US 12,153,944 B2
Systems, methods, and media for trusted hypervisors
Shih-Wei Li, New York, NY (US); Jason Nieh, New York, NY (US); and John S. Koh, Ridgefield, NJ (US)
Assigned to The Trustees of Columbia University in the City of New York, New York, NY (US)
Filed by Shih-Wei Li, New York, NY (US); Jason Nieh, New York, NY (US); and John S. Koh, Ridgefield, NJ (US)
Filed on Jun. 29, 2020, as Appl. No. 16/916,051.
Claims priority of provisional application 62/867,808, filed on Jun. 27, 2019.
Prior Publication US 2020/0409740 A1, Dec. 31, 2020
Int. Cl. G06F 9/455 (2018.01); G06F 9/4401 (2018.01); G06F 9/50 (2006.01); G06F 21/44 (2013.01)
CPC G06F 9/45558 (2013.01) [G06F 9/4401 (2013.01); G06F 9/5077 (2013.01); G06F 21/44 (2013.01); G06F 2009/45587 (2013.01)] 21 Claims
OG exemplary drawing
 
1. A system comprising:
a memory; and
a hardware processor coupled to the memory and configured to:
execute a hypervisor having a first portion and a second portion, wherein the first portion of the hypervisor executes at a first exception level and is able to access data of a virtual machine in the hardware processor and the memory, and wherein the second portion of the hypervisor executes at a second exception level and accesses the data of the virtual machine in the hardware processor and the memory using a first page table that translates a host virtual address to a virtualized host physical address and a second page table that translates the virtualized host physical address to a host physical address, wherein the second page table is controlled by the first portion of the hypervisor; and
unmapping physical memory from the second page table by the first portion of the hypervisor to prevent the second portion of the hypervisor from accessing the physical memory.