	US 11,741,021 B2
	Trust domains for peripheral devices
Srihari Venkatesan, San Francisco, CA (US); Sunil Kotian, San Jose, CA (US); Andrei Warkentin, South Elgin, IL (US); and Kalaiselvi Sengottuvel, Fremont, CA (US)
Assigned to VMWARE, INC., Palo Alto, CA (US)
Filed by VMware, Inc., Palo Alto, CA (US)
Filed on Jan. 18, 2022, as Appl. No. 17/577,584.
Prior Publication US 2023/0229602 A1, Jul. 20, 2023
Int. Cl. G06F 12/00 (2006.01); G06F 12/14 (2006.01); G06F 12/109 (2016.01); G06F 13/42 (2006.01); G06F 9/455 (2018.01); G06F 12/02 (2006.01)

CPC G06F 12/145 (2013.01) [G06F 9/45558 (2013.01); G06F 12/0238 (2013.01); G06F 12/109 (2013.01); G06F 12/1433 (2013.01); G06F 13/4221 (2013.01); G06F 2009/45583 (2013.01); G06F 2009/45587 (2013.01)]

20 Claims

1. A system, comprising:

a computing device comprising a processor, a memory, and a Peripheral Component Interconnect Express (PCIe) switch; and

machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least:

assign a first trust identifier to a first virtual machine hosted by the computing device;

assign the first trust identifier to a first PCIe device assigned to the first virtual machine;

determine that a second PCIe device connected to the PCIe switch is assigned a second trust identifier assigned to a second virtual machine; and

disable an Address Control Services (ACS) direct translated bit for peer-to-peer memory requests in the PCIe switch in response to a determination that the second PCIe device is associated with the second trust identifier assigned to the second virtual machine.