Secure public cloud with protected guest-verified host control
US-10303899-B2 · May 28, 2019 · US
Secure public cloud with protected guest-verified host control
US10628612B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10628612-B2 |
| Application number | US-201916362887-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 25, 2019 |
| Priority date | Aug 11, 2016 |
| Publication date | Apr 21, 2020 |
| Grant date | Apr 21, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
According to one embodiment, a method comprises executing an untrusted host virtual machine monitor (VMM) to manage execution of at least one guest virtual machine (VM). The VMM receives an encrypted key domain key, an encrypted guest code image, and an encrypted guest control structure. The VM also issues a create command. In response, a processor creates a first key domain comprising a region of memory to be encrypted by a key domain key. The encrypted key domain key is decrypted to produce the key domain key, which is inaccessible to the VMM. The VMM issues a launch command. In response, a first guest VM is launched within the first key domain. In response to a second launch command, a second guest VM is launched within the first key domain. The second guest VM provides an agent to act on behalf of the VMM. Other embodiments are described and claimed.
First claim
Opening claim text (preview).
What is claimed is: 1. An apparatus comprising: a processor; and a memory coupled to the processor; wherein the processor is to execute an untrusted host virtual machine monitor (VMM) to manage execution by the processor of at least one guest virtual machine (VM); the untrusted host VMM is to cause the processor to create a key domain, the first key domain comprising a region of the memory to be encrypted by a key domain key that is inaccessible to the untrusted host VMM; the processor is to receive an encrypted key domain key and decrypt the encrypted key domain key to produce the key domain key; the untrusted host VMM is to cause the processor to launch a first guest VM within the key domain, wherein to launch the first guest VM within the key domain comprises switching to the key domain, decrypting at least part of an encrypted domain image to produce a guest control structure containing guest processor state information and to produce a guest code image, and executing the guest code image within the key domain using the guest processor state information from the guest control structure; and the untrusted host VMM is to cause the processor to launch a second guest VM within the key domain, the second guest VM to provide an agent to act on behalf of the untrusted host VMM within the key domain, wherein to launch the second guest VM within the key domain comprises switching to the key domain, decrypting at least part of the encrypted domain image to produce an agent code image and to produce an agent control structure containing agent processor state information, and executing the agent code image within the key domain using the agent processor state information. 2. The apparatus of claim 1 , wherein in response to an event triggering an exit condition of the first guest VM, the processor is to switch out of the key domain. 3. The apparatus of claim 2 , wherein the guest control structure specifies a protected location of the memory where the processor may store additional guest processor state information for the first guest VM; in response to the event triggering the exit condition of the first guest VM, the processor is to save the additional guest processor state information for the first guest VM in the protected location of the memory; and after the event triggering the exit condition has been handled, the untrusted host VMM is to cause the processor to resume the first guest VM, wherein resuming the first guest VM comprises switching to the key domain, retrieving the additional guest processor state information for the first guest VM from the protected location of the memory, and executing the guest code image within the key domain using the additional guest processor state information. 4. The apparatus of claim 3 , wherein the guest code image comprises interrupt handler code to intercept an interrupt; the processor is to convert the exit condition of the first guest VM to an exception; the guest code image is to save processor register information to the protected location of the memory in response to at least one of the interrupt and the exception; the guest code image is to clear a first processor register if the first processor register is not needed by the untrusted host VMM; the guest code image is to conditionally expose a second processor register if the second processor register is needed by the untrusted host VMM; the guest code image is to invoke the untrusted host VMM; and the first guest VM is to exit when the untrusted host VMM is invoked. 5. The apparatus of claim 3 , wherein the untrusted host VMM is to receive an encrypted updated guest control structure, install the encrypted updated guest control structure in the memory, and verify the encrypted updated guest control structure; the processor is to decrypt the encrypted updated guest control structure to produce an updated guest control structure; and in response to verifying the encrypted updated guest control structure, the untrusted host VMM is to cause the processor to enter the first guest VM using the updated guest control structure. 6. The apparatus of claim 5 , wherein the untrusted host VMM is further to receive an encrypted updated guest code image and to install the encrypted updated guest code image in the memory; the processor is to decrypt the encrypted updated guest code image update to produce an updated guest code image; and the processor is to enter the first guest VM by executing the updated guest code image using the updated guest control structure. 7. The apparatus of claim 3 , wherein the untrusted host VMM is to determine whether a change to the guest control structure is needed; the first guest VM is to verify that the change to the guest control structure does not compromise security of the first guest VM; the first guest VM is to produce an encrypted updated guest control structure incorporating the change using the key domain key; and the first guest VM is to send the encrypted updated guest control structure to the untrusted host VMM via a shared region of the memory shared by the untrusted host VMM and the first guest VM. 8. The apparatus of claim 7 , wherein the untrusted host VMM is to install the encrypted updated guest control structure in the memory; the untrusted host VMM is to verify the encrypted updated guest control structure; the processor is to decrypt the encrypted updated guest control structure to produce an updated guest control structure; and in response to verifying the encrypted updated guest control structure, the untrusted host VMM is to cause the processor to enter the first guest VM using the updated guest control structure. 9. The apparatus of claim 1 , wherein the untrusted host VMM is to communicate a request to modify the guest control structure of the first guest VM to the agent via a shared region of memory shared by the agent and the untrusted host VMM; in response to reading the request from the shared region of memory, the agent is to modify the guest control structure of the first guest VM within the key domain to produce a modified guest control structure of the first guest VM; the untrusted host VMM is to verify the modified guest control structure of the first guest VM; in response to verifying the modified guest control structure, the untrusted host VMM is to cause the processor to enter the first guest VM and execute the guest code image within the key domain using the modified guest control structure. 10. The apparatus of claim 1 , wherein the encrypted domain image comprises an encrypted version of the guest control structure; and the processor is to confirm integrity of the encrypted version of the guest control structure. 11. A processor to: execute an untrusted host virtual machine monitor (VMM) to manage execution by the processor of at least one guest virtual machine (VM); create a key domain in response to a first command issued by the untrusted host VMM, the key domain comprising a region of a memory to be encrypted by a key domain key that is inaccessible to the untrusted host VMM; decrypt an encrypted key domain key to produce the key domain key; launch a first guest VM within the key domain in response to a second command issued by the untrusted host VMM, wherein to launch the first guest VM within the key domain comprises to: switch to the key domain, decrypt at least part of an encrypted domain image to produce a guest control structure containing guest processor state information and to produce a guest code image, and execute the guest code image within the key domain using the guest processor state information from the guest control structure; and in response to a third c
Assignees
Inventors
Classifications
Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities · CPC title
to assure secure storage of data (address-based protection against unauthorised use of memory G06F12/14; record carriers for use with machines and with at least a part designed to carry digital markings G06K19/00) · CPC title
by executing in a restricted environment, e.g. sandbox or secure virtual machine · CPC title
Hypervisors; Virtual machine monitors · CPC title
- G06F21/71Primary
to assure secure computing or processing of information · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10628612B2 cover?
- According to one embodiment, a method comprises executing an untrusted host virtual machine monitor (VMM) to manage execution of at least one guest virtual machine (VM). The VMM receives an encrypted key domain key, an encrypted guest code image, and an encrypted guest control structure. The VM also issues a create command. In response, a processor creates a first key domain comprising a region…
- Who is the assignee on this patent?
- Intel Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/71. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 21 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).