Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization

Number of patents in Portfolio can not be more than 2000

United States of America Patent

PATENT NO 5764969
SERIAL NO

08387149

Stats

ATTORNEY / AGENT: (SPONSORED)

Importance

Loading Importance Indicators... loading....

Abstract

See full text

A method and system for enhanced system management operations in a superscalar data processing system. Those supervisory level instructions which execute selected privileged operations within protected memory space are first identified as not requiring a full context synchronization. Each time execution of such an instruction is initiated an enable special access (ESA) instruction is executed as an entry point to that instruction or group of instructions. A portion of the machine state register for the data processing system is stored and the machine state register is then modified as follows: a problem bit is set, changing the execution privilege state to 'supervisor;' external interrupts are disabled; and access privilege state bit is set; and, a special access mode bit is set, allowing execution of special instructions. The instructions which execute the selected privileged operations within the protected memory space are then executed. A disable special access (DSA) instruction is then executed which restores the bits within the machine state register which were modified during the ESA instruction. The ESA and DSA instructions are implemented without modifying the instruction stream by utilizing user level procedure calls, thereby reducing the overhead of the branch table necessary to determine the desired execution path.

Loading the Abstract Image... loading....

First Claim

See full text

Family

Loading Family data... loading....

Patent Owner(s)

Patent OwnerAddressTotal Patents
INTERNATIONAL BUSINESS MACHINES CORPORATIONARMONK, NY45084

International Classification(s)

  • [Classification Symbol]
  • [Patents Count]

Inventor(s)

Inventor Name Address # of filed Patents Total Citations
Kahle, James Allan Austin, TX 98 1475
Loper, Albert J Cedar Park, TX 17 196
Mallick, Soummya Austin, TX 48 1050
Ogden, Aubrey Deene Round Rock, TX 10 276
Sell, John Victor Los Altos, CA 5 168

Cited Art Landscape

Patent Info (Count) # Cites Year
 
INTERNATIONAL BUSINESS MACHINES CORPORATION (1)
* 4500952 Mechanism for control of address translation by a program using a plurality of translation tables 32 1980
 
HEWLETT-PACKARD COMPANY (1)
* 4809160 Privilege level checking instruction for implementing a secure hierarchical computer system 143 1985
 
DIGITAL EQUIPMENT CORPORATION (1)
* 4787031 Computer with virtual machine mode and multiple protection rings 76 1985
 
MICROSOFT TECHNOLOGY LICENSING, LLC (1)
* 5063499 Method for a correlating virtual memory systems by redirecting access for used stock instead of supervisor stock during normal supervisor mode processing 54 1989
* Cited By Examiner

Patent Citation Ranking

Forward Cite Landscape

Patent Info (Count) # Cites Year
 
QUALCOMM INCORPORATED (1)
* 2007/0286,274 APPARATUS AND METHOD OF LOW LATENCY MULTI-HOP COMMUNICATION 1 2007
 
INTERNATIONAL BUSINESS MACHINES CORPORATION (4)
* 5996085 Concurrent execution of machine context synchronization operations and non-interruptible instructions 24 1997
* 2004/0111,414 System and method for selective execution of statements with surrogate authority 3 2002
* 7669050 Method to enable user mode process to operate in a privileged execution mode 5 2004
* 2005/0289,545 Method to enable user mode process to operate in a privileged execution mode 4 2004
 
Other [Check patent profile for assignment information] (11)
* 2003/0196,100 Protection against memory attacks following reset 23 2002
* 2004/0064,813 Method for resolving address space conflicts between a virtual machine monitor and a guest operating system 5 2003
* 2004/0078,590 Controlling access to multiple memory zones in an isolated execution environment 3 2003
* 2005/0022,002 Protected configuration space in a protected environment 26 2004
* 2005/0182,940 System and method for execution of a secured environment initialization instruction 27 2005
* 2005/0283,660 Mechanism to handle events in a machine with isolated execution 14 2005
* 2006/0245,590 Method of confirming a secure key exchange 7 2006
* 2009/0006,805 Method and apparatus for supporting address translation in a virtual machine environment 13 2008
* 2008/0276,235 VIRTUAL MACHINE MANAGEMENT USING PROCESSOR STATE INFORMATION 8 2008
* 2009/0259,845 System and method for execution of a secured environment initialization instruction 2 2009
* 2011/0131,363 MECHANISM FOR REMAPPING POST VIRTUAL MACHINE MEMORY PAGES 1 2011
 
HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP (1)
* 7478394 Context-corrupting context switching 20 2001
 
MIPS TECHNOLOGIES, INC. (4)
* 7185183 Atomic update of CPO state 49 2001
7634638 Instruction encoding for system register bit set and clear 30 2002
7600100 Instruction encoding for system register bit set and clear 1 2006
* 2007/0234,020 INSTRUCTION ENCODING FOR SYSTEM REGISTER BIT SET AND CLEAR 4 2006
 
INTEL CORPORATION (125)
7356817 Real-time scheduling of virtual machines 25 2000
7089418 Managing accesses in a processor for isolated execution 8 2000
7073071 Platform and method for generating and utilizing a protected audit log 8 2000
7013481 Attestation key memory device and bus 26 2000
6996710 Platform and method for issuing and certifying a hardware-protected attestation key 34 2000
6990579 Platform and method for remote attestation of a platform 24 2000
6957332 Managing a secure platform using a hierarchical executive architecture in isolated execution mode 12 2000
6760441 Generating a key hieararchy for use in an isolated execution environment 44 2000
* 6507904 Executing isolated mode instructions in a secure system running in privilege rings 177 2000
6754815 Method and system for scrubbing an isolated area of memory after reset of a processor operating in isolated execution mode if a cleanup flag is set 29 2000
6678825 Controlling access to multiple isolated memories in an isolated execution environment 102 2000
6633963 Controlling access to multiple memory zones in an isolated execution environment 155 2000
7082615 Protecting software environment in isolated execution 36 2000
6941458 Managing a secure platform using a hierarchical executive architecture in isolated execution mode 14 2000
7793111 Mechanism to handle events in a machine with isolated execution 0 2000
7389427 Mechanism to secure computer output from software attack using isolated execution 15 2000
6795905 Controlling accesses to isolated memory using a memory controller for isolated execution 23 2000
7215781 Creation and distribution of a secret value between two devices 1 2000
* 2002/0083,332 Creation and distribution of a secret value between two devices 1 2000
7818808 Processor mode for limiting the operation of guest software running on a virtual machine supported by a virtual machine monitor 29 2000
7117376 Platform and method of creating a secure boot that enforces proper user authentication and enforces hardware configurations 27 2000
7035963 Method for resolving address space conflicts between a virtual machine monitor and a guest operating system 28 2000
6769058 Resetting a processor in an isolated execution environment 8 2000
7194634 Attestation key memory device and bus 16 2001
7272831 Method and apparatus for constructing host processor soft devices independent of the host processor operating system 33 2001
7096497 File checking using remote signing authority via a network 13 2001
* 2002/0144,140 File checking using remote signing authority via a network 2 2001
* 2002/0144,121 Checking file integrity using signature generated in isolated execution 18 2001
7191440 Tracking operating system process and thread execution and virtual machine execution in hardware or in a virtual machine monitor 73 2001
7024555 Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment 26 2001
* 2003/0084,346 Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment 15 2001
7103771 Connecting a virtual token to a physical token 37 2001
* 2003/0115,453 Connecting a virtual token to a physical token 31 2001
* 2003/0126,454 Authenticated code method and apparatus 40 2001
7308576 Authenticated code module 4 2001
7480806 Multi-token seal and unseal 9 2002
* 2003/0163,711 Multi-token seal and unseal 34 2002
7631196 Method and apparatus for loading a trustable operating system 5 2002
7069442 System and method for execution of a secured environment initialization instruction 33 2002
7028149 System and method for resetting a platform configuration register 48 2002
* 2003/0191,943 Methods and arrangements to register code 6 2002
7076669 Method and apparatus for communicating securely with a token 2 2002
7058807 Validation of inclusion of a platform within a data center 30 2002
* 2003/0196,088 Method and apparatus for communicating securely with a token 1 2002
* 2003/0196,083 Validation of inclusion of a platform within a data center 9 2002
7127548 Control register access virtualization performance improvement in the virtual-machine architecture 11 2002
* 2003/0229,794 System and method for protection against untrusted system management code by redirecting a system management interrupt and creating a virtual machine container 60 2002
6820177 Protected configuration space in a protected environment 10 2002
7142674 Method of confirming a secure key exchange 12 2002
* 2003/0233,550 Method of confirming a secure key exchange 4 2002
7392415 Sleep protection 3 2002
* 2004/0003,273 Sleep protection 16 2002
* 2004/0003,321 Initialization of protected system 32 2002
7296267 System and method for binding virtual machines to hardware contexts 52 2002
7165181 System and method for establishing trust without revealing identity 29 2002
7073042 Reclaiming existing fields in address translation data structures to extend control over memory accesses 16 2002
7318235 Attestation using both fixed token and portable token 18 2002
* 2004/0117,625 Attestation using both fixed token and portable token 8 2002
* 2004/0117,318 Portable token controlling trusted environment launch 16 2002
7318141 Methods and systems to control virtual machines 4 2002
* 2004/0123,288 Methods and systems to manage machine state in virtual machine operations 28 2002
7900017 Mechanism for remapping post virtual machine memory pages 4 2002
* 2004/0128,469 Mechanism for remapping post virtual machine memory pages 3 2002
* 2004/0128,345 Dynamic service registry 58 2002
* 2004/0128,465 Configurable memory bus width 5 2002
7415708 Virtual machine management using processor state information 23 2003
* 2004/0268,347 Virtual machine management using processor state information 106 2003
* 2005/0044,292 Method and apparatus to retain system control when a buffer overflow attack occurs 9 2003
7424709 Use of multiple virtual machine monitors to handle privileged events 21 2003
7287197 Vectoring an interrupt or exception upon resuming operation of a virtual machine 5 2003
* 2005/0060,703 Vectoring an interrupt or exception upon resuming operation of a virtual machine 1 2003
7739521 Method of obscuring cryptographic computations 1 2003
* 2005/0084,098 Method of obscuring cryptographic computations 8 2003
7237051 Mechanism to control hardware interrupt acknowledgement in a virtual machine system 15 2003
7177967 Chipset support for managing hardware interrupts in a virtual machine system 20 2003
7020738 Method for resolving address space conflicts between a virtual machine monitor and a guest operating system 9 2003
* 2005/0080,934 Invalidating translation lookaside buffer entries in a virtual machine (VM) system 22 2003
6934817 Controlling access to multiple memory zones in an isolated execution environment 22 2003
7636844 Method and system to provide a trusted channel within a computer system for a SIM device 6 2003
* 2005/0108,534 Providing services to an open platform implementing subscriber identity module (SIM) capabilities 17 2003
* 2005/0108,171 Method and apparatus for implementing subscriber identity module (SIM) capabilities in an open platform 28 2003
8156343 Accessing private data about the state of a data processing machine from storage that is publicly accessible 3 2003
8037314 Replacing blinded authentication authority 3 2003
7802085 Apparatus and method for distributing private keys to an entity with minimal secret, unique information 8 2004
* 2005/0216,920 Use of a virtual machine to emulate a hardware device 29 2004
7356735 Providing support for single stepping a virtual machine in a virtual machine environment 6 2004
* 2005/0240,819 Providing support for single stepping a virtual machine in a virtual machine environment 6 2004
7620949 Method and apparatus for facilitating recognition of an open event window during operation of guest software in a virtual machine environment 2 2004
* 2005/0240,700 Method and apparatus for facilitating recognition of an open event window during operation of guest software in a virtual machine environment 2 2004
7490070 Apparatus and method for proving the denial of a direct proof signature 11 2004
7366849 Protected configuration space in a protected environment 5 2004
* 2005/0288,056 System including a wireless wide area network (WWAN) module with an external identity module reader and approach for certifying the WWAN module 7 2004
7305592 Support for nested fault in a virtual machine environment 18 2004
* 2006/0005,084 Support for nested faults in a virtual machine environment 2 2004
7840962 System and method for controlling switching between VMM and VM using enabling value of VMM timer indicator and VMM timer value having a specified time 6 2004
* 2006/0075,402 Providing support for a timer associated with a virtual machine monitor 21 2004
8146078 Timer offsetting mechanism in a virtual machine environment 10 2004
8924728 Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information 0 2004
8533777 Mechanism to determine trust of out-of-band management agents 0 2004
7395405 Method and apparatus for supporting address translation in a virtual machine environment 19 2005
7313669 Virtual translation lookaside buffer 6 2005
7546457 System and method for execution of a secured environment initialization instruction 13 2005
* 2005/0188,198 Managing a secure platform using a hierarchical executive architecture in isolated execution mode 8 2005
7809957 Trusted platform module for generating sealed data 8 2005
7302511 Chipset support for managing hardware interrupts in a virtual machine system 12 2005
7516330 Platform and method for establishing provable identities while maintaining privacy 2 2005
7921293 Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment 0 2006
8014530 Method and apparatus for authenticated, recoverable key distribution with no database secrets 6 2006
7454611 System and method for establishing trust without revealing identity 3 2007
* 2007/0113,077 System and Method for Establishing Trust Without Revealing Identity 0 2007
7836275 Method and apparatus for supporting address translation in a virtual machine environment 3 2008
8296762 Virtual machine management using processor state information 3 2008
8185734 System and method for execution of a secured environment initialization instruction 3 2009
7861245 Method and apparatus for facilitating recognition of an open event window during operation of guest software in a virtual machine environment 0 2009
8407476 Method and apparatus for loading a trustable operating system 1 2009
8386788 Method and apparatus for loading a trustable operating system 0 2009
8639915 Apparatus and method for distributing private keys to an entity with minimal secret, unique information 0 2010
8671275 Mechanism to handle events in a machine with isolated execution 0 2010
8522044 Mechanism to handle events in a machine with isolated execution 0 2010
8195914 Mechanism for remapping post virtual machine memory pages 1 2011
9009483 Replacing blinded authentication authority 0 2011
9348767 Accessing private data about the state of a data processing machine from storage that is publicly accessible 0 2012
8645688 System and method for execution of a secured environment initialization instruction 1 2012
9087000 Accessing private data about the state of a data processing machine from storage that is publicly accessible 2 2013
9361121 System and method for execution of a secured environment initialization instruction 0 2014
 
MICRON TECHNOLOGY, INC. (2)
7610611 Prioritized address decoder 2 2003
* 2005/0086,508 Prioritized address decoder 1 2003
 
BEIJING XIAOMI MOBILE SOFTWARE CO., LTD. (1)
7366305 Platform and method for establishing trust without revealing identity 5 2003
 
MATSUSHITA ELECTRIC INDUSTRIAL CO., LTD. (1)
* 2004/0168,047 Processor and compiler for creating program for the processor 11 2004
 
AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD. (1)
* 2008/0155,571 Method and System for Host Software Concurrent Processing of a Network Connection Using Multiple Central Processing Units 2 2007
 
ALIBABA GROUP HOLDING LIMITED (5)
7111176 Generating isolated bus cycles for isolated execution 8 2000
7013484 Managing a secure environment using a chipset in isolated execution mode 29 2000
7085935 Managing a secure environment using a chipset in isolated execution mode 8 2000
7124327 Control over faults occurring during the operation of guest software in the virtual-machine architecture 19 2002
6996748 Handling faults associated with operation of guest software in the virtual-machine architecture 16 2002
* Cited By Examiner