1. Field of the Invention
This invention relates to granting privileges and more particularly relates to granting hypervisor privileges.
2. Description of the Related Art
The hardware of a single computer may be organized to simulate the operation of two or more virtual computers. For example, a hypervisor may be installed on the single computer. The hypervisor may manage the allocation of computer resources into two or more virtual computers. For example, the hypervisor may allocate a first block of memory to a first virtual computer and a second block of memory to a second virtual computer.
In addition, the hypervisor may allow two or more operating systems (OS) to execute on the virtual computers. A context of each OS may run on separate virtual computers. The hypervisor may manage the switching of contexts between each OS.
The partitioning of the computer hardware into multiple virtual computers can significantly reduce the cost of providing multiple computers. As a result, significant hardware and software support is provided for hypervisors and virtual computers. Unfortunately, this hardware and software support for hypervisors may be used by malicious programs. For example, a virus may install itself as a hypervisor and use hypervisor privileges to circumvent computer security protection.