US 11,989,332 B2
Secure public cloud with protected guest-verified host control
David M. Durham, Beaverton, OR (US); Gilbert Neiger, Portland, OR (US); Barry E. Huntley, Hillsboro, OR (US); Ravi L. Sahita, Portland, OR (US); and Baiju V. Patel, Portland, OR (US)
Assigned to INTEL CORPORATION, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Sep. 29, 2021, as Appl. No. 17/449,343.
Application 17/449,343 is a continuation of application No. 16/792,941, filed on Feb. 18, 2020, granted, now 11,163,911.
Application 16/792,941 is a continuation of application No. 16/362,887, filed on Mar. 25, 2019, granted, now 10,628,612, issued on Apr. 21, 2020.
Application 16/362,887 is a continuation of application No. 15/444,771, filed on Feb. 28, 2017, granted, now 10,303,899, issued on May 28, 2019.
Claims priority of provisional application 62/373,627, filed on Aug. 11, 2016.
Prior Publication US 2022/0019698 A1, Jan. 20, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/71 (2013.01); G06F 8/61 (2018.01); G06F 9/455 (2018.01); G06F 21/53 (2013.01); G06F 21/57 (2013.01); G06F 21/78 (2013.01); H04L 9/08 (2006.01)
CPC G06F 21/71 (2013.01) [G06F 8/63 (2013.01); G06F 9/45533 (2013.01); G06F 9/45558 (2013.01); G06F 21/53 (2013.01); G06F 21/57 (2013.01); G06F 21/78 (2013.01); H04L 9/0822 (2013.01); G06F 2009/45579 (2013.01); G06F 2009/45587 (2013.01); G06F 2212/402 (2013.01); G06F 2221/2149 (2013.01)] 21 Claims
OG exemplary drawing
 
1. At least one non-transitory computer-readable medium comprising instructions that, when executed, cause a processor to facilitate operations comprising:
creating a first key domain, the first key domain comprising a region of a memory to be encrypted by a key domain key;
launching a first guest virtual machine within the first key domain;
intercepting an interrupt;
saving processor register information to a protected location of the memory in response to the interrupt or an exception thrown when the first guest virtual machine causes an exit condition;
clearing a first processor register if the first processor register is not needed by an untrusted host virtual machine monitor managing execution of the first guest virtual machine;
conditionally exposing a second processor register if the second processor register is needed by the untrusted host virtual machine monitor;
invoking the untrusted host virtual machine monitor; and
exiting the first guest virtual machine when the untrusted host virtual machine monitor is invoked.