	US 12,366,989 B2
	Technologies to provide access to kernel and user space memory regions
Maksim Lukoshkov, Clarecastle (IE); Tomasz Kantecki, Ennis (IE); and Sanjay K. Kumar, Hillsboro, OR (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Dec. 23, 2020, as Appl. No. 17/133,531.
Prior Publication US 2021/0149587 A1, May 20, 2021
Int. Cl. G06F 3/06 (2006.01)

CPC G06F 3/0655 (2013.01) [G06F 3/0604 (2013.01); G06F 3/0679 (2013.01)]

19 Claims

1. An apparatus comprising:

a device comprising:

circuitry to permit or deny the device to write-to or read-from kernel space memory associated with a virtualized execution environment by use of multiple process identifiers, wherein the virtualized execution environment comprises a virtual machine or container, wherein a first process identifier of the multiple process identifiers is to identify a first address translation table, a second process identifier of the multiple process identifiers is to identify a second address translation table, and wherein to permit or deny the device to write-to or read-from kernel space memory associated with the virtualized execution environment by use of multiple process identifiers comprises perform an address translation to an address in a guest address space based on the first process identifier and perform an address translation to an address in kernel address space based on both the first process identifier and the second process identifier.