What technology area does this patent fall under?

Primary CPC classification G06F12/145. Mapped technology areas include Physics.

When was this patent published?

Publication date Thu Nov 02 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Trust domains for peripheral devices

US2023350815A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2023350815-A1
Application number	US-202318340120-A
Country	US
Kind code	A1
Filing date	Jun 23, 2023
Priority date	Jan 18, 2022
Publication date	Nov 2, 2023
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Disclosed are various embodiments for various approaches for implementing trust domains to provide boundaries between PCIe devices connected to the same PCIe switch. A first trust identifier can be assigned to a first virtual machine hosted by the computing device. The first trust identifier can also be assigned to a first PCIe device assigned to the first virtual machine. Later, it can be determined that a second PCIe device connected to the PCIe switch is assigned a second trust identifier assigned to a second virtual machine. An Address Control Services (ACS) direct translated bit for peer-to-peer memory requests in the PCIe switch can be disabled in response to a determination that the second PCIe device is associated with the second trust identifier assigned to the second virtual machine.

First claim

Opening claim text (preview).

Therefore, the following is claimed: 1 . A system, comprising: a computing device comprising a processor, a memory, and a Peripheral Component Interconnect Express (PCIe) switch; and machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least: determine that a first PCIe device connected to the PCIe switch is assigned a first trust identifier assigned to a first virtual machine; determine that a second PCIe device connected to the PCIe switch is assigned a second trust identifier assigned to a second virtual machine; and disable an Address Control Services (ACS) direct translated bit for peer-to-peer memory requests in the PCIe switch in response to a determination that the second PCIe device is associated with the second trust identifier assigned to the second virtual machine. 2 . The system of claim 1 , wherein the machine-readable instructions further cause the computing device to at least: assign a default trust identifier to the first PCIe device in response to a power off of the virtual machine; determine that each PCIe device connected to the PCIe switch is assigned either the default trust identifier or the second trust identifier; and enable the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch in response to a determination that the each PCIe device connected to the PCIe switch is assigned either the default trust identifier or the second trust identifier. 3 . The system of claim 1 , wherein the machine-readable instructions further cause the computing device to at least: assign a default trust identifier to the first PCIe device in response to a power off of the virtual machine; determine that a third PCIe device connected to the PCIe switch is assigned the first trust identifier and that the third PCIe device has Address Translation Services (ATS) enabled; determine that the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch is currently enabled; and disable the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch. 4 . The system of claim 1 , wherein the machine-readable instructions further cause the computing device to at least: detect that the first PCIe device has been unassigned from the first virtual machine; assign a default trust identifier to the first PCIe device in response to the first PCIe device being unassigned from the first virtual machine; determine that each PCIe device connected to the PCIe switch is assigned either the default trust identifier or the second trust identifier; and enable the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch in response to a determination that the each PCIe device connected to the PCIe switch is assigned either the default trust identifier or the second trust identifier. 5 . The system of claim 1 , wherein the machine-readable instructions further cause the computing device to at least: detect that the first PCIe device has been unassigned from the first virtual machine; assign a default trust identifier to the first PCIe device in response to the first PCIe device being unassigned from the first virtual machine; determine that a third PCIe device connected to the PCIe switch is assigned the first trust identifier and that the third PCIe device has Address Translation Services (ATS) enabled; and determine that the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch is currently enabled; and disable the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch. 6 . The system of claim 1 , wherein the machine-readable instructions further cause the computing device to at least: detect that a third PCIe device has been assigned to the first virtual machine; determine that each PCIe device connected to the PCIe switch is assigned the first trust identifier; and enable an Address Control Services (ACS) direct translated bit for peer-to-peer memory requests in the PCIe switch in response a determination that each PCIe device connected to the PCIe switch is assigned the first trust identifier. 7 . The system of claim 1 , wherein assignment of the first trust identifier to the first virtual machine and the first PCIe device occurs in response to the first virtual machine being powered on. 8 . A method, comprising: determining that a first PCIe device connected to the PCIe switch is assigned a first trust identifier assigned to a first virtual machine; determining that a second PCIe device connected to the PCIe switch is assigned a second trust identifier assigned to a second virtual machine; and disabling an Address Control Services (ACS) direct translated bit for peer-to-peer memory requests in the PCIe switch in response to a determination that the second PCIe device is associated with the second trust identifier assigned to the second virtual machine. 9 . The method of claim 8 , further comprising: assigning a default trust identifier to the first PCIe device in response to powering off the virtual machine; determining that each PCIe device connected to the PCIe switch is assigned either the default trust identifier or the second trust identifier; and enabling the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch in response to a determination that the each PCIe device connected to the PCIe switch is assigned either the default trust identifier or the second trust identifier. 10 . The method of claim 8 , further comprising: assigning a default trust identifier to the first PCIe device in response to powering off of the virtual machine; determining that a third PCIe device connected to the PCIe switch is assigned the first trust identifier and that the third PCIe device has Address Translation Services (ATS) enabled; determining that the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch is currently enabled; and disabling the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch. 11 . The method of claim 8 , further comprising: detecting that the first PCIe device has been unassigned from the first virtual machine; assigning a default trust identifier to the first PCIe device in response to the first PCIe device being unassigned from the first virtual machine; determining that each PCIe device connected to the PCIe switch is assigned either the default trust identifier or the second trust identifier; and enabling the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch in response to a determination that the each PCIe device connected to the PCIe switch is assigned either the default trust identifier or the second trust identifier. 12 . The method of claim 8 , further comprising: detecting that the first PCIe device has been unassigned from the first virtual machine; assigning a default trust identifier to the first PCIe device in response to the first PCIe device being unassigned from the first virtual machine; determining that a third PCIe device connected to the PCIe switch is assigned the first trust identifier and that the third PCIe device has Address Translation Services (ATS) enabled; determining that the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch is currently enabled; and disabling the ACS direct translated bit for peer-to-peer memory requests in the PCIe switch. 13 . The method of claim 8 , further comprising: detecting that a third PCIe device has been assigned to the first virtual machine; determining that each PCIe device connected to the

Assignees

Vmware Inc

Inventors

Classifications

G06F12/145Primary
the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism · CPC title
G06F12/1433
for a module or a part of a module · CPC title
G06F12/109
for multiple virtual address spaces, e.g. segmentation (G06F12/1036 takes precedence) · CPC title
G06F13/4221Primary
being an input/output bus, e.g. ISA bus, EISA bus, PCI bus, SCSI bus · CPC title
G06F9/45558
Hypervisor-specific management and integration aspects · CPC title

Patent family

Related publications grouped by family.

View patent family 87161976

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2023350815A1 cover?: Disclosed are various embodiments for various approaches for implementing trust domains to provide boundaries between PCIe devices connected to the same PCIe switch. A first trust identifier can be assigned to a first virtual machine hosted by the computing device. The first trust identifier can also be assigned to a first PCIe device assigned to the first virtual machine. Later, it can be dete…
Who is the assignee on this patent?: Vmware Inc
What technology area does this patent fall under?: Primary CPC classification G06F12/145. Mapped technology areas include Physics.
When was this patent published?: Publication date Thu Nov 02 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).

How to read this patent

Abstract

First claim

Assignees

Inventors

Classifications

Patent family

External sources

Related patents

Secure direct peer-to-peer memory access requests between devices

Controlling peer-to-peer communication

Access control in peer-to-peer transactions over a peripheral component bus

Frequently asked questions