US Patent:
20170300430, Oct 19, 2017
Inventors:
- Palo Alto CA, US
WEI XU - Palo Alto CA, US
RADU RUGINA - Palo Alto CA, US
JEFFREY W. SHELDON - Palo Alto CA, US
JAMES S. MATTSON - Seattle WA, US
RAKESH AGARWAL - Palo Alto CA, US
DAVID DUNN - Bellevue WA, US
International Classification:
G06F 12/14
G06F 9/455
G06F 9/46
G06F 21/74
G06F 9/455
G06F 9/455
Abstract:
Mechanisms to protect the integrity of memory of a virtual machine are provided. The mechanisms involve utilizing certain capabilities of the hypervisor underlying the virtual machine to monitor writes to memory pages of the virtual machine. A guest integrity driver communicates with the hypervisor to request such functionality. Additional protections are provided for protecting the guest integrity driver and associated data, as well as for preventing use of these mechanisms by malicious software. These additional protections include an elevated execution mode, termed “integrity mode,” which can only be entered from a specified entry point, as well as protections on the memory pages that store the guest integrity driver and associated data.