CPC G06F 21/6218 (2013.01) [G06F 9/45558 (2013.01); G06F 12/1027 (2013.01); G06F 2009/45583 (2013.01); G06F 2009/45587 (2013.01)] | 20 Claims |
8. A system, comprising:
a memory; and
a processor in communication with the memory, wherein the processor is configured to perform:
initializing a secure interface configured to provide access to a virtual machine (VM), a self-contained platform, or a container from a device, wherein the VM, the self-contained platform (SCP), or the container is associated with a level of security;
allocating a buffer associated with the secure interface, wherein the level of security indicates whether the device has access to guest memory of the VM, the self-contained platform (SCP), or the container via the buffer;
providing the buffer to the device; and
sending input/outputs (I/Os) between the device and the VM, the self-contained platform (SCP), or the container via the secure interface,
wherein the buffer is allocated such that at least one of:
when the level of security is low, the buffer is allocated from a portion of the guest memory,
when the device is a trusted device, the buffer is a total amount of the guest memory, or
when the level of security is high, the buffer is allocated outside the guest memory.
|