
  • Elements of one embodiment of the invention may be implemented by hardware, firmware, software or any combination thereof. The term hardware generally refers to an element having a physical structure such as electronic, electromagnetic, optical, electro-optical, mechanical, electromechanical parts, etc. The term software generally refers to a logical structure, a method, a procedure, a program, a routine, a process, an algorithm, a formula, a function, an expression, etc. The term firmware generally refers to a logical structure, a method, a procedure, a program, a routine, a process, an algorithm, a formula, a function, an expression, etc. that is implemented or embodied in a hardware structure (e.g., flash memory). Examples of firmware may include microcode, writable control store, and micro-programmed structure. When implemented in software or firmware, the elements of an embodiment of the present invention are essentially the code segments to perform the necessary tasks. The software/firmware may include the actual code to carry out the operations described in one embodiment of the invention, or code that emulates or simulates the operations. The program or code segments can be stored in a processor or machine accessible medium or transmitted by a computer data signal embodied in a carrier wave, or a signal modulated by a carrier, over a transmission medium. The “processor readable or accessible medium” or “machine readable or accessible medium” may include any medium that can store, transmit, or transfer information. Examples of the processor readable or machine accessible medium include an electronic circuit, a semiconductor memory device, a read only memory (ROM), a flash memory, an erasable ROM (EROM), a floppy diskette, a compact disk (CD) ROM, an optical disk, a hard disk, a fiber optic medium, a radio frequency (RF) link, etc. The computer data signal may include any signal that can propagate over a transmission medium such as electronic network channels, optical fibers, air, electromagnetic, RF links, etc. The code segments may be downloaded via computer networks such as the Internet, Intranet, etc. The machine accessible medium may be embodied in an article of manufacture. The machine accessible medium may include data that, when accessed by a machine, cause the machine to perform the operations described in the following. The machine accessible medium may also include program code embedded therein. The program code may include machine readable code to perform the operations described in the following. The term “data” here refers to any type of information that is encoded for machine-readable purposes. Therefore, it may include program, code, data, file, etc.
  • All or part of an embodiment of the invention may be implemented by hardware, software, or firmware, or any combination thereof. The hardware, software, or firmware element may have several modules coupled to one another. A hardware module is coupled to another module by mechanical, electrical, optical, electromagnetic or any physical connections. A software module is coupled to another module by a function, procedure, method, subprogram, or subroutine call, a jump, a link, a parameter, variable, and argument passing, a function return, etc. A software module is coupled to another module to receive variables, parameters, arguments, pointers, etc. and/or to generate or pass results, updated variables, pointers, etc. A firmware module is coupled to another module by any combination of hardware and software coupling methods above. A hardware, software, or firmware module may be coupled to any one of another hardware, software, or firmware module. A module may also be a software driver or interface to interact with the operating system running on the platform. A module may also be a hardware driver to configure, set up, initialize, send and receive data to and from a hardware device. An apparatus may include any combination of hardware, software, and firmware modules.
  • One embodiment of the invention may be described as a process which is usually depicted as a flowchart, a flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed. A process may correspond to a method, a program, a procedure, a method of manufacturing or fabrication, etc.
  • FIG. 2 is a diagram illustrating a translation lookaside buffer (TLB) 119 shown in FIG. 1 according to one embodiment of the invention. The TLB 119 includes a storage 210 and an invalidating mechanism 240.
  • The storage 210 is a fast memory organized with two fields TLB entry 220 and virtual machine extension (VMX) tag word 230. For some integer N the TLB 220 has N TLB entries 220 1 to 220 N and the VMX tag word array 230 has N VMX tag words 230 1 to 230 N. Each of the N TLB entries 220 1 to 220 N has an associated VMX tag word. Each of the N TLB entries 220 1 to 220 N is referred to as a TLB translation or translation for short. Each of the VMX tag words 230 1 to 230 N indicates if the associated TLB entry is invalidated according to a processor mode when an invalidation operation is performed. When a VMX tag word is non-zero, the corresponding TLB entry is referred to as a VMX translation. When a VMX tag word is zero (0), the corresponding TLB entry is referred to as a non-VMX translation.
  • At any given time, the processor may be in VMX mode. VMX mode is the mode when the processor is executing guest code in a VM. The processor is not in VMX mode when the VMM is executing. In one embodiment, the VMM operates in the protected mode of operation of an Intel Architecture processor. The VMM may create several VMs and each of the VMs operates in VMX mode. The processor mode may be set by a hardware circuit or by a configuration word programmed by software. Each of the VMX tag words 230 1 to 230 N may correspond to a VM created by the VMM. In one embodiment, the VMX tag word field 230 has a word size of one bit.
  • As noted in the preceding paragraph, in one embodiment, the VMX tag word is a single bit, so it is always 1 when in VMX mode and 0 when not in VMX mode (or vice versa). Note that the active level of logical 1 or 0 is for illustrative purposes. Other active levels may be used. A bit is said to be asserted when it is set to its active level and to be negated when it is set to the complement of its active level. In the Intel Architecture, the value of this bit could be stored in a control register, a model-specific register, a new architectural register, or a new register. In fact, the value of this bit need not be visible at all and the Translation Lookaside Buffer Virtual Machine eXtension (TLBVMX word) need not exist per se since the necessary information can be derived automatically from other processor state (i.e., 1 when in VMX mode, 0 when not, or vice versa). In an alternative embodiment, the VMX tag word is larger than one bit and it is then set to the new value of the TLBVMX control word, which corresponds to the particular VM being executed, as the processor transitions into VMX mode. To maintain proper operation of the processor, the VMM would naturally prevent direct accesses by guest OSes to the TLBVMX control word
  • In another embodiment, the VMX tag word field 230 has a word size of greater than one bit, which we denote by M, and distinct VMX tag word values, excepting the zero (0) value that is reserved for the VMM, are assigned to VMs as they are created by the VMM until the largest possible value is reached, said value being shared by all subsequently created VMs (e.g., if M is 8 then 0 is for the VMM, 1 through 6 are for the first 6 VMs created and 7 is shared by all additional VMs). In another embodiment, the VMX word field 230 again has a word size of greater than one bit and multiple distinct VMX tag word values are reserved for one or more VMMs and the remaining values are assigned to VMs as they are created by the VMMs until the largest possible value is reached, said value being shared by all subsequently created VMs.
  • Some embodiments of this invention may support a TLBVMX word 116 in a new or existing control register. The width of this field is the same as the width of the VMX tag words 230 associated with the TLB entries. It determines the number of different address spaces whose translations may be cached in the TLB at any one time. Some embodiments may report the width of this field to software through some mechanism. For example, IA-32 processors report capabilities such as this through the CPUID instruction or through capability registers. Any such mechanism might be used to report the width of the TLBVMX word supported by a CPU.
  • Some virtual-machine systems may support layers of virtual machine monitors (VMMs). For example, a single VMM ultimately controls the CPU. This “root” VMM may support, in guest VMs, other VMMs (“guest” VMMs) that may themselves support guest VMs. The support for layering may be provided by software, hardware, or a combination of the two. For systems based on embodiments that support the VMX tag words defined in this invention, the multiple VMMs (e.g., root and guest VMMs) may all seek to manage the address spaces of their respective guests using the CPU's TLBVMX word. For embodiments that support a single TLBVMX word, this represents a challenge.
  • In one embodiment of the invention, the root VMM partitions the bits in the TLBVMX word into those that it controls and those whose control is yielded to its guest VMMs. If the width (in bits) of the CPU's TLBVMX word is M and the root VMM wants to support 2L−1 guest VMMs, where L<M, then the root VMM can assign to each of its guest VMMs a unique value in the range 1 to 2L−1. Whenever the guest VMM with value I (1<I<2L−1) is running, the root VMM will ensure that the high L bits of the CPU's TLB tag word will contain the value I. These bits will be given the value 0 only for (1) the root VMM or (2) guests of the root VMM that are not themselves VMMs. The root VMM will present to each guest VMM (through a capability reporting mechanism described above) the abstraction of a VM with a virtual CPU in which the width of the TLBVMX word is M-L. The guest VMMs will each be allowed to control only the low M-L bits of the TLBVMX word. Each such guest can thus support up to 2M-L−1 guests whose address spaces can concurrently use the TLB.
  • This embodiment requires that the root VMM is able to (a) control the reporting of the width of the TLBVMX word to its guest VMMs, and (b) prevent its guest VMMs from modifying or reading selected bits of the TLBVMX word.
  • Both of these capabilities are already supported in some virtual-machine systems. For example, in IA-32 systems, it is sufficient to ensure that guest attempts to execute the CPUID instruction or to read capability registers or to read or write control registers cause transitions to the root VM monitor (VMM). The root VMM can then emulate the relevant guest instruction, presenting to its guest the values it desires (e.g., in this case, it would report to its guest that the width of the TLBVMX word is M-L instead of M).
  • Trapping to the root VMM from a higher level guest VMM so that the root VMM can emulate a single guest instruction is expensive but, since that reporting the width of the TLBVMX word should be an infrequent operation, this manner of support should not adversely affect performance. On the other hand, guest VMMs will be modifying and/or reading bits in the TLBVMX word frequently as they do VM entrances to their guest VMs.
  • In an alternative embodiment of the invention, the processor provides a TLBVMX mask word to provide bit-by-bit capability to mask and shadow fields for control registers to constrain the ability of guest software to read and modify control registers Thus software in a VM is only allowed to access those bits of the TLBVMX word whose corresponding bits are cleared in the TLBVMX mask word. For example, if the TLBVMX word is 10100000 and the TLBVMX mask word is 111110000 then a read by software of the TLBVMX word might return 0000 and software can set the TLBVMX word to any desired value from 10100000 to 10101111 by simply writing the low order bits, the high order bits are automatically supplied by the logical AND of the TLBVMX mask word and the TLBVMX word.
  • To efficiently support a layered virtualization architecture, the processor provides a hardware-managed stack of TLBVMX mask words that work as follows. Incident to a VM entrance a VMM can specify a new value of the TLBVMX mask word for the guest (whether VMM or not) but the new value will be automatically logically ORed by the processor with the old value of the TLBVMX mask word so that the logical AND of the new value and the old value of the TLBVMX mask word will be equal to the old value. The old value is automatically restored from the hardware-managed stack upon a VM exit. In the new guest the TLBVMX mask word constrains the space of possible TLBVMX word values. For example, continuing the above example, if the (intermediate) VMM sets the TLBVMX word to 10101100 and specifies that the new TLBVMX mask word will be 1100 then upon VM entrance the TLBVMX mask word is actually set to 11111100 and the TLBVMX word for the guest will be limited to the values 10101100 through 10101111.
  • In one embodiment of the invention, software specifies the new TLBVMX mask word value for the VM by loading an appropriate field in a Virtual Machine Control Structure In yet another embodiment of the invention, the TLBVMX mask word is replaced by a TLBVMX inverted mask word which functions identically except that it is the logical NOT of the TLBVMX mask word and may thus be logically NOTed in the above formulas. Storing and using such an inverted mask word could simplify an actual implementation depending on the underlying logic circuitry in the processor.
  • Using these techniques, a guest VMM could reserve K bits in the TLBVMX word (of the M-L bits to which it has access) for its own use, presenting to its guest VMM the abstraction of virtual CPU with a TLBVMX word with only M−(L+K) bits. The technique can be used for at most M layers, after which any guest VMMs would be presented with the abstraction of a virtual CPU that does not support a TLBVMX word.
  • The invalidation mechanism 240 invalidates the TLB entries according to an invalidation policy 250. The invalidation mechanism 240 may be implemented as a circuit having a control logic consistent with the invalidation policy 250. The control logic provides an efficient way to update or invalidate the TLB entries in a virtual-machine system.
  • FIG. 3 is a flowchart illustrating a process 300 to implement the invalidation policy 250 for the TLB entries shown in FIG. 2 according to one embodiment of the invention.
  • Upon START the process 300 determines if the processor is in VMX mode (Block 310). As noted above, in one embodiment of the invention, the VMX tag word is a single bit and the TLBVMX word may exist only logically, its contents being derived automatically from other processor state. In other embodiments, the TLBVMX word may be more than one bit and exists as a physical field in the CR_PM 114 control register. For all embodiments of the invention, if the processor is in VMX mode, then all new translations in the TLB set the VMX tag word to match the possibly logical value of the TLBVMX word (Block 325) and if the processor is not in VMX mode, then all new translations set the VMX tag word to match the possibly logical value of the TLBVMX word (Block 340).
  • Next, if the processor is in VMX mode, the process 330 determines if an operation causing invalidation of one or more TLB entries is performed (i.e., an invalidation operation) (Block 330). For an Intel Architecture processor, examples of such invalidation operations are INVLPG (invalidates only one entry) and loads to the CR3 register (invalidates all entries). If so, the process 300 invalidates the one or more TLB entries, as appropriate, provided that every TLB entry invalidated must have a VMX tag word value that matches the value in the TLBVMX word (which may exist only logically), otherwise the process 300 is terminated.
  • Alternatively, if the processor is not in VMX mode, the process 300 determines if an invalidation operation has been performed (Block 345). If so, the process 300 proceeds to invalidate one or more TLB entries, as appropriate to the invalidation operation being performed (e.g., INVLPG on an Intel Architecture processor), providing that the VMX tag word for the entry or entries match according to one of three rules or implementations. The selection of which rule is to be used depends on performance enhancement and implementation risk. In the conservative rule, the process 300 invalidates one or more TLB entries regardless of the VMX tag words (Block 350). In one embodiment of the configurable rule, the process 300 invalidates only those zero or more TLB entries that have the associated VMX tag word matched with the high order M-M′ bits of the TLBVMX word (FIG. 1) by using the TLBVMX mask word to perform a logical AND on the VMX tag word (Block 372). In another embodiment of the configurable rule, only those zero or more TLB entries having a VMX tag word set to match the current (possibly logical) value of the TLBVMX invalidation word are invalidated (Block 374). For all rules, if an invalidation operation is not performed, the process 300 is terminated.
  • Note that, regardless of any rules above defining behavior both inside and outside VMX mode, a change to the CR_PA 112 register incident to a transition into VMX mode (i.e., VM entrance) or out of VMX mode (i.e., VM exit) does not invalidate any entries in the TLB. This special case is therefore not an invalidation operation.
  • FIG. 4 is a list of invalidation operations according to one embodiment of the invention. Specifically, for an Intel Architecture processor there are basically five invalidation operations.
  • Invalidation operation 1 (Block410): Loading the first register CR3, subject to the setting of the global (G) bit in the TLB entry and other existing TLB behavior such as the width of the TLBVMX word.
  • Invalidation operation 2 (Block420): Execution of the page invalidation instruction (e.g., INVLPG instruction in the Intel Architecture)
  • Invalidation operation 3 (Block430): Task switching that modifies the first control register CR3.
  • Invalidation operation 4 (Block440): Loading the second register CR0 that changes either the PE bit or the PG bit.
  • Invalidation operation 5 (Block450): Loading the third register CR4 that changes one or more of the PSE bit, PGE bit, or PAE bit.
  • By providing the VMX tag word associated with each TLB entry in the TLB, a VM system can efficiently trap to the VMM and resume execution of the VM without invalidating the TLB. This significantly increases the efficiency of the VMM system.
  • While this invention has been described with reference to illustrative embodiments, this description is not intended to be construed in a limiting sense. Various modifications of the illustrative embodiments, as well as other embodiments of the invention, which are apparent to persons skilled in the art to which the invention pertains are deemed to lie within the spirit and scope of the invention.

Claims (80)

1. An apparatus comprising:
a translation lookaside buffer (TLB) in a processor having a plurality of TLB entries, each TLB entry being associated with a virtual machine extension (VMX) tag word indicating if the associated TLB entry is invalidated according to the processor mode when an invalidation operation is performed, the processor mode being one of execution in a virtual machine (VM) and execution not in a virtual machine, the invalidation operation belonging to a non-empty set of invalidation operations composed of a union of (1) a possibly empty set of operations that invalidate a variable number of TLB entries, (2) a possibly empty set of operations that invalidate exactly one TLB entry, (3) a possibly empty set of operations that invalidate the plurality of TLB entries, (4) a possibly empty set of operations that enable and disable use of virtual memory, and (5) a possibly empty set of operations that configure physical address size, page size or other virtual memory system behavior in a manner that changes the manner in which a physical machine interprets the TLB entries;
wherein the invalidation operations include IA-32-specific operations (a) IA-32 task switches involving changes of virtual memory related control registers, or (b) loading of control registers that modify IA-32-specific page size extension (PSE) and physical address extension (PAE).
2. The apparatus of claim 1 wherein the invalidation operation is one of (1) a loading of a first control register conditioned on a global bit, (2) an execution of a page invalidate instruction, (3) an IA-32 task switch involving change of at least one virtual memory related control register (4) a loading of a second control register that modifies one of a protected mode indicator and a page mode indicator, and (5) a loading of a third control register that modifies one of an IA-32-specific page size extension (PSE), a page global enable (PGE), and a physical address extension (PAE).
3. The apparatus of claim 2 wherein the processor is in or not in VMX mode and the TLB entry is not invalidated at loading of the first control register when one of a transition into VMX mode (a VM entrance) and a transition out of VMX mode (a VM exit) occurs.
4. The apparatus of claim 3 wherein the VMX tag word is a single bit and
the VMX tag word is negated for a new TLB entry when the processor is not in VMX mode and the VMX tag word is asserted for a new TLB entry when the processor is in VMX mode; and
the TLB entry is invalidated when an invalidation operation is performed and the VMX tag word is asserted and the processor is in VMX mode.
5. The apparatus of claim 4 wherein the TLB entry is invalidated irrespective of value of the VMX tag word when an invalidation operation is performed and the processor is not in VMX mode.
6. The apparatus of claim 4 wherein a field in a control register is designated the translation lookaside buffer virtual machine extension (TLBVMX) word and the TLB entry is invalidated when an invalidation operation is performed and the VMX tag word matches the TLBVMX word and the processor is not in VMX mode.
7. The apparatus of claim 3 wherein the VMX tag word is a single bit and
the VMX tag word is asserted for a new TLB entry when the processor is not in VMX mode and the VMX tag word is negated for a new TLB entry when the processor is in VMX mode; and
the TLB entry is invalidated when an invalidation operation is performed and the VMX tag word is negated and the processor is in VMX mode.
8. The apparatus of claim 7 wherein the TLB entry is invalidated irrespective of the value of the VMX tag word when an invalidation operation is performed and the processor is not in VMX mode.
9. The apparatus of claim 7 wherein a field in a control register is designated the TLBVMX word and the TLB entry is invalidated when an invalidation operation is performed and the VMX tag word matches the TLBVMX word and the processor is not in VMX mode.
10. The apparatus of claim 1 wherein invalidation of a TLB entry by an invalidation operation is further conditioned upon value of one or more control words associated with the TLB.
11. The apparatus of claim 10 wherein the control word or words associated with the TLB are located in one or more of the control registers of the processor or in a Virtual Machine Control Structure (VMCS) in memory.
12. The apparatus of claim 11 wherein one of the control words associated with the TLB is distinguished such that the VMX tag word is set to match a distinguished control word for a new TLB entry, the distinguished control word associated with the TLB being designated the TLBVMX word.
13. The apparatus of claim 12 wherein the TLBVMX word is set to one of a plurality of values that constitute a proper subset of a set of all possible values for a VMX tag word when the processor mode corresponds to execution in a virtual machine (VM).
14. The apparatus of claim 13 wherein the TLB entry is invalidated when an invalidation operation is performed and the value of the associated VMX tag word matches the value of the TLBVMX word and the processor mode corresponds to execution in a virtual machine (VM).
15. The apparatus of claim 14 wherein the one or more control words associated with the TLB, including the TLBVMX word, are configurable when the processor mode corresponds to execution not in a virtual machine.
16. The apparatus of claim 13 wherein the TLBVMX word is set to one of a plurality of values that constitute a proper subset of a set of all possible values for a VMX tag word when the processor mode corresponds to execution not in a virtual machine.
17. The apparatus of claim 16 wherein a set theoretic intersection of the plurality of values allowable for the TLBVMX word when the processor mode corresponds to execution not in a virtual machine and the plurality of values allowable for the TLBVMX word when the processor mode corresponds to execution in a virtual machine (VM) is an empty set.
18. The apparatus of claim 16 wherein invalidation of a TLB entry by an invalidation operation is further conditioned upon value of a second control word associated with the TLB when the processor mode corresponds to execution not in a virtual machine.
19. The apparatus of claim 18 wherein the TLB entry is invalidated when an invalidation operation is performed and the associated VMX tag word matches the second control word associated with the TLB and the processor mode corresponds to execution not in a virtual machine.
20. The apparatus of claim 18 wherein the TLB entry is invalidated when an invalidation operation is performed and the logical AND of the associated VMX tag word and the second control word associated with the TLB matches the TLBVMX word and the processor mode corresponds to execution in a virtual machine, the second control word associated with the TLB being designated the TLBVMX mask word.
21. The apparatus of claim 20 wherein access by software to configure a portion of the TLBVMX word when the processor mode corresponds to execution in a virtual machine (VM) is conditioned upon value of the TLBVMX mask word such that software executing when the processor mode corresponds to execution in a virtual machine (VM) is able to set the TLBVMX word to a value such that the logical AND of a new value of the TLBVMX word and a value of the TLBVMX mask word matches a logical AND of a previous value of the TLBVMX word and the value of TLBVMX mask word.
22. (canceled)
23. (canceled)
24. (canceled)
25. The apparatus of claim 20 wherein the bits configured in the VMX tag word and the TLBVMX word are determined by an execution of a specified processor instruction in a specified manner.
26. (canceled)
27. The apparatus of claim 18 wherein the TLB entry is invalidated when an invalidation operation is performed and the logical AND of the associated VMX tag word with a logical NOT of the second control word associated with the TLB matches the TLBVMX word and the processor mode corresponds to execution in a virtual machine (VM), the second control word associated with the TLB being designated the TLBVMX inverted mask word.
28. The apparatus of claim 27 wherein access by software to configure a portion of the TLBVMX word when the processor mode corresponds to execution in a virtual machine (VM) is conditioned upon the value of the TLBVMX inverted mask word such that software executing when the processor mode corresponds to execution in a virtual machine (VM) is able to set the TLBVMX word to a value such that a logical AND of a new value of the TLBVMX word and the logical NOT of the TLBVMX inverted mask word matches the logical AND of a previous value of the TLBVMX word and the logical NOT of TLBVMX inverted mask word.
29. (canceled)
30. (canceled)
31. (canceled)
32. (canceled)
33. (canceled)
34. The apparatus of claim 16 wherein size of a VMX tag word and the TLBVMX word is determined by executing a specified processor instruction in a specified manner.
35. The apparatus of claim 34 wherein the processor is compatible with the Intel Architecture and the specified instruction is a CPUID instruction and the specified manner is to have a specified value in an EAX register when the CPUID instruction is executed.
36. A method comprising:
associating a translation lookaside buffer (TLB) entry in a plurality of TLB entries in a processor with a virtual machine extension (VMX) tag word to indicate if the associated TLB entry is invalidated according to the processor mode when an invalidation operation is performed, the processor mode being one of execution in a virtual machine (VM) and execution not in a virtual machine; and
performing the invalidation operation, the invalidation operation belonging to a non-empty set of invalidation operations composed of a union of (1) a possibly empty set of operations that invalidate a variable number of TLB entries, (2) a possibly empty set of operations that invalidate exactly one TLB entry, (3) a possibly empty set of operations that invalidate the plurality of TLB entries, (4) a possibly empty set of operations that enable and disable use of virtual memory, and (5) a possibly empty set of operations that configure physical address size, page size or other virtual memory system behavior in a manner that changes the manner in which a physical machine interprets the TLB entries;
wherein the invalidation operations include IA-32-specific operations (a) IA-32 task switches involving changes of virtual memory related control registers, or (b) loading of control registers that modify IA-32-specific page size extension (PSE) and physical address extension (PAE).
37. The method of claim 36 wherein performing comprises performing the invalidation operation being one of (1) a loading of a first control register conditioned on a global bit, (2) an execution of a page invalidate instruction, (3) an IA-32 task switch involving change of at least one virtual memory related control register, (4) a loading of a second control register that modifies one of a protected mode indicator and a page mode indicator, and (5) a loading of a third control register that modifies one of an IA-32-specific page size extension (PSE), a page global enable (PGE), and a physical address extension (PAE).
38. The method of claim 37 wherein the processor is in or not in VMX mode and the TLB entry is not invalidated at loading of the first control register when one of a transition into VMX mode (a VM entrance) and a transition out of VMX mode (a VM exit) occurs.
39. The method of claim 38 further comprising:
negating the VMX tag word for a new TLB entry when the processor is not in VMX mode, the VMX tag word being a single bit;
asserting the VMX tag word for a new TLB entry when the processor is in VMX mode; and
invalidating the TLB entry when an invalidation operation is performed and the VMX tag word is asserted and the processor is in VMX mode.
40. The method of claim 39 wherein invalidating comprises invalidating the TLB entry irrespective of value of the VMX tag word when an invalidation operation is performed and the processor is not in VMX mode.
41. The method of claim 39 wherein invalidating comprises invalidating the TLB entry when an invalidation operation is performed and the VMX tag word matches the translation lookaside buffer virtual machine extension (TLBVMX) word and the processor is not in VMX mode, the TLBVMX word designating a field in a control register.
42. The method of claim 38 further comprising:
asserting the VMX tag word for a new TLB entry when the processor is not in VMX mode, the VMX tag word being a single bit;
negating the VMX tag word for a new TLB entry when the processor is in VMX mode; and
invalidating the TLB entry when an invalidation operation is performed and the VMX tag word is negated and the processor is in VMX mode.
43. The method of claim 42 wherein invalidating comprises invalidating the TLB entry irrespective of the value of the VMX tag word when an invalidation operation is performed and the processor is not in VMX mode.
44. The method of claim 42 wherein invalidating comprises invalidating the TLB entry when an invalidation operation is performed and the VMX tag word matches the TLBVMX word and the processor is not in VMX mode, the TLBVMX word designating a field in a control register.
45. The method of claim 42 wherein invalidating comprises invalidating the TLB entry by the invalidation operation conditioned upon value of one or more control words associated with the TLB.
46. The method of claim 45 wherein the control word or words associated with the TLB are located in one or more of the control registers of the processor or in a Virtual Machine Control Structure (VMCS) in memory.
47. The method of claim 46 further comprising distinguishing one of the control words associated with the TLB such that the VMX tag word is set to match a distinguished control word for a new TLB entry, the distinguished control word associated with the TLB being designated the TLBVMX word.
48. The method of claim 47 further comprising setting the TLBVMX word to one of a plurality of values that constitute a proper subset of a set of all possible values for a VMX tag word when the processor mode corresponds to execution in a virtual machine (VM).
49. The method of claim 48 wherein invalidating comprises invalidating the TLB entry when an invalidation operation is performed and the value of the associated VMX tag word matches the value of the TLBVMX word and the processor mode corresponds to execution in a virtual machine (VM).
50. The method of claim 49 further comprising configuring the one or more control words associated with the TLB, including the TLBVMX word, when the processor mode corresponds to execution not in a virtual machine.
51. The method of claim 48 further comprising setting the TLBVMX word to one of a plurality of values that constitute a proper subset of a set of all possible values for a VMX tag word when the processor mode corresponds to execution not in a virtual machine.
52. The method of claim 51 wherein a set theoretic intersection of the plurality of values allowable for the TLBVMX word when the processor mode corresponds to execution not in a virtual machine and the plurality of values allowable for the TLBVMX word when the processor mode corresponds to execution in a virtual machine (VM) is an empty set.
53. The method of claim 51 wherein invalidation of a TLB entry by an invalidation operation is further conditioned upon value of a second control word associated with the TLB when the processor mode corresponds to execution not in a virtual machine.
54. The method of claim 53 wherein invalidating comprises invalidating the TLB entry when an invalidation operation is performed and the associated VMX tag word matches the second control word associated with the TLB and the processor mode corresponds to execution not in a virtual machine.
55. The method of claim 53 wherein invalidating comprises invalidating the TLB entry when an invalidation operation is performed and the logical AND of the associated VMX tag word and the second control word associated with the TLB matches the TLBVMX word and the processor mode corresponds to execution in a virtual machine, the second control word associated with the TLB being designated the TLBVMX mask word.
56. The method of claim 55 further comprising accessing by software to configure a portion of the TLBVMX word when the processor mode corresponds to execution in a virtual machine (VM) conditioned upon value of the TLBVMX mask word such that software executing when the processor mode corresponds to execution in a virtual machine (VM) is able to set the TLBVMX word to a value such that the logical AND of a new value of the TLBVMX word and a value of the TLBVMX mask word matches a logical AND of a previous value of the TLBVMX word and the value of TLBVMX mask word.
57. (canceled)
58. (canceled)
59. (canceled)
60. (canceled)
61. (canceled)
62. The method of claim 53 wherein invalidating comprises invalidating the TLB entry when an invalidation operation is performed and the logical AND of the associated VMX tag word with a logical NOT of the second control word associated with the TLB matches the TLBVMX word and the processor mode corresponds to execution in a virtual machine (VM), the second control word associated with the TLB being designated the TLBVMX inverted mask word.
63. The method of claim 62 further comprising accessing by software to configure a portion of the TLBVMX word when the processor mode corresponds to execution in a virtual machine (VM) conditioned upon the value of the TLBVMX inverted mask word such that software executing when the processor mode corresponds to execution in a virtual machine (VM) is able to set the TLBVMX word to a value such that a logical AND of a new value of the TLBVMX word and the logical NOT of the TLBVMX inverted mask word matches the logical AND of a previous value of the TLBVMX word and the logical NOT of TLBVMX inverted mask word.
64. (canceled)
65. (canceled)
66. (canceled)
67. (canceled)
68. (canceled)
69. The method of claim 51 wherein determining comprises determining size of a VMX tag word and the TLBVMX word by executing a specified processor instruction in a specified manner.
70. The method of claim 69 wherein the processor is compatible with the Intel Architecture and the specified instruction is a CPUID instruction and the specified manner is to have a specified value in an EAX register when the CPUID instruction is executed.
71. A processor comprising:
a translation lookaside buffer (TLB) having a plurality of TLB entries, each TLB entry being associated with a virtual machine extension (VMX) tag word indicating if the associated TLB entry is invalidated according to the processor mode when an invalidation operation is performed, the processor mode being one of execution in a virtual machine (VM) and execution not in a virtual machine, the invalidation operation belonging to a non-empty set of invalidation operations composed of a union of (1) a possibly empty set of operations that invalidate a variable number of TLB entries, (2) a possibly empty set of operations that invalidate exactly one TLB entry, (3) a possibly empty set of operations that invalidate the plurality of TLB entries, (4) a possibly empty set of operations that enable and disable use of virtual memory, and (5) a possibly empty set of operations that configure physical address size, page size or other virtual memory system behavior in a manner that changes the manner in which a physical machine interprets the TLB entries; and
first, second, and third registers coupled to the TLB to store information related to the invalidation operation
wherein the invalidation operations include IA-32-specific operations (a) IA-32 task switches involving changes of virtual memory related control registers, or (b) loading of control registers that modify IA-32-specific page size extension (PSE) and physical address extension (PAE).
72. The processor of claim 71 wherein the invalidation operation is one of (1) a loading of the first control register conditioned on a global bit, (2) an execution of a page invalidate instruction, (3) an IA-32 task switch involving change of at least one virtual memory related control register, and (5) a loading of the third control register that modifies one of an IA-32-specific page size extension (PSE), a page global enable (PGE), and a physical address extension (PAE).
73. The processor of claim 72 wherein the processor is in or not in VMX mode and the TLB entry is not invalidated at loading of the first control register when one of a transition into VMX mode (a VM entrance) and a transition out of VMX mode (a VM exit) occurs.
74. The processor of claim 73 wherein the VMX tag word is a single bit and
the VMX tag word is negated for a new TLB entry when the processor is not in VMX mode and the VMX tag word is asserted for a new TLB entry when the processor is in VMX mode; and
the TLB entry is invalidated when an invalidation operation is performed and the VMX tag word is asserted and the processor is in VMX mode.
75. The processor of claim 74 wherein the TLB entry is invalidated irrespective of value of the VMX tag word when an invalidation operation is performed and the processor is not in VMX mode.
76. The processor of claim 74 wherein a field in a control register is designated the translation lookaside buffer virtual machine extension (TLBVMX) word and the TLB entry is invalidated when an invalidation operation is performed and the VMX tag word matches the TLBVMX word and the processor is not in VMX mode.
77. The processor of claim 73 wherein the VMX tag word is a single bit and
the VMX tag word is asserted for a new TLB entry when the processor is not in VMX mode and the VMX tag word is negated for a new TLB entry when the processor is in VMX mode; and
the TLB entry is invalidated when an invalidation operation is performed and the VMX tag word is negated and the processor is in VMX mode.
78. The processor of claim 77 wherein the TLB entry is invalidated irrespective of the value of the VMX tag word when an invalidation operation is performed and the processor is not in VMX mode.
79. The processor of claim 77 wherein a field in a control register is designated the TLBVMX word and the TLB entry is invalidated when an invalidation operation is performed and the VMX tag word matches the TLBVMX word and the processor is not in VMX mode.
80. (canceled)
US10/676,584 2003-09-30 2003-09-30 Invalidating translation lookaside buffer entries in a virtual machine (VM) system Abandoned US20050080934A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
US10/676,584 US20050080934A1 (en) 2003-09-30 2003-09-30 Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US10/973,678 US7865670B2 (en) 2003-09-30 2004-10-25 Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US12/959,109 US8543772B2 (en) 2003-09-30 2010-12-02 Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US13/837,648 US8751752B2 (en) 2003-09-30 2013-03-15 Invalidating translation lookaside buffer entries in a virtual machine system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/676,584 US20050080934A1 (en) 2003-09-30 2003-09-30 Invalidating translation lookaside buffer entries in a virtual machine (VM) system

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US10/973,678 Continuation US7865670B2 (en) 2003-09-30 2004-10-25 Invalidating translation lookaside buffer entries in a virtual machine (VM) system

Publications (1)

Publication Number Publication Date
US20050080934A1 true US20050080934A1 (en) 2005-04-14

Family

ID=34422112

Family Applications (4)

Application Number Title Priority Date Filing Date
US10/676,584 Abandoned US20050080934A1 (en) 2003-09-30 2003-09-30 Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US10/973,678 Expired - Fee Related US7865670B2 (en) 2003-09-30 2004-10-25 Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US12/959,109 Active 2024-07-25 US8543772B2 (en) 2003-09-30 2010-12-02 Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US13/837,648 Expired - Fee Related US8751752B2 (en) 2003-09-30 2013-03-15 Invalidating translation lookaside buffer entries in a virtual machine system

Family Applications After (3)

Application Number Title Priority Date Filing Date
US10/973,678 Expired - Fee Related US7865670B2 (en) 2003-09-30 2004-10-25 Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US12/959,109 Active 2024-07-25 US8543772B2 (en) 2003-09-30 2010-12-02 Invalidating translation lookaside buffer entries in a virtual machine (VM) system
US13/837,648 Expired - Fee Related US8751752B2 (en) 2003-09-30 2013-03-15 Invalidating translation lookaside buffer entries in a virtual machine system

Country Status (1)

Country Link
US (4) US20050080934A1 (en)

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050044408A1 (en) * 2003-08-18 2005-02-24 Bajikar Sundeep M. Low pin count docking architecture for a trusted platform
US20060069899A1 (en) * 2004-09-30 2006-03-30 Ioannis Schoinas Performance enhancement of address translation using translation tables covering large address spaces
US20060259734A1 (en) * 2005-05-13 2006-11-16 Microsoft Corporation Method and system for caching address translations from multiple address spaces in virtual machines
US20070083739A1 (en) * 2005-08-29 2007-04-12 Glew Andrew F Processor with branch predictor
US20070112999A1 (en) * 2005-11-15 2007-05-17 Microsoft Corporation Efficient power management of a system with virtual machines
US20080133889A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical instruction scheduler
US20080133883A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical store buffer
US20080133893A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical register file
US20080134174A1 (en) * 2006-12-05 2008-06-05 Microsoft Corporation Reduction of operational costs of virtual TLBs
US20080162868A1 (en) * 2006-12-28 2008-07-03 Andy Glew Means to share translation lookaside buffer (TLB) entries between different contexts
US20120330640A1 (en) * 2004-08-30 2012-12-27 International Business Machines Corporation Simplifying the deployment and serviceability of commercial software environments
CN104050017A (en) * 2014-07-01 2014-09-17 龙芯中科技术有限公司 Method and device for controlling operating virtual machine
US20150312109A1 (en) * 2014-04-24 2015-10-29 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9176741B2 (en) 2005-08-29 2015-11-03 Invention Science Fund I, Llc Method and apparatus for segmented sequential storage
US20160140051A1 (en) * 2014-11-14 2016-05-19 Cavium, Inc. Translation lookaside buffer invalidation suppression
US20160140040A1 (en) * 2014-11-14 2016-05-19 Cavium, Inc. Filtering translation lookaside buffer invalidations
US9503515B2 (en) 2014-04-24 2016-11-22 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9606824B2 (en) 2014-04-24 2017-03-28 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9612857B2 (en) 2014-04-24 2017-04-04 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9672159B2 (en) * 2015-07-02 2017-06-06 Arm Limited Translation buffer unit management
US9858099B2 (en) 2014-04-24 2018-01-02 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US20180067866A1 (en) * 2016-09-08 2018-03-08 Intel Corporation Translate on virtual machine entry
EP3333699A1 (en) * 2016-12-12 2018-06-13 INTEL Corporation System and method to improve nested virtual machine monitor performance

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080005399A1 (en) * 2006-05-16 2008-01-03 Ati Technologies Inc. Method and Apparatus for Determining the Status of Bus Requests and Responses
US8601470B2 (en) * 2007-01-05 2013-12-03 Moka5, Inc. Symbiotic smart peripherals
US9268694B2 (en) 2013-09-26 2016-02-23 Cavium, Inc. Maintenance of cache and tags in a translation lookaside buffer
US9639476B2 (en) 2013-09-26 2017-05-02 Cavium, Inc. Merged TLB structure for multiple sequential address translations
US9645941B2 (en) 2013-09-26 2017-05-09 Cavium, Inc. Collapsed address translation with multiple page sizes
US9208103B2 (en) 2013-09-26 2015-12-08 Cavium, Inc. Translation bypass in multi-stage address translation
US9384133B2 (en) 2014-05-30 2016-07-05 International Business Machines Corporation Synchronizing updates of page table status indicators and performing bulk operations
US9785554B2 (en) 2014-05-30 2017-10-10 International Business Machines Corporation Synchronizing updates of page table status indicators in a multiprocessing environment
US9501425B2 (en) * 2014-11-14 2016-11-22 Cavium, Inc. Translation lookaside buffer management
US9665505B2 (en) 2014-11-14 2017-05-30 Cavium, Inc. Managing buffered communication between sockets
US9870328B2 (en) 2014-11-14 2018-01-16 Cavium, Inc. Managing buffered communication between cores
US9910776B2 (en) 2014-11-14 2018-03-06 Cavium, Inc. Instruction ordering for in-progress operations
JP2016139322A (en) * 2015-01-28 2016-08-04 株式会社リコー Image processor and electronic blackboard provided with the same
US10216662B2 (en) * 2015-09-26 2019-02-26 Intel Corporation Hardware mechanism for performing atomic actions on remote processors
US10261916B2 (en) * 2016-03-25 2019-04-16 Advanced Micro Devices, Inc. Adaptive extension of leases for entries in a translation lookaside buffer
US9779028B1 (en) 2016-04-01 2017-10-03 Cavium, Inc. Managing translation invalidation
US10678702B2 (en) 2016-05-27 2020-06-09 Advanced Micro Devices, Inc. Using multiple memory elements in an input-output memory management unit for performing virtual address to physical address translations
US10599569B2 (en) 2016-06-23 2020-03-24 International Business Machines Corporation Maintaining consistency between address translations in a data processing system
US10169243B2 (en) 2016-07-18 2019-01-01 International Business Machines Corporation Reducing over-purging of structures associated with address translation
US10176006B2 (en) 2016-07-18 2019-01-08 International Business Machines Corporation Delaying purging of structures associated with address translation
US10802986B2 (en) 2016-07-18 2020-10-13 International Business Machines Corporation Marking to indicate memory used to back address translation structures
US10241924B2 (en) 2016-07-18 2019-03-26 International Business Machines Corporation Reducing over-purging of structures associated with address translation using an array of tags
US10180909B2 (en) 2016-07-18 2019-01-15 International Business Machines Corporation Host-based resetting of active use of guest page table indicators
US10176110B2 (en) 2016-07-18 2019-01-08 International Business Machines Corporation Marking storage keys to indicate memory used to back address translation structures
US10282305B2 (en) 2016-07-18 2019-05-07 International Business Machines Corporation Selective purging of entries of structures associated with address translation in a virtualized environment
US10223281B2 (en) 2016-07-18 2019-03-05 International Business Machines Corporation Increasing the scope of local purges of structures associated with address translation
US10176111B2 (en) 2016-07-18 2019-01-08 International Business Machines Corporation Host page management using active guest page table indicators
US10162764B2 (en) 2016-07-18 2018-12-25 International Business Machines Corporation Marking page table/page status table entries to indicate memory used to back address translation structures
US10248573B2 (en) 2016-07-18 2019-04-02 International Business Machines Corporation Managing memory used to back address translation structures
US10168902B2 (en) 2016-07-18 2019-01-01 International Business Machines Corporation Reducing purging of structures associated with address translation
US10853262B2 (en) 2016-11-29 2020-12-01 Arm Limited Memory address translation using stored key entries
US10706143B2 (en) * 2017-05-19 2020-07-07 Intel Corporation Techniques for secure-chip memory for trusted execution environments
US10169233B2 (en) 2017-06-05 2019-01-01 International Business Machines Corporation Translation lookaside buffer purging with concurrent cache updates
US10353827B2 (en) 2017-06-07 2019-07-16 International Business Machines Corporation Zone-SDID mapping scheme for TLB purges
GB2565069B (en) * 2017-07-31 2021-01-06 Advanced Risc Mach Ltd Address translation cache
US10866904B2 (en) 2017-11-22 2020-12-15 Arm Limited Data storage for multiple data types
US10929308B2 (en) * 2017-11-22 2021-02-23 Arm Limited Performing maintenance operations
US10831673B2 (en) 2017-11-22 2020-11-10 Arm Limited Memory address translation
US10867092B2 (en) 2017-12-16 2020-12-15 Intel Corporation Avoiding asynchronous enclave exits based on requests to invalidate translation lookaside buffer entries
US11847064B2 (en) 2018-12-07 2023-12-19 International Business Machines Corporation Buffer and methods for address translations in a processor
US10740239B2 (en) 2018-12-11 2020-08-11 International Business Machines Corporation Translation entry invalidation in a multithreaded data processing system
US10977183B2 (en) 2018-12-11 2021-04-13 International Business Machines Corporation Processing a sequence of translation entry invalidation requests with regard to draining a processor core
US10817434B2 (en) 2018-12-19 2020-10-27 International Business Machines Corporation Interruptible translation entry invalidation in a multithreaded data processing system
US11275697B2 (en) * 2019-05-31 2022-03-15 Apple Inc. Translation lookaside buffer invalidation for merged invalidation requests across power boundaries
US11537519B1 (en) 2021-07-29 2022-12-27 International Business Machines Corporation Marking in-flight requests affected by translation entry invalidation in a data processing system

Citations (98)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3996449A (en) * 1975-08-25 1976-12-07 International Business Machines Corporation Operating system authenticator
US4037214A (en) * 1976-04-30 1977-07-19 International Business Machines Corporation Key register controlled accessing system
US4162536A (en) * 1976-01-02 1979-07-24 Gould Inc., Modicon Div. Digital input/output system and method
US4247905A (en) * 1977-08-26 1981-01-27 Sharp Kabushiki Kaisha Memory clear system
US4276594A (en) * 1978-01-27 1981-06-30 Gould Inc. Modicon Division Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same
US4278837A (en) * 1977-10-31 1981-07-14 Best Robert M Crypto microprocessor for executing enciphered programs
US4307447A (en) * 1979-06-19 1981-12-22 Gould Inc. Programmable controller
US4319323A (en) * 1980-04-04 1982-03-09 Digital Equipment Corporation Communications device for data processing system
US4347565A (en) * 1978-12-01 1982-08-31 Fujitsu Limited Address control system for software simulation
US4366537A (en) * 1980-05-23 1982-12-28 International Business Machines Corp. Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys
US4430709A (en) * 1980-09-13 1984-02-07 Robert Bosch Gmbh Apparatus for safeguarding data entered into a microprocessor
US4521852A (en) * 1982-06-30 1985-06-04 Texas Instruments Incorporated Data processing device formed on a single semiconductor substrate having secure memory
US4571672A (en) * 1982-12-17 1986-02-18 Hitachi, Ltd. Access control method for multiprocessor systems
US4759064A (en) * 1985-10-07 1988-07-19 Chaum David L Blind unanticipated signature systems
US4795893A (en) * 1986-07-11 1989-01-03 Bull, Cp8 Security device prohibiting the function of an electronic data processing unit after a first cutoff of its electrical power
US4825052A (en) * 1985-12-31 1989-04-25 Bull Cp8 Method and apparatus for certifying services obtained using a portable carrier such as a memory card
US4907272A (en) * 1986-07-11 1990-03-06 Bull Cp8 Method for authenticating an external authorizing datum by a portable object, such as a memory card
US4907270A (en) * 1986-07-11 1990-03-06 Bull Cp8 Method for certifying the authenticity of a datum exchanged between two devices connected locally or remotely by a transmission line
US4910774A (en) * 1987-07-10 1990-03-20 Schlumberger Industries Method and system for suthenticating electronic memory cards
US5007082A (en) * 1988-08-03 1991-04-09 Kelly Services, Inc. Computer software encryption apparatus
US5022077A (en) * 1989-08-25 1991-06-04 International Business Machines Corp. Apparatus and method for preventing unauthorized access to BIOS in a personal computer system
US5075842A (en) * 1989-12-22 1991-12-24 Intel Corporation Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism
US5079737A (en) * 1988-10-25 1992-01-07 United Technologies Corporation Memory management unit for the MIL-STD 1750 bus
US5139760A (en) * 1989-02-28 1992-08-18 Mizusawa Industrial Chemicals, Ltd. Amorphous silica-alumina spherical particles and process for preparation thereof
US5255379A (en) * 1990-12-28 1993-10-19 Sun Microsystems, Inc. Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 80486 processor
US5293424A (en) * 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5317705A (en) * 1990-10-24 1994-05-31 International Business Machines Corporation Apparatus and method for TLB purge reduction in a multi-level machine system
US5319760A (en) * 1991-06-28 1994-06-07 Digital Equipment Corporation Translation buffer for virtual machines with address space match
US5386552A (en) * 1991-10-21 1995-01-31 Intel Corporation Preservation of a computer system processing state in a mass storage device
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
US5434999A (en) * 1988-11-09 1995-07-18 Bull Cp8 Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal
US5437033A (en) * 1990-11-16 1995-07-25 Hitachi, Ltd. System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode
US5442645A (en) * 1989-06-06 1995-08-15 Bull Cp8 Method for checking the integrity of a program or data, and apparatus for implementing this method
US5455909A (en) * 1991-07-05 1995-10-03 Chips And Technologies Inc. Microprocessor with operation capture facility
US5459867A (en) * 1989-10-20 1995-10-17 Iomega Corporation Kernels, description tables, and device drivers
US5459869A (en) * 1994-02-17 1995-10-17 Spilo; Michael L. Method for providing protected mode services for device drivers and other resident software
US5469557A (en) * 1993-03-05 1995-11-21 Microchip Technology Incorporated Code protection in microcontroller with EEPROM fuses
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US5479509A (en) * 1993-04-06 1995-12-26 Bull Cp8 Method for signature of an information processing file, and apparatus for implementing it
US5504922A (en) * 1989-06-30 1996-04-02 Hitachi, Ltd. Virtual machine with hardware display controllers for base and target machines
US5511217A (en) * 1992-11-30 1996-04-23 Hitachi, Ltd. Computer system of virtual machines sharing a vector processor
US5522075A (en) * 1991-06-28 1996-05-28 Digital Equipment Corporation Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces
US5528231A (en) * 1993-06-08 1996-06-18 Bull Cp8 Method for the authentication of a portable object by an offline terminal, and apparatus for implementing the process
US5533126A (en) * 1993-04-22 1996-07-02 Bull Cp8 Key protection device for smart cards
US5566323A (en) * 1988-12-20 1996-10-15 Bull Cp8 Data processing system including programming voltage inhibitor for an electrically erasable reprogrammable nonvolatile memory
US5604805A (en) * 1994-02-28 1997-02-18 Brands; Stefanus A. Privacy-protected transfer of electronic information
US5606617A (en) * 1994-10-14 1997-02-25 Brands; Stefanus A. Secret-key certificates
US5615263A (en) * 1995-01-06 1997-03-25 Vlsi Technology, Inc. Dual purpose security architecture with protected internal operating system
US5628022A (en) * 1993-06-04 1997-05-06 Hitachi, Ltd. Microcomputer with programmable ROM
US5633929A (en) * 1995-09-15 1997-05-27 Rsa Data Security, Inc Cryptographic key escrow system having reduced vulnerability to harvesting attacks
US5657445A (en) * 1996-01-26 1997-08-12 Dell Usa, L.P. Apparatus and method for limiting access to mass storage devices in a computer system
US5717903A (en) * 1995-05-15 1998-02-10 Compaq Computer Corporation Method and appartus for emulating a peripheral device to allow device driver development before availability of the peripheral device
US5720609A (en) * 1991-01-09 1998-02-24 Pfefferle; William Charles Catalytic method
US5721222A (en) * 1992-04-16 1998-02-24 Zeneca Limited Heterocyclic ketones
US5729760A (en) * 1996-06-21 1998-03-17 Intel Corporation System for providing first type access to register if processor in first mode and second type access to register if processor not in first mode
US5737604A (en) * 1989-11-03 1998-04-07 Compaq Computer Corporation Method and apparatus for independently resetting processors and cache controllers in multiple processor systems
US5737760A (en) * 1995-10-06 1998-04-07 Motorola Inc. Microcontroller with security logic circuit which prevents reading of internal memory by external program
US5757919A (en) * 1996-12-12 1998-05-26 Intel Corporation Cryptographically protected paging subsystem
US5764969A (en) * 1995-02-10 1998-06-09 International Business Machines Corporation Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization
US5796835A (en) * 1992-10-27 1998-08-18 Bull Cp8 Method and system for writing information in a data carrier making it possible to later certify the originality of this information
US5796845A (en) * 1994-05-23 1998-08-18 Matsushita Electric Industrial Co., Ltd. Sound field and sound image control apparatus and method
US5805712A (en) * 1994-05-31 1998-09-08 Intel Corporation Apparatus and method for providing secured communications
US5825875A (en) * 1994-10-11 1998-10-20 Cp8 Transac Process for loading a protected storage zone of an information processing device, and associated device
US5835594A (en) * 1996-02-09 1998-11-10 Intel Corporation Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage
US5844986A (en) * 1996-09-30 1998-12-01 Intel Corporation Secure BIOS
US5852717A (en) * 1996-11-20 1998-12-22 Shiva Corporation Performance optimizations for computer networks utilizing HTTP
US5854913A (en) * 1995-06-07 1998-12-29 International Business Machines Corporation Microprocessor with an architecture mode control capable of supporting extensions of two distinct instruction-set architectures
US5867577A (en) * 1994-03-09 1999-02-02 Bull Cp8 Method and apparatus for authenticating a data carrier intended to enable a transaction or access to a service or a location, and corresponding carrier
US5872994A (en) * 1995-11-10 1999-02-16 Nec Corporation Flash memory incorporating microcomputer having on-board writing function
US5890189A (en) * 1991-11-29 1999-03-30 Kabushiki Kaisha Toshiba Memory management and protection system for virtual memory in computer system
US5901225A (en) * 1996-12-05 1999-05-04 Advanced Micro Devices, Inc. System and method for performing software patches in embedded systems
US5900606A (en) * 1995-03-10 1999-05-04 Schlumberger Industries, S.A. Method of writing information securely in a portable medium
US5903752A (en) * 1994-10-13 1999-05-11 Intel Corporation Method and apparatus for embedding a real-time multi-tasking kernel in a non-real-time operating system
US5935247A (en) * 1997-09-18 1999-08-10 Geneticware Co., Ltd. Computer system having a genetic code that cannot be directly accessed and a method of maintaining the same
US5937063A (en) * 1996-09-30 1999-08-10 Intel Corporation Secure boot
US5953502A (en) * 1997-02-13 1999-09-14 Helbig, Sr.; Walter A Method and apparatus for enhancing computer system security
US5956408A (en) * 1994-09-15 1999-09-21 International Business Machines Corporation Apparatus and method for secure distribution of data
US5970147A (en) * 1997-09-30 1999-10-19 Intel Corporation System and method for configuring and registering a cryptographic device
US5978475A (en) * 1997-07-18 1999-11-02 Counterpane Internet Security, Inc. Event auditing system
US5978481A (en) * 1994-08-16 1999-11-02 Intel Corporation Modem compatible method and apparatus for encrypting data that is transparent to software applications
US5987557A (en) * 1997-06-19 1999-11-16 Sun Microsystems, Inc. Method and apparatus for implementing hardware protection domains in a system with no memory management unit (MMU)
US6014745A (en) * 1997-07-17 2000-01-11 Silicon Systems Design Ltd. Protection for customer programs (EPROM)
US6044478A (en) * 1997-05-30 2000-03-28 National Semiconductor Corporation Cache with finely granular locked-down regions
US6055637A (en) * 1996-09-27 2000-04-25 Electronic Data Systems Corporation System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential
US6058478A (en) * 1994-09-30 2000-05-02 Intel Corporation Apparatus and method for a vetted field upgrade
US6061794A (en) * 1997-09-30 2000-05-09 Compaq Computer Corp. System and method for performing secure device communications in a peer-to-peer bus architecture
US6075938A (en) * 1997-06-10 2000-06-13 The Board Of Trustees Of The Leland Stanford Junior University Virtual machine monitors for scalable multiprocessors
US6085296A (en) * 1997-11-12 2000-07-04 Digital Equipment Corporation Sharing memory pages and page tables among computer processes
US6088262A (en) * 1997-02-27 2000-07-11 Seiko Epson Corporation Semiconductor device and electronic equipment having a non-volatile memory with a security function
US6092095A (en) * 1996-01-08 2000-07-18 Smart Link Ltd. Real-time task manager for a personal computer
US6093213A (en) * 1995-10-06 2000-07-25 Advanced Micro Devices, Inc. Flexible implementation of a system management mode (SMM) in a processor
US6101584A (en) * 1996-11-05 2000-08-08 Mitsubishi Denki Kabushiki Kaisha Computer system and semiconductor device on one chip including a memory and central processing unit for making interlock access to the memory
US6115816A (en) * 1996-12-18 2000-09-05 Intel Corporation Optimized security functionality in an electronic system
US6125430A (en) * 1996-05-03 2000-09-26 Compaq Computer Corporation Virtual memory allocation in a virtual address space having an inaccessible gap
US6148379A (en) * 1997-09-19 2000-11-14 Silicon Graphics, Inc. System, method and computer program product for page sharing between fault-isolated cells in a distributed shared memory system
US6158546A (en) * 1999-06-25 2000-12-12 Tenneco Automotive Inc. Straight through muffler with conically-ended output passage
US6674536B2 (en) * 1997-04-30 2004-01-06 Canon Kabushiki Kaisha Multi-instruction stream processor
US6839813B2 (en) * 2000-08-21 2005-01-04 Texas Instruments Incorporated TLB operations based on shared bit

Family Cites Families (97)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3014745A (en) 1959-10-26 1961-12-26 Bendix Corp Sheet metal locking means
US4975836A (en) 1984-12-19 1990-12-04 Hitachi, Ltd. Virtual computer system
JPS61206057A (en) 1985-03-11 1986-09-12 Hitachi Ltd Address converting device
JPH02171934A (en) 1988-12-26 1990-07-03 Hitachi Ltd Virtual machine system
JPH02208740A (en) 1989-02-09 1990-08-20 Fujitsu Ltd Virtual computer control system
US5781753A (en) 1989-02-24 1998-07-14 Advanced Micro Devices, Inc. Semi-autonomous RISC pipelines for overlapped execution of RISC-like instructions within the multiple superscalar execution units of a processor having distributed pipeline control for speculative and out-of-order execution of complex instructions
JP2825550B2 (en) 1989-09-21 1998-11-18 株式会社日立製作所 Multiple virtual space address control method and computer system
JP2593721B2 (en) 1990-01-08 1997-03-26 松下電器産業株式会社 Information recording / reproducing device
EP0473913A3 (en) 1990-09-04 1992-12-16 International Business Machines Corporation Method and apparatus for providing a service pool of virtual machines for a plurality of vm users
US5108590A (en) 1990-09-12 1992-04-28 Disanto Dennis Water dispenser
US5230069A (en) 1990-10-02 1993-07-20 International Business Machines Corporation Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system
US5446904A (en) 1991-05-17 1995-08-29 Zenith Data Systems Corporation Suspend/resume capability for a protected mode microprocessor
JPH04348434A (en) 1991-05-27 1992-12-03 Hitachi Ltd Virtual computer system
US5574936A (en) 1992-01-02 1996-11-12 Amdahl Corporation Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB) in a computer system
US5610981A (en) 1992-06-04 1997-03-11 Integrated Technologies Of America, Inc. Preboot protection for a data security system with anti-intrusion capability
EP0600112A1 (en) 1992-11-30 1994-06-08 Siemens Nixdorf Informationssysteme Aktiengesellschaft Data processing system with virtual memory addressing and memory access controlled by keys
JPH06187178A (en) 1992-12-18 1994-07-08 Hitachi Ltd Input and output interruption control method for virtual computer system
US5555385A (en) 1993-10-27 1996-09-10 International Business Machines Corporation Allocation of address spaces within virtual machine compute system
US5533123A (en) 1994-06-28 1996-07-02 National Semiconductor Corporation Programmable distributed personal security
US5564040A (en) 1994-11-08 1996-10-08 International Business Machines Corporation Method and apparatus for providing a server function in a logically partitioned hardware machine
US6269392B1 (en) 1994-11-15 2001-07-31 Christian Cotichini Method and apparatus to monitor and locate an electronic device using a secured intelligent agent
US5555414A (en) 1994-12-14 1996-09-10 International Business Machines Corporation Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals
FR2734632B1 (en) 1995-05-24 1997-07-25 Sextant Avionique GYROMETRIC DETECTION METHOD AND SAMPLE OPTICAL GYROMETER FOR CARRYING OUT SAID METHOD
DE29513700U1 (en) 1995-08-25 1996-09-19 Siemens Ag Motor-gear drive unit, in particular for a motor vehicle window regulator drive or the like.
EP0880840A4 (en) 1996-01-11 2002-10-23 Mrj Inc System for controlling access and distribution of digital property
IL117085A (en) 1996-02-08 2005-07-25 Milsys Ltd Secure computer system
US6178509B1 (en) 1996-06-13 2001-01-23 Intel Corporation Tamper resistant methods and apparatus
US6175925B1 (en) 1996-06-13 2001-01-16 Intel Corporation Tamper resistant player for scrambled contents
US6205550B1 (en) 1996-06-13 2001-03-20 Intel Corporation Tamper resistant methods and apparatus
DE19649292A1 (en) 1996-11-28 1998-06-04 Deutsche Telekom Ag Access protection method for pay television
WO1998031511A1 (en) 1997-01-17 1998-07-23 Willi Hahn Gmbh & Co. Kg Turning tool system
US6412035B1 (en) 1997-02-03 2002-06-25 Real Time, Inc. Apparatus and method for decreasing the response times of interrupt service routines
US6148401A (en) 1997-02-05 2000-11-14 At&T Corp. System and method for providing assurance to a host that a piece of software possesses a particular property
EP0970411B1 (en) 1997-03-27 2002-05-15 BRITISH TELECOMMUNICATIONS public limited company Copy protection of data
US6272637B1 (en) 1997-04-14 2001-08-07 Dallas Semiconductor Corporation Systems and methods for protecting access to encrypted information
US6557104B2 (en) 1997-05-02 2003-04-29 Phoenix Technologies Ltd. Method and apparatus for secure processing of cryptographic keys
US6175924B1 (en) 1997-06-20 2001-01-16 International Business Machines Corp. Method and apparatus for protecting application data in secure storage areas
US6212635B1 (en) 1997-07-18 2001-04-03 David C. Reardon Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place
US6188995B1 (en) 1997-07-28 2001-02-13 Apple Computer, Inc. Method and apparatus for enforcing software licenses
DE19735948C1 (en) 1997-08-19 1998-10-01 Siemens Nixdorf Inf Syst Method for improving controllability in data processing equipment with translation-look-aside-buffer (TLB)
US6282657B1 (en) 1997-09-16 2001-08-28 Safenet, Inc. Kernel mode protection
US6182089B1 (en) 1997-09-23 2001-01-30 Silicon Graphics, Inc. Method, system and computer program product for dynamically allocating large memory pages of different sizes
US6357004B1 (en) 1997-09-30 2002-03-12 Intel Corporation System and method for ensuring integrity throughout post-processing
US5987604A (en) 1997-10-07 1999-11-16 Phoenix Technologies, Ltd. Method and apparatus for providing execution of system management mode services in virtual mode
US6055639A (en) 1997-10-10 2000-04-25 Unisys Corporation Synchronous message control system in a Kerberos domain
US6219787B1 (en) 1997-12-22 2001-04-17 Texas Instruments Incorporated Method and apparatus for extending security model to native code
US6378072B1 (en) 1998-02-03 2002-04-23 Compaq Computer Corporation Cryptographic system
US6308270B1 (en) 1998-02-13 2001-10-23 Schlumberger Technologies, Inc. Validating and certifying execution of a software program with a smart card
US6192455B1 (en) 1998-03-30 2001-02-20 Intel Corporation Apparatus and method for preventing access to SMRAM space through AGP addressing
US6374286B1 (en) 1998-04-06 2002-04-16 Rockwell Collins, Inc. Real time processor capable of concurrently running multiple independent JAVA machines
US6173417B1 (en) 1998-04-30 2001-01-09 Intel Corporation Initializing and restarting operating systems
US6339826B2 (en) 1998-05-05 2002-01-15 International Business Machines Corp. Client-server system for maintaining a user desktop consistent with server application user access permissions
US6397242B1 (en) 1998-05-15 2002-05-28 Vmware, Inc. Virtualization system including a virtual machine monitor for a computer with a segmented architecture
FR2778998B1 (en) 1998-05-20 2000-06-30 Schlumberger Ind Sa METHOD FOR AUTHENTICATING A PERSONAL CODE OF A USER OF AN INTEGRATED CIRCUIT CARD
DE69942712D1 (en) 1998-05-29 2010-10-14 Texas Instruments Inc Secure computing device
US6421702B1 (en) 1998-06-09 2002-07-16 Advanced Micro Devices, Inc. Interrupt driven isochronous task scheduler system
NZ509018A (en) 1998-06-17 2002-06-28 Aristocrat Technologies Au Software verification and authentication
US6339815B1 (en) 1998-08-14 2002-01-15 Silicon Storage Technology, Inc. Microcontroller system having allocation circuitry to selectively allocate and/or hide portions of a program memory address space
US6505279B1 (en) 1998-08-14 2003-01-07 Silicon Storage Technology, Inc. Microcontroller system having security circuitry to selectively lock portions of a program memory address space
JP2000076139A (en) 1998-08-28 2000-03-14 Nippon Telegr & Teleph Corp <Ntt> Portable information storage medium
US6363485B1 (en) 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US6463535B1 (en) 1998-10-05 2002-10-08 Intel Corporation System and method for verifying the integrity and authorization of software before execution in a local platform
US6230248B1 (en) 1998-10-12 2001-05-08 Institute For The Development Of Emerging Architectures, L.L.C. Method and apparatus for pre-validating regions in a virtual addressing scheme
US6330670B1 (en) 1998-10-26 2001-12-11 Microsoft Corporation Digital rights management operating system
US6445797B1 (en) 1998-12-16 2002-09-03 Secure Choice Llc Method and system for performing secure electronic digital streaming
US6463537B1 (en) 1999-01-04 2002-10-08 Codex Technologies, Inc. Modified computer motherboard security and identification system
US6282650B1 (en) 1999-01-25 2001-08-28 Intel Corporation Secure public digital watermark
US6188257B1 (en) 1999-02-01 2001-02-13 Vlsi Technology, Inc. Power-on-reset logic with secure power down capability
EP1030237A1 (en) 1999-02-15 2000-08-23 Hewlett-Packard Company Trusted hardware device in a computer
US6272533B1 (en) 1999-02-16 2001-08-07 Hendrik A. Browne Secure computer system and method of providing secure access to a computer system including a stand alone switch operable to inhibit data corruption on a storage device
CA2368858A1 (en) 1999-04-12 2000-10-19 Digital Media On Demand, Inc. Secure electronic commerce system
US6389537B1 (en) 1999-04-23 2002-05-14 Intel Corporation Platform and method for assuring integrity of trusted agent communications
US6275933B1 (en) 1999-04-30 2001-08-14 3Com Corporation Security system for a computerized apparatus
US6321314B1 (en) 1999-06-09 2001-11-20 Ati International S.R.L. Method and apparatus for restricting memory access
US6633981B1 (en) 1999-06-18 2003-10-14 Intel Corporation Electronic system and method for controlling access through user authentication
US6301646B1 (en) 1999-07-30 2001-10-09 Curl Corporation Pointer verification system and method
JP2001148344A (en) 1999-09-09 2001-05-29 Nikon Corp Aligner, method for controlling output of energy source, laser using the method and method for manufacturing device
EP1085396A1 (en) 1999-09-17 2001-03-21 Hewlett-Packard Company Operation of trusted state in computing platform
US6535988B1 (en) 1999-09-29 2003-03-18 Intel Corporation System for detecting over-clocking uses a reference signal thereafter preventing over-clocking by reducing clock rate
US6374317B1 (en) 1999-10-07 2002-04-16 Intel Corporation Method and apparatus for initializing a computer interface
GB9923802D0 (en) 1999-10-08 1999-12-08 Hewlett Packard Co User authentication
GB9923804D0 (en) 1999-10-08 1999-12-08 Hewlett Packard Co Electronic commerce system
US6292874B1 (en) 1999-10-19 2001-09-18 Advanced Technology Materials, Inc. Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges
WO2001063994A2 (en) 2000-02-23 2001-08-30 Iridian Technologies, Inc. Tamper proof case for electronic devices having memories with sensitive information
WO2001063567A2 (en) 2000-02-25 2001-08-30 Identix Incorporated Secure transaction system
AU2001243365A1 (en) 2000-03-02 2001-09-12 Alarity Corporation System and method for process protection
CA2341931C (en) 2000-03-24 2006-05-30 Contentguard Holdings, Inc. System and method for protection of digital works
US6990579B1 (en) 2000-03-31 2006-01-24 Intel Corporation Platform and method for remote attestation of a platform
US6795905B1 (en) 2000-03-31 2004-09-21 Intel Corporation Controlling accesses to isolated memory using a memory controller for isolated execution
US6507904B1 (en) 2000-03-31 2003-01-14 Intel Corporation Executing isolated mode instructions in a secure system running in privilege rings
US6633963B1 (en) 2000-03-31 2003-10-14 Intel Corporation Controlling access to multiple memory zones in an isolated execution environment
US20020062452A1 (en) 2000-08-18 2002-05-23 Warwick Ford Countering credentials copying
WO2002086684A2 (en) 2001-04-24 2002-10-31 Hewlett-Packard Company An information security system
US7676430B2 (en) 2001-05-09 2010-03-09 Lenovo (Singapore) Ptd. Ltd. System and method for installing a remote credit card authorization on a system with a TCPA complaint chipset
EP1271277A3 (en) 2001-06-26 2003-02-05 Redstrike B.V. Security system and software to prevent unauthorized use of a computing device
US20030018892A1 (en) 2001-07-19 2003-01-23 Jose Tello Computer with a modified north bridge, security engine and smart card having a secure boot capability and method for secure booting a computer
JP2005352395A (en) 2004-06-14 2005-12-22 Fujinon Corp Insertion/extraction device of optical element

Patent Citations (99)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3996449A (en) * 1975-08-25 1976-12-07 International Business Machines Corporation Operating system authenticator
US4162536A (en) * 1976-01-02 1979-07-24 Gould Inc., Modicon Div. Digital input/output system and method
US4037214A (en) * 1976-04-30 1977-07-19 International Business Machines Corporation Key register controlled accessing system
US4247905A (en) * 1977-08-26 1981-01-27 Sharp Kabushiki Kaisha Memory clear system
US4278837A (en) * 1977-10-31 1981-07-14 Best Robert M Crypto microprocessor for executing enciphered programs
US4276594A (en) * 1978-01-27 1981-06-30 Gould Inc. Modicon Division Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same
US4347565A (en) * 1978-12-01 1982-08-31 Fujitsu Limited Address control system for software simulation
US4307447A (en) * 1979-06-19 1981-12-22 Gould Inc. Programmable controller
US4319323A (en) * 1980-04-04 1982-03-09 Digital Equipment Corporation Communications device for data processing system
US4366537A (en) * 1980-05-23 1982-12-28 International Business Machines Corp. Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys
US4430709A (en) * 1980-09-13 1984-02-07 Robert Bosch Gmbh Apparatus for safeguarding data entered into a microprocessor
US4521852A (en) * 1982-06-30 1985-06-04 Texas Instruments Incorporated Data processing device formed on a single semiconductor substrate having secure memory
US4571672A (en) * 1982-12-17 1986-02-18 Hitachi, Ltd. Access control method for multiprocessor systems
US4759064A (en) * 1985-10-07 1988-07-19 Chaum David L Blind unanticipated signature systems
US4825052A (en) * 1985-12-31 1989-04-25 Bull Cp8 Method and apparatus for certifying services obtained using a portable carrier such as a memory card
US4795893A (en) * 1986-07-11 1989-01-03 Bull, Cp8 Security device prohibiting the function of an electronic data processing unit after a first cutoff of its electrical power
US4907272A (en) * 1986-07-11 1990-03-06 Bull Cp8 Method for authenticating an external authorizing datum by a portable object, such as a memory card
US4907270A (en) * 1986-07-11 1990-03-06 Bull Cp8 Method for certifying the authenticity of a datum exchanged between two devices connected locally or remotely by a transmission line
US4910774A (en) * 1987-07-10 1990-03-20 Schlumberger Industries Method and system for suthenticating electronic memory cards
US5007082A (en) * 1988-08-03 1991-04-09 Kelly Services, Inc. Computer software encryption apparatus
US5079737A (en) * 1988-10-25 1992-01-07 United Technologies Corporation Memory management unit for the MIL-STD 1750 bus
US5434999A (en) * 1988-11-09 1995-07-18 Bull Cp8 Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal
US5566323A (en) * 1988-12-20 1996-10-15 Bull Cp8 Data processing system including programming voltage inhibitor for an electrically erasable reprogrammable nonvolatile memory
US5139760A (en) * 1989-02-28 1992-08-18 Mizusawa Industrial Chemicals, Ltd. Amorphous silica-alumina spherical particles and process for preparation thereof
US5442645A (en) * 1989-06-06 1995-08-15 Bull Cp8 Method for checking the integrity of a program or data, and apparatus for implementing this method
US5504922A (en) * 1989-06-30 1996-04-02 Hitachi, Ltd. Virtual machine with hardware display controllers for base and target machines
US5022077A (en) * 1989-08-25 1991-06-04 International Business Machines Corp. Apparatus and method for preventing unauthorized access to BIOS in a personal computer system
US5459867A (en) * 1989-10-20 1995-10-17 Iomega Corporation Kernels, description tables, and device drivers
US5737604A (en) * 1989-11-03 1998-04-07 Compaq Computer Corporation Method and apparatus for independently resetting processors and cache controllers in multiple processor systems
US5075842A (en) * 1989-12-22 1991-12-24 Intel Corporation Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism
US5317705A (en) * 1990-10-24 1994-05-31 International Business Machines Corporation Apparatus and method for TLB purge reduction in a multi-level machine system
US5437033A (en) * 1990-11-16 1995-07-25 Hitachi, Ltd. System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode
US5255379A (en) * 1990-12-28 1993-10-19 Sun Microsystems, Inc. Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 80486 processor
US5720609A (en) * 1991-01-09 1998-02-24 Pfefferle; William Charles Catalytic method
US5522075A (en) * 1991-06-28 1996-05-28 Digital Equipment Corporation Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces
US5319760A (en) * 1991-06-28 1994-06-07 Digital Equipment Corporation Translation buffer for virtual machines with address space match
US5455909A (en) * 1991-07-05 1995-10-03 Chips And Technologies Inc. Microprocessor with operation capture facility
US5386552A (en) * 1991-10-21 1995-01-31 Intel Corporation Preservation of a computer system processing state in a mass storage device
US5890189A (en) * 1991-11-29 1999-03-30 Kabushiki Kaisha Toshiba Memory management and protection system for virtual memory in computer system
US5721222A (en) * 1992-04-16 1998-02-24 Zeneca Limited Heterocyclic ketones
US5421006A (en) * 1992-05-07 1995-05-30 Compaq Computer Corp. Method and apparatus for assessing integrity of computer system software
US5293424A (en) * 1992-10-14 1994-03-08 Bull Hn Information Systems Inc. Secure memory card
US5796835A (en) * 1992-10-27 1998-08-18 Bull Cp8 Method and system for writing information in a data carrier making it possible to later certify the originality of this information
US5511217A (en) * 1992-11-30 1996-04-23 Hitachi, Ltd. Computer system of virtual machines sharing a vector processor
US5469557A (en) * 1993-03-05 1995-11-21 Microchip Technology Incorporated Code protection in microcontroller with EEPROM fuses
US5479509A (en) * 1993-04-06 1995-12-26 Bull Cp8 Method for signature of an information processing file, and apparatus for implementing it
US5533126A (en) * 1993-04-22 1996-07-02 Bull Cp8 Key protection device for smart cards
US5628022A (en) * 1993-06-04 1997-05-06 Hitachi, Ltd. Microcomputer with programmable ROM
US5528231A (en) * 1993-06-08 1996-06-18 Bull Cp8 Method for the authentication of a portable object by an offline terminal, and apparatus for implementing the process
US5459869A (en) * 1994-02-17 1995-10-17 Spilo; Michael L. Method for providing protected mode services for device drivers and other resident software
US5604805A (en) * 1994-02-28 1997-02-18 Brands; Stefanus A. Privacy-protected transfer of electronic information
US5867577A (en) * 1994-03-09 1999-02-02 Bull Cp8 Method and apparatus for authenticating a data carrier intended to enable a transaction or access to a service or a location, and corresponding carrier
US5796845A (en) * 1994-05-23 1998-08-18 Matsushita Electric Industrial Co., Ltd. Sound field and sound image control apparatus and method
US5805712A (en) * 1994-05-31 1998-09-08 Intel Corporation Apparatus and method for providing secured communications
US5978481A (en) * 1994-08-16 1999-11-02 Intel Corporation Modem compatible method and apparatus for encrypting data that is transparent to software applications
US5568552A (en) * 1994-09-07 1996-10-22 Intel Corporation Method for providing a roving software license from one node to another node
US5473692A (en) * 1994-09-07 1995-12-05 Intel Corporation Roving software license for a hardware agent
US5956408A (en) * 1994-09-15 1999-09-21 International Business Machines Corporation Apparatus and method for secure distribution of data
US6058478A (en) * 1994-09-30 2000-05-02 Intel Corporation Apparatus and method for a vetted field upgrade
US5825875A (en) * 1994-10-11 1998-10-20 Cp8 Transac Process for loading a protected storage zone of an information processing device, and associated device
US5903752A (en) * 1994-10-13 1999-05-11 Intel Corporation Method and apparatus for embedding a real-time multi-tasking kernel in a non-real-time operating system
US5606617A (en) * 1994-10-14 1997-02-25 Brands; Stefanus A. Secret-key certificates
US5615263A (en) * 1995-01-06 1997-03-25 Vlsi Technology, Inc. Dual purpose security architecture with protected internal operating system
US5764969A (en) * 1995-02-10 1998-06-09 International Business Machines Corporation Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization
US5900606A (en) * 1995-03-10 1999-05-04 Schlumberger Industries, S.A. Method of writing information securely in a portable medium
US5717903A (en) * 1995-05-15 1998-02-10 Compaq Computer Corporation Method and appartus for emulating a peripheral device to allow device driver development before availability of the peripheral device
US5854913A (en) * 1995-06-07 1998-12-29 International Business Machines Corporation Microprocessor with an architecture mode control capable of supporting extensions of two distinct instruction-set architectures
US5633929A (en) * 1995-09-15 1997-05-27 Rsa Data Security, Inc Cryptographic key escrow system having reduced vulnerability to harvesting attacks
US5737760A (en) * 1995-10-06 1998-04-07 Motorola Inc. Microcontroller with security logic circuit which prevents reading of internal memory by external program
US6093213A (en) * 1995-10-06 2000-07-25 Advanced Micro Devices, Inc. Flexible implementation of a system management mode (SMM) in a processor
US5872994A (en) * 1995-11-10 1999-02-16 Nec Corporation Flash memory incorporating microcomputer having on-board writing function
US6092095A (en) * 1996-01-08 2000-07-18 Smart Link Ltd. Real-time task manager for a personal computer
US5657445A (en) * 1996-01-26 1997-08-12 Dell Usa, L.P. Apparatus and method for limiting access to mass storage devices in a computer system
US5835594A (en) * 1996-02-09 1998-11-10 Intel Corporation Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage
US6125430A (en) * 1996-05-03 2000-09-26 Compaq Computer Corporation Virtual memory allocation in a virtual address space having an inaccessible gap
US5729760A (en) * 1996-06-21 1998-03-17 Intel Corporation System for providing first type access to register if processor in first mode and second type access to register if processor not in first mode
US6055637A (en) * 1996-09-27 2000-04-25 Electronic Data Systems Corporation System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential
US5937063A (en) * 1996-09-30 1999-08-10 Intel Corporation Secure boot
US5844986A (en) * 1996-09-30 1998-12-01 Intel Corporation Secure BIOS
US6101584A (en) * 1996-11-05 2000-08-08 Mitsubishi Denki Kabushiki Kaisha Computer system and semiconductor device on one chip including a memory and central processing unit for making interlock access to the memory
US5852717A (en) * 1996-11-20 1998-12-22 Shiva Corporation Performance optimizations for computer networks utilizing HTTP
US5901225A (en) * 1996-12-05 1999-05-04 Advanced Micro Devices, Inc. System and method for performing software patches in embedded systems
US5757919A (en) * 1996-12-12 1998-05-26 Intel Corporation Cryptographically protected paging subsystem
US6115816A (en) * 1996-12-18 2000-09-05 Intel Corporation Optimized security functionality in an electronic system
US5953502A (en) * 1997-02-13 1999-09-14 Helbig, Sr.; Walter A Method and apparatus for enhancing computer system security
US6088262A (en) * 1997-02-27 2000-07-11 Seiko Epson Corporation Semiconductor device and electronic equipment having a non-volatile memory with a security function
US6674536B2 (en) * 1997-04-30 2004-01-06 Canon Kabushiki Kaisha Multi-instruction stream processor
US6044478A (en) * 1997-05-30 2000-03-28 National Semiconductor Corporation Cache with finely granular locked-down regions
US6075938A (en) * 1997-06-10 2000-06-13 The Board Of Trustees Of The Leland Stanford Junior University Virtual machine monitors for scalable multiprocessors
US5987557A (en) * 1997-06-19 1999-11-16 Sun Microsystems, Inc. Method and apparatus for implementing hardware protection domains in a system with no memory management unit (MMU)
US6014745A (en) * 1997-07-17 2000-01-11 Silicon Systems Design Ltd. Protection for customer programs (EPROM)
US5978475A (en) * 1997-07-18 1999-11-02 Counterpane Internet Security, Inc. Event auditing system
US5935247A (en) * 1997-09-18 1999-08-10 Geneticware Co., Ltd. Computer system having a genetic code that cannot be directly accessed and a method of maintaining the same
US6148379A (en) * 1997-09-19 2000-11-14 Silicon Graphics, Inc. System, method and computer program product for page sharing between fault-isolated cells in a distributed shared memory system
US6061794A (en) * 1997-09-30 2000-05-09 Compaq Computer Corp. System and method for performing secure device communications in a peer-to-peer bus architecture
US5970147A (en) * 1997-09-30 1999-10-19 Intel Corporation System and method for configuring and registering a cryptographic device
US6085296A (en) * 1997-11-12 2000-07-04 Digital Equipment Corporation Sharing memory pages and page tables among computer processes
US6158546A (en) * 1999-06-25 2000-12-12 Tenneco Automotive Inc. Straight through muffler with conically-ended output passage
US6839813B2 (en) * 2000-08-21 2005-01-04 Texas Instruments Incorporated TLB operations based on shared bit

Cited By (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050044408A1 (en) * 2003-08-18 2005-02-24 Bajikar Sundeep M. Low pin count docking architecture for a trusted platform
US20120330640A1 (en) * 2004-08-30 2012-12-27 International Business Machines Corporation Simplifying the deployment and serviceability of commercial software environments
US8762965B2 (en) * 2004-08-30 2014-06-24 International Business Machines Corporation Simplifying the deployment and serviceability of commercial software environments
US20060069899A1 (en) * 2004-09-30 2006-03-30 Ioannis Schoinas Performance enhancement of address translation using translation tables covering large address spaces
US20100011187A1 (en) * 2004-09-30 2010-01-14 Ioannis Schoinas Performance enhancement of address translation using translation tables covering large address spaces
US8843727B2 (en) * 2004-09-30 2014-09-23 Intel Corporation Performance enhancement of address translation using translation tables covering large address spaces
US7363463B2 (en) * 2005-05-13 2008-04-22 Microsoft Corporation Method and system for caching address translations from multiple address spaces in virtual machines
US20080215848A1 (en) * 2005-05-13 2008-09-04 John Te-Jui Sheu Method and System For Caching Address Translations From Multiple Address Spaces In Virtual Machines
US20060259734A1 (en) * 2005-05-13 2006-11-16 Microsoft Corporation Method and system for caching address translations from multiple address spaces in virtual machines
US8095771B2 (en) 2005-05-13 2012-01-10 Microsoft Corporation Method and system for caching address translations from multiple address spaces in virtual machines
US7644258B2 (en) 2005-08-29 2010-01-05 Searete, Llc Hybrid branch predictor using component predictors each having confidence and override signals
US9176741B2 (en) 2005-08-29 2015-11-03 Invention Science Fund I, Llc Method and apparatus for segmented sequential storage
US20080133889A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical instruction scheduler
US20080133883A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical store buffer
US20070083739A1 (en) * 2005-08-29 2007-04-12 Glew Andrew F Processor with branch predictor
US8028152B2 (en) 2005-08-29 2011-09-27 The Invention Science Fund I, Llc Hierarchical multi-threading processor for executing virtual threads in a time-multiplexed fashion
US8037288B2 (en) 2005-08-29 2011-10-11 The Invention Science Fund I, Llc Hybrid branch predictor having negative ovedrride signals
US20080133893A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical register file
US8266412B2 (en) 2005-08-29 2012-09-11 The Invention Science Fund I, Llc Hierarchical store buffer having segmented partitions
US8275976B2 (en) 2005-08-29 2012-09-25 The Invention Science Fund I, Llc Hierarchical instruction scheduler facilitating instruction replay
US8296550B2 (en) 2005-08-29 2012-10-23 The Invention Science Fund I, Llc Hierarchical register file with operand capture ports
US20080133885A1 (en) * 2005-08-29 2008-06-05 Centaurus Data Llc Hierarchical multi-threading processor
US8909946B2 (en) 2005-11-15 2014-12-09 Microsoft Corporation Efficient power management of a system with virtual machines
US9218047B2 (en) 2005-11-15 2015-12-22 Microsoft Technology Licensing, Llc Efficient power management of a system with virtual machines
US9772860B2 (en) 2005-11-15 2017-09-26 Microsoft Technology Licensing, Llc Efficient power management of a system with virtual machines
US9489035B2 (en) 2005-11-15 2016-11-08 Microsoft Technology Licensing, Llc Efficient power management of a system with virtual machines
US20070112999A1 (en) * 2005-11-15 2007-05-17 Microsoft Corporation Efficient power management of a system with virtual machines
US20080134174A1 (en) * 2006-12-05 2008-06-05 Microsoft Corporation Reduction of operational costs of virtual TLBs
US8694712B2 (en) 2006-12-05 2014-04-08 Microsoft Corporation Reduction of operational costs of virtual TLBs
US8645666B2 (en) 2006-12-28 2014-02-04 Intel Corporation Means to share translation lookaside buffer (TLB) entries between different contexts
US20080162868A1 (en) * 2006-12-28 2008-07-03 Andy Glew Means to share translation lookaside buffer (TLB) entries between different contexts
US9612857B2 (en) 2014-04-24 2017-04-04 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9678777B2 (en) * 2014-04-24 2017-06-13 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US10255097B2 (en) 2014-04-24 2019-04-09 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US20150309823A1 (en) * 2014-04-24 2015-10-29 International Buisness Machines Corporation Administering virtual machines in a distributed computing environment
US9503515B2 (en) 2014-04-24 2016-11-22 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9503514B2 (en) 2014-04-24 2016-11-22 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9606824B2 (en) 2014-04-24 2017-03-28 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9612856B2 (en) 2014-04-24 2017-04-04 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US20150312109A1 (en) * 2014-04-24 2015-10-29 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9612858B2 (en) 2014-04-24 2017-04-04 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US10255098B2 (en) 2014-04-24 2019-04-09 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9864622B2 (en) 2014-04-24 2018-01-09 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9858099B2 (en) 2014-04-24 2018-01-02 International Business Machines Corporation Administering virtual machines in a distributed computing environment
US9703587B2 (en) * 2014-04-24 2017-07-11 International Business Machines Corporation Administering virtual machines in a distributed computing environment
CN104050017A (en) * 2014-07-01 2014-09-17 龙芯中科技术有限公司 Method and device for controlling operating virtual machine
US9697137B2 (en) * 2014-11-14 2017-07-04 Cavium, Inc. Filtering translation lookaside buffer invalidations
US9684606B2 (en) * 2014-11-14 2017-06-20 Cavium, Inc. Translation lookaside buffer invalidation suppression
US20160140051A1 (en) * 2014-11-14 2016-05-19 Cavium, Inc. Translation lookaside buffer invalidation suppression
US20160140040A1 (en) * 2014-11-14 2016-05-19 Cavium, Inc. Filtering translation lookaside buffer invalidations
US9672159B2 (en) * 2015-07-02 2017-06-06 Arm Limited Translation buffer unit management
US20180067866A1 (en) * 2016-09-08 2018-03-08 Intel Corporation Translate on virtual machine entry
WO2018048564A1 (en) * 2016-09-08 2018-03-15 Intel Corporation Translate on virtual machine entry
EP3333699A1 (en) * 2016-12-12 2018-06-13 INTEL Corporation System and method to improve nested virtual machine monitor performance
US10922114B2 (en) 2016-12-12 2021-02-16 Intel Corporation System and method to improve nested virtual machine monitor performance

Also Published As

Publication number Publication date
US20130212313A1 (en) 2013-08-15
US8751752B2 (en) 2014-06-10
US20050080937A1 (en) 2005-04-14
US8543772B2 (en) 2013-09-24
US20120117300A1 (en) 2012-05-10
US7865670B2 (en) 2011-01-04

Similar Documents

Publication Publication Date Title
US8751752B2 (en) Invalidating translation lookaside buffer entries in a virtual machine system
US10114767B2 (en) Virtualizing physical memory in a virtual machine system using a hierarchy of extended page tables to translate guest-physical addresses to host-physical addresses
US7418584B1 (en) Executing system management mode code as virtual machine guest
US9335943B2 (en) Method and apparatus for fine grain memory protection
KR101770496B1 (en) Efficient address translation caching in a processor that supports a large number of different address spaces
TWI471727B (en) Method and apparatus for caching of page translations for virtual machines
US8607228B2 (en) Virtualizing performance counters
US8296546B2 (en) Synchronizing a translation lookaside buffer with an extended paging table
US7370160B2 (en) Virtualizing memory type
US9684605B2 (en) Translation lookaside buffer for guest physical addresses in a virtual machine
US11720356B2 (en) Range checking instruction for setting a status value indicative of whether a first address and second address identified by the instruction correspond to the same memory attribute entry
KR20070047845A (en) Fault processing for direct memory access address translation
EP3649550A1 (en) An apparatus and method for controlling execution of instructions

Legal Events

Date Code Title Description
AS Assignment

Owner name: INTEL CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:COTA-ROBLES, ERIK C.;GLEW, ANDY;JEYASINGH, STALINSELVARAJ;AND OTHERS;REEL/FRAME:016508/0126;SIGNING DATES FROM 20030929 TO 20041006

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION