PROCESSORS, METHODS, SYSTEMS, AND INSTRUCTIONS TO SUPPORT LIVE MIGRATION OF PROTECTED CONTAINERS

Organization Name

intel corporation

Inventor(s)

Carlos V. Rozas of Portland OR (US)

Mona Vij of Hillsboro OR (US)

Rebekah M. Leslie-hurd of Portland OR (US)

Krystof C. Zmudzinski of Forest Grove OR (US)

Somnath Chakrabarti of Portland OR (US)

Francis X. Mckeen of Portland OR (US)

Vincent R. Scarlata of Beaverton OR (US)

Simon P. Johnson of Beaverton OR (US)

Ilya Alexandrovich of Yokneam Illit (IL)

Gilbert Neiger of Portland OR (US)

Vedvyas Shanbhogue of Austin TX (US)

Ittai Anati of Ramat Hasharon (IL)

PROCESSORS, METHODS, SYSTEMS, AND INSTRUCTIONS TO SUPPORT LIVE MIGRATION OF PROTECTED CONTAINERS - A simplified explanation of the abstract

This abstract first appeared for US patent application 20240184717 titled 'PROCESSORS, METHODS, SYSTEMS, AND INSTRUCTIONS TO SUPPORT LIVE MIGRATION OF PROTECTED CONTAINERS

Simplified Explanation

The processor described in the patent application includes a decode unit to decode an instruction related to a page of a protected container memory and a storage location outside of the protected container memory. An execution unit, in response to the instruction, ensures that there are no writable references to the page of the protected container memory while it is in a write-protected state. The execution unit then encrypts a copy of the page and stores it in the storage location outside of the protected container memory, leaving the original page in the write-protected state.

• Decode unit decodes instruction related to a page of protected memory and a storage location outside of it.
• Execution unit ensures no writable references to the page while in a write-protected state.
• Execution unit encrypts a copy of the page and stores it in the external storage location.
• Original page remains in the write-protected state after the encrypted copy is stored.

Potential Applications

This technology could be applied in secure data storage systems, virtualization environments, and cloud computing platforms.

Problems Solved

This technology solves the problem of protecting sensitive data stored in a container memory from unauthorized access or modification.

Benefits

The benefits of this technology include enhanced data security, improved privacy protection, and increased system reliability.

Potential Commercial Applications

Potential commercial applications of this technology include secure cloud storage services, data encryption software, and virtual machine management tools.

Possible Prior Art

One possible prior art for this technology could be memory protection mechanisms in operating systems or virtualization platforms.

Unanswered Questions

How does the processor handle errors during the encryption process?

The patent application does not provide details on error handling mechanisms during the encryption process.

What is the performance impact of encrypting and storing the page outside of the protected container memory?

The patent application does not discuss the performance implications of the encryption and storage process.

Original Abstract Submitted

a processor includes a decode unit to decode an instruction that is to indicate a page of a protected container memory, and a storage location outside of the protected container memory. an execution unit, in response to the instruction, is to ensure that there are no writable references to the page of the protected container memory while it has a write protected state. the execution unit is to encrypt a copy of the page of the protected container memory. the execution unit is to store the encrypted copy of the page to the storage location outside of the protected container memory, after it has been ensured that there are no writable references. the execution unit is to leave the page of the protected container memory in the write protected state, which is also valid and readable, after the encrypted copy has been stored to the storage location.