Patent application number | Description | Published |
20080320316 | Selective Encryption System and Method for I/O Operations - Upon occurrence of a trigger condition, writes of allocation units of data (including code) to a device, such as writes of blocks to a disk, are first encrypted. Each allocation unit is preferably a predetermined integral multiple number of minimum I/O units. A data structure is marked to indicate which units are encrypted. Upon reads from the device, only those allocation units marked as encrypted are decrypted. The disk protected by selective encryption is preferably the virtual disk of a virtual machine (VM). The trigger condition is preferably either that the virtual disk has been initialized or that the VM has been powered on. Mechanisms are also provided for selectively declassifying (storing in unencrypted form) already-encrypted, stored data, and for determining which data units represent public, general-use data units that do not need to be encrypted. The “encrypt-on-write” feature of the invention may be used in conjunction with a “copy-on-write” technique. | 12-25-2008 |
20090025006 | SYSTEM AND METHOD FOR CONTROLLING RESOURCE REVOCATION IN A MULTI-GUEST COMPUTER SYSTEM - At least one guest system, for example, a virtual machine, is connected to a host system, which includes a system resource such as system machine memory. Each guest system includes a guest operating system (OS). A resource requesting mechanism, preferably a driver, is installed within each guest OS and communicates with a resource scheduler included within the host system. If the host system needs any one the guest systems to relinquish some of the system resource it currently is allocated, then the resource scheduler instructs the driver within that guest system's OS to reserve more of the resource, using the guest OS's own, native resource allocation mechanisms. The driver thus frees this resource for use by the host, since the driver does not itself actually need the requested amount of the resource. The driver in each guest OS thus acts as a hollow “balloon” to “inflate” or “deflate,” that is, reserve more or less of the system resource via the corresponding guest OS. The resource scheduler, however, remains transparent to the guest systems. | 01-22-2009 |
20090044274 | Impeding Progress of Malicious Guest Software - One embodiment of the present invention is a method of operating a virtualization system, the method including: (a) instantiating a virtualization system on an underlying hardware machine, the virtualization system exposing a virtual machine in which multiple execution contexts of a guest execute; (b) monitoring the execution contexts from the virtualization system; and (c) selectively impeding computational progress of a particular one of the execution contexts. | 02-12-2009 |
20090113110 | Providing VMM Access to Guest Virtual Memory - A virtual-machine-based system provides a mechanism for a virtual machine monitor (VMM) to process a hypercall received from an application running in the virtual machine (VM). A hypercall interface causes the virtual memory pages, needed by the VMM to process the hypercall, to be available to the VMM. In one embodiment, when virtual memory pages needed by the VMM to process the hypercall are not available to the VMM, the application is caused to access the needed pages, in response to which the required virtual memory becomes available to the VMM. | 04-30-2009 |
20090113111 | SECURE IDENTIFICATION OF EXECUTION CONTEXTS - A virtual-machine-based system that identifies an application or process in a virtual machine in order to locate resources associated with the identified application. Access to the located resources is then controlled based on a context of the identified application. Those applications without the necessary context will have a different view of the resource. | 04-30-2009 |
20090113216 | CRYPTOGRAPHIC MULTI-SHADOWING WITH INTEGRITY VERIFICATION - A virtual-machine-based system that may protect the privacy and integrity of application data, even in the event of a total operating system compromise. An application is presented with a normal view of its resources, but the operating system is presented with an encrypted view. This allows the operating system to carry out the complex task of managing an application's resources, without allowing it to read or modify them. Different views of “physical” memory are presented, depending on a context performing the access. An additional dimension of protection beyond the hierarchical protection domains implemented by traditional operating systems and processors is provided. | 04-30-2009 |
20090113424 | Transparent VMM-Assisted User-Mode Execution Control Transfer - A virtual-machine-based system provides a control-transfer mechanism to invoke a user-mode application handler from existing virtual hardware directly, without going through an operating system kernel running in the virtual machine. A virtual machine monitor calls directly to the guest user-mode handler and the handler transfers control back to the virtual machine monitor, without involving the guest operating system. | 04-30-2009 |
20090113425 | Transparent Memory-Mapped Emulation of I/O Calls - A virtual-machine-based system provides a mechanism to implement application file I/O operations of protected data by implementing the I/O operations semantics in a shim layer with memory-mapped regions. The semantics of these I/O operations are emulated in a shim layer with memory-mapped regions by using a mapping between a process' address space and a file or shared memory object. Data that is protected from viewing by a guest OS running in a virtual machine may nonetheless be accessed by the process. | 04-30-2009 |
20100095300 | Online Computation of Cache Occupancy and Performance - Methods, computer programs, and systems for managing thread performance in a computing environment based on cache occupancy are provided. In one embodiment, a computer implemented method assigns a thread performance counter to threads being created to measure the number of cache misses for the threads. The thread performance counter is deduced in one embodiment based on performance counters associated with each core in a processor. The method further calculates a self-thread value as the change in the thread performance counter of a given thread during a predetermined period, and an other-thread value as the sum of all the changes in the thread performance counters for all threads except for the given thread. Further, the method estimates a cache occupancy for the given thread based on a previous occupancy for the given thread, and the calculated shelf-thread and other-thread values. The estimated cache occupancy is used to assign computing environment resources to the given thread. In another embodiment, cache miss-rate curves are constructed for a thread to help analyze performance tradeoffs when changing cache allocations of the threads in the system. | 04-15-2010 |
20100106820 | QUALITY OF SERVICE MANAGEMENT - A method and system for providing quality of service to a plurality of hosts accessing a common resource is described. According to one embodiment, a plurality of IO requests is received from clients executing as software entities on one of the hosts. An IO request queue for each client is separately managed, and an issue queue is populated based on contents of the IO request queues. When a host issue queue is not full, a new IO request is entered into the host issue queue and is issued to the common resource. A current average latency observed at the host is calculated, and an adjusted window size is calculated at least in part based on the current average latency. The window size of the issue queue is adjusted according to the calculated window size. | 04-29-2010 |
20100122052 | Generating and Using Checkpoints in a Virtual Computer System - To generate a checkpoint for a virtual machine (VM), first, while the VM is still running, a copy-on-write (COW) disk file is created pointing to a parent disk file that the VM is using. Next, the VM is stopped, the VM' s memory is marked COW, the device state of the VM is saved to memory, the VM is switched to use the COW disk file, and the VM begins running again for substantially the remainder of the checkpoint generation. Next, the device state that was stored in memory and the unmodified VM memory pages are saved to a checkpoint file. Also, a copy may be made of the parent disk file for retention as part of the checkpoint, or the original parent disk file may be retained as part of the checkpoint. If a copy of the parent disk file was made, then the COW disk file may be committed to the original parent disk file. | 05-13-2010 |
20100205602 | Mechanism for Scheduling Execution of Threads for Fair Resource Allocation in a Multi-Threaded and/or Multi-Core Processing System - A thread scheduling mechanism is provided that flexibly enforces performance isolation of multiple threads to alleviate the effect of anti-cooperative execution behavior with respect to a shared resource, for example, hoarding a cache or pipeline, using the hardware capabilities of simultaneous multi-threaded (SMT) or multi-core processors. Given a plurality of threads running on at least two processors in at least one functional processor group, the occurrence of a rescheduling condition indicating anti-cooperative execution behavior is sensed, and, if present, at least one of the threads is rescheduled such that the first and second threads no longer execute in the same functional processor group at the same time. | 08-12-2010 |
20100229173 | Managing Latency Introduced by Virtualization - A component manages and minimizes latency introduced by virtualization. The virtualization component determines that a currently scheduled guest process has executed functionality responsive to which the virtualization component is to execute a virtualization based operation, wherein the virtualization based operation is one that is not visible to the guest operating system. The virtualization component causes the guest operating system to de-schedule the currently scheduled guest process and schedule at least one separate guest process. The virtualization component then executes the virtualization based operation concurrently with the execution of the at least one separate guest process. Responsive to completing the execution of the virtualization based operation, the virtualization component causes the guest operating system to re-schedule the de-scheduled guest process. | 09-09-2010 |
20100241785 | MANAGEMENT OF HOST PHYSICAL MEMORY ALLOCATION TO VIRTUAL MACHINES WITH A BALLOON APPLICATION - Methods and systems for managing distribution of host physical memory (HPM) among virtual machines (VMs) executing on a host via a hypervisor are presented, where each VM has guest system software including an operating system. A method includes an operation for reserving, by a balloon application executing in a first VM, a guest virtual memory (GVM) location in the first VM. The GVM location is mapped to a guest physical memory (GPM) location, which is mapped to a host physical memory (HPM) location. The balloon application is responsive to the hypervisor for reserving memory. Further, the method includes operations for writing a value to the reserved GVM location and for remapping a plurality of GPM locations containing the value to a single HPM location. The remapping is performed by a content-based page sharing component of the hypervisor. Additionally, the method reclaims the HPM location when the HPM location is freed due to the remapping, and assigns the reclaimed HPM location to a different VM or to a pool of available HPM locations. | 09-23-2010 |
20100299667 | SHORTCUT INPUT/OUTPUT IN VIRTUAL MACHINE SYSTEMS - Read requests to a commonly accessed storage volume are conditionally issued, depending on whether or not a requested data block is already stored in memory from a prior access or to be stored in memory upon completion of a pending request. A data structure is maintained in memory to track physical memory pages and to indicate for each physical memory page the corresponding location in the storage volume from which the contents of the physical memory were read and the number of virtual memory pages that are mapped thereto. | 11-25-2010 |
20110055479 | Thread Compensation For Microarchitectural Contention - A thread (or other resource consumer) is compensated for contention for system resources in a computer system having at least one processor core, a last level cache (LLC), and a main memory. In one embodiment, at each descheduling event of the thread following an execution interval, an effective CPU time is determined. The execution interval is a period of time during which the thread is being executed on the central processing unit (CPU) between scheduling events. The effective CPU time is a portion of the execution interval that excludes delays caused by contention for microarchitectural resources, such as time spent repopulating lines from the LLC that were evicted by other threads. The thread may be compensated for microarchitectural contention by increasing its scheduling priority based on the effective CPU time. | 03-03-2011 |
20110119413 | QUALITY OF SERVICE MANAGEMENT - A method and system for providing quality of service to a plurality of hosts accessing a common resource is described. According to one embodiment, a plurality of IO requests is received from clients executing as software entities on one of the hosts. An IO request queue for each client is separately managed, and an issue queue is populated based on contents of the IO request queues. When a host issue queue is not full, a new IO request is entered into the host issue queue and is issued to the common resource. A current average latency observed at the host is calculated, and an adjusted window size is calculated at least in part based on the current average latency. The window size of the issue queue is adjusted according to the calculated window size. | 05-19-2011 |
20110145632 | TRANSPARENT RECOVERY FROM HARDWARE MEMORY ERRORS - A method is provided for recovering from an uncorrected memory error located at a memory address as identified by a memory device. A stored hash value for a memory page corresponding to the identified memory address is used to determine the correct data. Because the memory device specifies the location of the corrupted data, and the size of the window where the corruption occurred, the stored hash can be used to verify memory page reconstruction. With the known good part of the data in hand, the hashes of the pages using possible values in place of the corrupted data are calculated. It is expected that there will be a match between the previously stored hash and one of the computed hashes. As long as there is one and only one match, then that value, used in the place of the corrupted data, is the correct value. The corrupt data, once replaced, allows operation of the memory device to continue without needing to interrupt or otherwise affect a system's operation. | 06-16-2011 |
20110231857 | CACHE PERFORMANCE PREDICTION AND SCHEDULING ON COMMODITY PROCESSORS WITH SHARED CACHES - A method is described for scheduling in an intelligent manner a plurality of threads on a processor having a plurality of cores and a shared last level cache (LLC). In the method, a first and second scenario having a corresponding first and second combination of threads are identified. The cache occupancies of each of the threads for each of the scenarios are predicted. The predicted cache occupancies being a representation of an amount of the LLC that each of the threads would occupy when running with the other threads on the processor according to the particular scenario. One of the scenarios is identified that results in the least objectionable impacts on all threads, the least objectionable impacts taking into account the impact resulting from the predicted cache occupancies. Finally, a scheduling decision is made according to the one of the scenarios that results in the least objectionable impacts. | 09-22-2011 |
20110258625 | GENERATING AND USING CHECKPOINTS IN A VIRTUAL COMPUTER SYSTEM - To generate a checkpoint for a virtual machine (VM), first, while the VM is still running, a copy-on-write (COW) disk file is created pointing to a parent disk file that the VM is using. Next, the VM is stopped, the VM's memory is marked COW, the device state of the VM is saved to memory, the VM is switched to use the COW disk file, and the VM begins running again for substantially the remainder of the checkpoint generation. Next, the device state that was stored in memory and the unmodified VM memory pages are saved to a checkpoint file. Also, a copy may be made of the parent disk file for retention as part of the checkpoint, or the original parent disk file may be retained as part of the checkpoint. If a copy of the parent disk file was made, then the COW disk file may be committed to the original parent disk file. | 10-20-2011 |
20110302389 | MEMORY MANAGEMENT METHODS IN A COMPUTER SYSTEM WITH SHARED MEMORY MAPPINGS - A memory management sub-system includes code executable by a processor fir performing selecting a plurality of contexts, and selecting a sample of the separately allocable portions of an address space for each of the contexts. For each of the selected allocable portions, a corresponding portion of the host memory to which the selected allocable portion is mapped is determined, and a count corresponding to a number of separately allocable portions of any context that are commonly mapped to the corresponding portion of the host memory. For each context, a metric is computed that is a function of the counts for that context. Host memory is allocated among the contexts at least in part based on their respective metrics. | 12-08-2011 |
20120011504 | ONLINE CLASSIFICATION OF MEMORY PAGES BASED ON ACTIVITY LEVEL - Activity level of memory pages is classified in virtual machine environment, so that processes such as live VM migration and checkpointing, among others, can be carried out more efficiently. The method includes the steps of scanning page table entries of hypervisor-managed page tables continuously over repeating scan periods to determine whether memory pages have been accessed or not, and for each memory page, determining an activity level of the memory page based on whether the memory page has been accessed or not since a prior scan and storing the activity level of the memory page. The activity level of the memory page may be represented by one or more bits of its page table entry and may be classified as having at least two states ranging from hot to cold. | 01-12-2012 |
20120017027 | METHOD FOR IMPROVING SAVE AND RESTORE PERFORMANCE IN VIRTUAL MACHINE SYSTEMS - Page data of a virtual machine is represented for efficient save and restore operations. One form of representation applies to each page with an easily identifiable pattern. The page is described, saved, and restored in terms of metadata reflective of the pattern rather than a complete page of data reflecting the pattern. During a save or restore operation, however, the metadata of the page is represented, but not the page data. Another form of representation applies to each page sharing a canonical instance of a complex pattern that is instantiated in memory during execution, and explicitly saved and restored. Each page sharing the canonical page is saved and restored as a metadata reference, without the need to actually save redundant copies of the page data. | 01-19-2012 |
20120110577 | CONTROLLING MEMORY CONDITIONS IN A VIRTUAL MACHINE - A method of managing host physical memory using a balloon application executing within a guest virtual machine (GVM) running on a host platform is described. The balloon application receives allocation parameters from an entity outside the GVM, the allocation parameters identifying an amount of memory for the balloon application to allocate. The balloon application adjusts the allocated amount of memory according to the allocated amount. Physical memory backing up the allocated memory can then be assigned by virtualization software for use by another virtual machine running on the host platform. | 05-03-2012 |
20120117299 | EFFICIENT ONLINE CONSTRUCTION OF MISS RATE CURVES - Miss rate curves are constructed in a resource-efficient manner so that they can be constructed and memory management decisions can be made while the workloads are running. The resource-efficient technique includes the steps of selecting a subset of memory pages for the workload, maintaining a least recently used (LRU) data structure for the selected memory pages, detecting accesses to the selected memory pages and updating the LRU data structure in response to the detected accesses, and generating data for constructing a miss-rate curve for the workload using the LRU data structure. After a memory page is accessed, the memory page may be left untraced for a period of time, after which the memory page is retraced. | 05-10-2012 |
20120221732 | RESOURCE ALLOCATION IN COMPUTERS - A method and tangible medium embodying code for allocating resource units of an allocatable resource among a plurality of clients in a computer is described. In the method, resource units are initially distributed among the clients by assigning to each of the clients a nominal share of the allocatable resource. For each client, a current allocation of resource units is determined. A metric is evaluated for each client, the metric being a function both of the nominal share and a usage-based factor, the usage-based factor being a function of a measure of resource units that the client is actively using and a measure of resource units that the client is not actively using. A resource unit can be reclaimed from a client when the metric for that client meets a predetermined criterion. | 08-30-2012 |
20120227042 | MECHANISM FOR SCHEDULING EXECUTION OF THREADS FOR FAIR RESOURCE ALLOCATION IN A MULTI-THREADED AND/OR MULTI-CORE PROCESSING SYSTEM - A thread scheduling mechanism is provided that flexibly enforces performance isolation of multiple threads to alleviate the effect of anti-cooperative execution behavior with respect to a shared resource, for example, hoarding a cache or pipeline, using the hardware capabilities of simultaneous multi-threaded (SMT) or multi-core processors. Given a plurality of threads running on at least two processors in at least one functional processor group, the occurrence of a rescheduling condition indicating anti-cooperative execution behavior is sensed, and, if present, at least one of the threads is rescheduled such that the first and second threads no longer execute in the same functional processor group at the same time. | 09-06-2012 |
20120233363 | QUALITY OF SERVICE MANAGEMENT - A method for measuring latencies caused by processing performed within a common resource is provided. A current latency value representing a time of residency of an IO request in a queue prior to receipt of acknowledgment from the common resource of completion of the IO request is received from a device comprising the queue, which maintains entries for IO requests that have been dispatched to and are pending at the common resource. An average latency value is calculated based in part on the current latency value. An adjusted capacity size for the queue is calculated based in part on the average latency value and the queue's capacity is set to the adjusted capacity size. IO requests are held in a buffer if the queue's capacity is full to reduce the effect of an amount of work transmitted to the common resource on current latency values provided by the device. | 09-13-2012 |
20120246320 | SYSTEM AND METHOD FOR CONTROLLING RESOURCE REVOCATION IN A MULTI-GUEST COMPUTER SYSTEM - At least one guest system, for example, a virtual machine, is connected to a host system, which includes a system resource such as system machine memory. Each guest system includes a guest operating system (OS). A resource requesting mechanism, preferably a driver, is installed within each guest OS and communicates with a resource scheduler included within the host system. If the host system needs any one the guest systems to relinquish some of the system resource it currently is allocated, then the resource scheduler instructs the driver within that guest system's OS to reserve more of the resource, using the guest OS's own, native resource allocation mechanisms. The driver thus frees this resource for use by the host, since the driver does not itself actually need the requested amount of the resource. The driver in each guest OS thus acts as a hollow “balloon” to “inflate” or “deflate,” that is, reserve more or less of the system resource via the corresponding guest OS. The resource scheduler, however, remains transparent to the guest systems. | 09-27-2012 |
20120324441 | DECENTRALIZED MANAGEMENT OF VIRTUALIZED HOSTS - One or more embodiments of the present invention provide a technique for effectively managing virtualized computing systems with an unlimited number of hardware resources. Host systems included in a virtualized computer system are organized into a scalable, peer-to-peer (P2P) network in which host systems arrange themselves into a network overlay to communicate with one another. The network overlay enables the host systems to perform a variety of operations, which include dividing computing resources of the host systems among a plurality of virtual machines (VMs), load balancing VMs across the host systems, and performing an initial placement of a VM in one of the host systems. | 12-20-2012 |
20120324444 | DECENTRALIZED MANAGEMENT OF VIRTUALIZED HOSTS - One or more embodiments of the present invention provide a technique for effectively managing virtualized computing systems with an unlimited number of hardware resources. Host systems included in a virtualized computer system are organized into a scalable, peer-to-peer (P2P) network in which host systems arrange themselves into a network overlay to communicate with one another. The network overlay enables the host systems to perform a variety of operations, which include dividing computing resources of the host systems among a plurality of virtual machines (VMs), load balancing VMs across the host systems, and performing an initial placement of a VM in one of the host systems. | 12-20-2012 |
20130067245 | SOFTWARE CRYPTOPROCESSOR - Security of information—both code and data—stored in a computer's system memory is provided by an agent loaded into and at run time resident in a CPU cache. Memory writes from the CPU are encrypted by the agent before writing and reads into the CPU are decrypted by the agent before they reach the CPU. The cache-resident agent also optionally validates the encrypted information stored in the system memory. Support for I/O devices and cache protection from unsafe DMA of the cache by devices is also provided. | 03-14-2013 |
20130097398 | GENERATING AND USING CHECKPOINTS IN A VIRTUAL COMPUTER SYSTEM - To generate a checkpoint for a virtual machine (VM), first, while the VM is still running, a copy-on-write (COW) disk file is created pointing to a parent disk file that the VM is using. Next, the VM is stopped, the VM's memory is marked COW, the device state of the VM is saved to memory, the VM is switched to use the COW disk file, and the VM begins running again for substantially the remainder of the checkpoint generation. Next, the device state that was stored in memory and the unmodified VM memory pages are saved to a checkpoint file. Also, a copy may be made of the parent disk file for retention as part of the checkpoint, or the original parent disk file may be retained as part of the checkpoint. If a copy of the parent disk file was made, then the COW disk file may be committed to the original parent disk file. | 04-18-2013 |
20130205106 | MAPPING GUEST PAGES TO DISK BLOCKS TO IMPROVE VIRTUAL MACHINE MANAGEMENT PROCESSES - In a virtualized computer system, guest memory pages are mapped to disk blocks that contain identical contents and the mapping is used to improve management processes performed on virtual machines, such as live migration and snapshots. These processes are performed with less data being transferred because the mapping data of those guest memory pages that have identical content stored on disk are transmitted instead of the their contents. As a result, live migration and snapshots can be carried out more quickly. The mapping of the guest memory pages to disk blocks can also be used to optimize other tasks, such as page swaps and memory error corrections. | 08-08-2013 |
20130232500 | CACHE PERFORMANCE PREDICTION AND SCHEDULING ON COMMODITY PROCESSORS WITH SHARED CACHES - A method is described for scheduling in an intelligent manner a plurality of threads on a processor having a plurality of cores and a shared last level cache (LLC). In the method, a first and second scenario having a corresponding first and second combination of threads are identified. The cache occupancies of each of the threads for each of the scenarios are predicted. The predicted cache occupancies being a representation of an amount of the LLC that each of the threads would occupy when running with the other threads on the processor according to the particular scenario. One of the scenarios is identified that results in the least objectionable impacts on all threads, the least objectionable impacts taking into account the impact resulting from the predicted cache occupancies. Finally, a scheduling decision is made according to the one of the scenarios that results in the least objectionable impacts. | 09-05-2013 |
20130238790 | METHODS AND SYSTEMS FOR DETECTING ANOMALIES DURING IO ACCESSES - An anomaly in a shared input/ouput (IO) resource that is accessed by a plurality hosts or clients is detected when a host that is not bound by any QoS policy presents large workloads to a shared IO resource that is also accessed by hosts or clients that are governed by QoS policy. The anomaly detection triggers a response from the hosts or clients as a way to protect against the effect of the anomaly. The response is an increase in window sizes. The window sizes of the hosts or clients may be increased to the maximum window size or in proportion to their QoS shares. | 09-12-2013 |
20130254612 | TRANSPARENT RECOVERY FROM HARDWARE MEMORY ERRORS - A method is provided for recovering from an uncorrected memory error located at a memory address as identified by a memory device. A stored hash value for a memory page corresponding to the identified memory address is used to determine the correct data. Because the memory device specifies the location of the corrupted data, and the size of the window where the corruption occurred, the stored hash can be used to verify memory page reconstruction. With the known good part of the data in hand, the hashes of the pages using possible values in place of the corrupted data are calculated. It is expected that there will be a match between the previously stored hash and one of the computed hashes. As long as there is one and only one match, then that value, used in the place of the corrupted data, is the correct value. The corrupt data, once replaced, allows operation of the memory device to continue without needing to interrupt or otherwise affect a system's operation. | 09-26-2013 |
20140068614 | SECURE IDENTIFICATION OF EXECUTION CONTEXTS - A virtual-machine-based system that identifies an application or process in a virtual machine in order to locate resources associated with the identified application. Access to the located resources is then controlled based on a context of the identified application. Those applications without the necessary context will have a different view of the resource. | 03-06-2014 |
20140189195 | PROVIDING MEMORY CONDITION INFORMATION TO GUEST APPLICATIONS - Virtualization software can improve the effectiveness of a guest application running inside a virtual machine (VM) by providing information to the guest application indicative of a memory condition of the VM. The memory condition is indicative of an availability of memory resources to the guest application. When guest physical memory can be reserved by a balloon application running in the (VM), providing memory condition data indicative of the memory condition provides more accurate information regarding the availability of memory resources to the guest application than could be provided by the guest operating system of the VM. | 07-03-2014 |
20140189248 | EFFICIENT ONLINE CONSTRUCTION OF MISS RATE CURVES - Miss rate curves are constructed in a resource-efficient manner so that they can be constructed and memory management decisions can be made while the workloads are running. The resource-efficient technique includes the steps of selecting a subset of memory pages for the workload, maintaining a least recently used (LRU) data structure for the selected memory pages, detecting accesses to the selected memory pages and updating the LRU data structure in response to the detected accesses, and generating data for constructing a miss-rate curve for the workload using the LRU data structure. After a memory page is accessed, the memory page may be left untraced for a period of time, after which the memory page is retraced. | 07-03-2014 |
20140237113 | DECENTRALIZED INPUT/OUTPUT RESOURCE MANAGEMENT - A shared input/output (IO) resource is managed in a decentralized manner. Each of multiple hosts having IO access to the shared resource, computes an average latency value that is normalized with respect to average IO request sizes, and stores the computed normalized latency value for later use. The normalized latency values thus computed and stored may be used for a variety of different applications, including enforcing a quality of service (QoS) policy that is applied to the hosts, detecting a condition known as an anomaly where a host that is not bound by a QoS policy accesses the shared resource at a rate that impacts the level of service received by the plurality of hosts that are bound by the QoS policy, and migrating workloads between storage arrays to achieve load balancing across the storage arrays. | 08-21-2014 |
20140245304 | IMPLICIT CO-SCHEDULING OF CPUS - Techniques for implicit coscheduling of CPUs to improve corun performance of scheduled contexts are described. One technique minimizes skew by implementing corun migrations, and another technique minimizes skew by implementing a corun bonus mechanism. Skew between schedulable contexts may be calculated based on guest progress, where guest progress represents time spent executing guest operating system and guest application code. A non-linear skew catch-up algorithm is described that adjusts the progress of a context when the progress falls far behind its sibling contexts. | 08-28-2014 |
20140281249 | HASH-BASED SPATIAL SAMPLING FOR EFFICIENT CACHE UTILITY CURVE ESTIMATION AND CACHE ALLOCATION - Cache utility curves are determined for different software entities depending on how frequently their storage access requests lead to cache hits or cache misses. Although possible, not all access requests need be tested, but rather only a subset, determined by whether a hash value of each current storage location identifier (such as an address or block number) meets one or more sampling criteria. | 09-18-2014 |
20140310462 | Cache Allocation System and Method Using a Sampled Cache Utility Curve in Constant Space - Cache utility curves are determined for different software entities depending on how frequently their storage access requests lead to cache hits or cache misses. Although possible, not all access requests need be tested, but rather only a sampled subset, determined by whether a hash value of each current storage location identifier (such as an address or block number) meets one or more sampling criteria. The sampling rate is adaptively changed so as to hold the number of location identifiers needed to be stored to compute the cache utility curves to within a set maximum limit. | 10-16-2014 |
20150019827 | GENERATING AND USING CHECKPOINTS IN A VIRTUAL COMPUTER SYSTEM - To generate a checkpoint for a virtual machine (VM), first, while the VM is still running, a copy-on-write (COW) disk file is created pointing to a parent disk file that the VM is using. Next, the VM is stopped, the VM's memory is marked COW, the device state of the VM is saved to memory, the VM is switched to use the COW disk file, and the VM begins running again for substantially the remainder of the checkpoint generation. Next, the device state that was stored in memory and the unmodified VM memory pages are saved to a checkpoint file. Also, a copy may be made of the parent disk file for retention as part of the checkpoint, or the original parent disk file may be retained as part of the checkpoint. If a copy of the parent disk file was made, then the COW disk file may be committed to the original parent disk file. | 01-15-2015 |
20150046924 | TRANSPARENT MEMORY-MAPPED EMULATION OF I/O CALLS - A virtual-machine-based system provides a mechanism to implement application file I/O operations of protected data by implementing the I/O operations semantics in a shim layer with memory-mapped regions. The semantics of these I/O operations are emulated in a shim layer with memory-mapped regions by using a mapping between a process' address space and a file or shared memory object. Data that is protected from viewing by a guest OS running in a virtual machine may nonetheless be accessed by the process. | 02-12-2015 |
20150067265 | System and Method for Partitioning of Memory Units into Non-Conflicting Sets - A system and method of operation exploit the limited associativity of a single cache set to force observable cache evictions and discover conflicts. Loads are issued to input memory addresses, one at a time, until a cache eviction is detected. After observing a cache eviction on a load from an address, that address is added to a data structure representing the current conflict set. The cache is then flushed, and loads are issued to all addresses in the current conflict set, so that all known conflicting addresses are accessed first, ensuring that the next cache miss will occur on a different conflicting address. The process is repeated, issuing loads from all input memory addresses, incrementally finding conflicting addresses, one by one. Memory addresses that conflict in the cache belong to the same partition, whereas memory addresses belonging to different partitions do not conflict. | 03-05-2015 |
20150074263 | RESOURCE ALLOCATION IN COMPUTERS - A method and tangible medium embodying code for allocating resource units of an allocatable resource among a plurality of clients in a computer is described. In the method, resource units are initially distributed among the clients by assigning to each of the clients a nominal share of the allocatable resource. For each client, a current allocation of resource units is determined. A metric is evaluated for each client, the metric being a function both of the nominal share and a usage-based factor, the usage-based factor being a function of a measure of resource units that the client is actively using and a measure of resource units that the client is not actively using. A resource unit can be reclaimed from a client when the metric for that client meets a predetermined criterion. | 03-12-2015 |
20150089502 | Method and System for Providing Secure System Execution on Hardware Supporting Secure Application Execution - An application such as a virtual machine are executed securely using a software-based, full-system emulator within a hardware-protected enclave, such as an SGX enclave. The emulator may thereby be secure even against a malicious underlying host operating system. In some cases, paging is used to allow even a large application may run within a small enclave using paging. Where the application itself uses enclaves, these guest enclaves may themselves be emulated within an emulator enclave such that the guest enclave(s) are nested as sibling enclaves by the emulator. | 03-26-2015 |