What technology area does this patent fall under?

Primary CPC classification G06F9/45558. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Mar 04 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Multiple secure virtual processors for a trust domain

US12242875B2 · US · B2

Patent metadata
Field	Value
Publication number	US-12242875-B2
Application number	US-202117484825-A
Country	US
Kind code	B2
Filing date	Sep 24, 2021
Priority date	Sep 24, 2021
Publication date	Mar 4, 2025
Grant date	Mar 4, 2025

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Providing multiple virtual processors (VPs) for a trusted domain (TD) includes creating a virtual processor control structure (VPCS) for one or more of a plurality of VPs of the TD of a processor in a computing system, the TD including a trust domain control structure (TDCS), the plurality of VPs having views into addresses of private memory of the TD, the VPCS for a VP including a secure extended page table (SEPT) for the VP; and for the VP, initializing the VPCS for the VP by copying selected entries of the TDCS to the SEPT of the VPCS, pointing a SEPT pointer to the VPCS, and setting an entry point for starting execution of the VP by the processor.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: generating, by a processor of a computing device, a trust domain control structure; generating a virtual processor control structure associated with virtual processors relating to a trust domain associated with the processor, wherein the trust domain includes the trust domain control structure, and wherein the virtual processors having views into one or more addresses corresponding to a private memory associated with the trust domain, wherein two or more of the virtual processors to share the primary memory by sharing a secured table such that the two or more of the virtual processors to perform one or more operations that are distinct from other operations performed by other virtual processors; and initializing the virtual processor control structure for the virtual processors by one or more of copying one or more selected entries associated with the trust domain control structure to the secured table, pointing a secured table pointer to the virtual processor control structure, or setting an entry point for initiating execution of the virtual processors by the processor. 2. The method of claim 1 , wherein the virtual processor control structure comprises a processor context associated with the virtual processors. 3. The method of claim 1 , further comprising translating, using the secured table associated with the virtual processors, a private guest physical address into a physical address and a private key identifier for the trust domain. 4. The method of claim 1 , further comprising allowing the virtual processors to have a view into at least one range of addresses associated with the private memory associated with the trust domain, wherein the processor comprises one or more of an application processor or a graphics processor. 5. An apparatus comprising: processor circuitry coupled to a memory, the processor circuitry to: generate a trust domain control structure; generate a virtual processor control structure associated with virtual processors relating to a trust domain associated with the processor, wherein the trust domain includes the trust domain control structure, and wherein the virtual processors having views into one or more addresses corresponding to a private memory associated with the trust domain, wherein two or more of the virtual processors to share the primary memory by sharing a secured table such that the two or more of the virtual processors to perform one or more operations that are distinct from other operations performed by other virtual processors; and initialize the virtual processor control structure for the virtual processors by one or more of copying one or more selected entries associated with the trust domain control structure to a secured table, pointing a secured table pointer to the virtual processor control structure, or setting an entry point for initiating execution of the virtual processors by the processor. 6. The apparatus of claim 5 , wherein the virtual processor control structure comprises a processor context associated with the virtual processors. 7. The apparatus of claim 5 , wherein the processor circuitry is further to translate, using the secured table associated with the virtual processors, a private guest physical address into a physical address and a private key identifier for the trust domain. 8. The apparatus of claim 5 , wherein the processor circuitry is further to allow the virtual processors to have a view into at least one range of addresses associated with the private memory associated with the trust domain, wherein the processor circuitry comprises one or more of application processor circuitry or graphics processor circuitry. 9. At least one non-transitory computer-readable medium having stored thereon instructions which, when executed, cause a computing device to perform operations comprising: generating a trust domain control structure; generating a virtual processor control structure associated with virtual processors relating to a trust domain associated with a processor of the computing device, wherein the trust domain includes the trust domain control structure, and wherein the virtual processors having views into one or more addresses corresponding to a private memory associated with the trust domain, wherein two or more of the virtual processors to share the primary memory by sharing a secured table such that the two or more of the virtual processors to perform one or more operations that are distinct from other operations performed by other virtual processors; and initializing the virtual processor control structure for the virtual processors by one or more of copying one or more selected entries associated with the trust domain control structure to a secured table, pointing a secured table pointer to the virtual processor control structure, or setting an entry point for initiating execution of the virtual processors by the processor. 10. The non-transitory computer-readable medium of claim 9 , wherein the virtual processor control structure comprises a processor context associated with the virtual processors. 11. The non-transitory computer-readable medium of claim 9 , wherein two or more virtual processors share a common view into the private memory associated with the trust domain by sharing the secured table. 12. The non-transitory computer-readable medium of claim 9 , wherein the operations further comprise translating, using the secured table associated with the virtual processors, a private guest physical address into a physical address and a private key identifier for the trust domain. 13. The non-transitory computer-readable medium of claim 9 , wherein the operations further comprise allowing the virtual processors to have a view into at least one range of addresses associated with the private memory associated with the trust domain, wherein the processor comprises one or more of an application processor or a graphics processor.

Assignees

Intel Corp

Inventors

Xing Bin

Classifications

G06F12/1441
for a range · CPC title
G06F2009/45595
Network integration; Enabling network access in virtual machine instances · CPC title
G06F12/1458
by checking the subject access rights · CPC title
G06F2009/45587
Isolation or security of virtual machine instances · CPC title
G06F9/45545
Guest-host, i.e. hypervisor is an application program itself, e.g. VirtualBox · CPC title

Patent family

Related publications grouped by family.

View patent family 79173640

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US12242875B2 cover?: Providing multiple virtual processors (VPs) for a trusted domain (TD) includes creating a virtual processor control structure (VPCS) for one or more of a plurality of VPs of the TD of a processor in a computing system, the TD including a trust domain control structure (TDCS), the plurality of VPs having views into addresses of private memory of the TD, the VPCS for a VP including a secure exten…
Who is the assignee on this patent?: Intel Corp
What technology area does this patent fall under?: Primary CPC classification G06F9/45558. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Mar 04 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).