Various embodiments include methods and devices for implementing secure peripheral interface disablement on a computing device. Various embodiments may include receiving a trigger to disable a peripheral interface associated with a peripheral device of the computing device, identifying a physical address of the peripheral interface, and securely removing a mapping of an intermediate physical address of the peripheral interface to the physical address of the peripheral interface.

Embodiments of techniques and systems for execution of code with multiple page tables are described. In embodiments, a heterogenous system utilizing multiple processors may use multiple page tables to selectively execute appropriate ones of different versions of executable code. The system may be configured to support use of function pointers to virtual memory addresses. In embodiments, a virtual memory address may be mapped, such as during a code fetch. In embodiments, when a processor seeks to perform a code fetch using the function pointer, a page table associated with the processor may be used to translate the virtual memory address to a physical memory address where code executable by the processor may be found. Usage of multiple page tables may allow the system to support function pointers while utilizing only one virtual memory address for each function that is pointed to. Other embodiments may be described and claimed.

In an example of a method for implementing three-layer communication of a management packet, a controlling bridge creates a first virtual management ethernet (VME) port with a first MAMA address, and allocates a first IP address to the first VME port. A port extender creates a second VME port with a second MAC address, and requests an IP address of the second VME port from the controlling bridge. The controlling bridge allocates a second IP address to the second VME port, and notifies the port extender of the second IP address and the first IP address; acquires the second MAC address of the second VME port to send receive a management packet to from the second VME port through three-layer communication.

In a processor supporting execution of a plurality of functions of an instruction, an instruction blocking value is set for blocking one or more of the plurality of functions, such that an attempt to execute one of the blocked functions, will result in a program exception and the instruction will not execute, however the same instruction will be able to execute any of the functions that are not blocked functions.

In a processor supporting execution of a plurality of functions of an instruction, an instruction blocking value is set for blocking one or more of the plurality of functions, such that an attempt to execute one of the blocked functions, will result in a program exception and the instruction will not execute, however the same instruction will be able to execute any of the functions that are not blocked functions.

The present disclosure relates to computer-implemented methods, software, and systems for providing extension application mechanisms. Memory is allocated for a virtual environment to run in an address space of an application that is to be extended with extension logic in a secure manner. The virtual environment is configured for execution of commands related to an extension functionality of the application. A virtual processor for an execution of a command of the commands is initialized at the virtual environment. The virtual processor is operable to manage one or more guest operating systems (OS). A first guest OS is loaded at the allocated memory and application logic of the extension functionality is copied into the allocated memory. The virtual environment is started to execute the first guest OS and the application logic of the extension functionality in relation to associated data of the application in the allocated memory.

An indication that a virtual machine has been migrated may be received. In response to receiving the indication, one or more network addresses associated with the virtual machine may be identified. A notification message corresponding to the one or more network addresses may be generated. The notification message may be transmitted on networks for the one or more network addresses. The virtual machine may determine whether a response message has been received for each of the one or more network addresses. The virtual machine may transmit a subsequent notification message in view of determining that at least one response message has not been received for at least one of the one or more network addresses.

A simulation method and a simulation system are provided. The simulation system may be divided into an execution model and a processor model based on a JIT emulation engine. The execution model can call the JIT emulation engine to execute instructions, and obtain influence of instructions on a processor architectural status. The processor model may simulate an internal process of a target processor and determine whether to start/end a speculation. The execution model and the processor model may interact through a specific protocol. After the speculation is started, the simulation method may store an application running scene when the speculation is started, and redirect influence of speculation instructions on a memory to a memory snapshot. After the speculation is ended, the simulation method may also restore the application running scene to a status before the speculation is started, and cancel influence of the speculation instructions on the memory.

A system for securing access to a network asset and including a launcher and a master each configure to generate a new unique and temporary hostname and virtual machines each having an IP address associated to a corresponding generated unique, secret and temporary hostname. Each virtual machine operates either as a server hosting the network asset or a reverse proxy or a firewall between a client device having the launcher stored in the memory thereof and the corresponding network asset. A new virtual machine is created each time a new hostname is generated and is destructed after the corresponding hostname expires. The system also includes a DNS server storing a database of host records each including a public IP address of one of the virtual machines and the corresponding hostname, the database of host records being updated each time a new virtual machine is created in a DNS domain.

A secondary pool of VMs is used to run secondary services or jobs, which may be evicted upon failure of a corresponding primary VM. Upon detection of a failure of a primary resource, the secondary services or jobs are evicted from secondary pool resources, and the secondary pool resources can be automatically allocated to the jobs of the failed primary resource. In this regard, a secondary job may be thought of as a preemptible job and comprises services or jobs that are lower priority than the service or job on the primary resource. By using computing resources in the secondary pool to run secondary or preemptible jobs, this technology makes use of what would be otherwise idle resources. This beneficially avoids having to allocate additional and separate computing resources for secondary jobs, leads to more efficient use of network resources, and reduces costs.