发明申请
- 专利标题: LOW OVERHEAD INTEGRITY PROTECTION WITH HIGH AVAILABILITY FOR TRUST DOMAINS
-
申请号: US16023576申请日: 2018-06-29
-
公开(公告)号: US20190042476A1公开(公告)日: 2019-02-07
- 发明人: Siddhartha Chhabra , Rajat Agarwal , Baiju Patel , Kirk Yap
- 申请人: Intel Corporation
- 申请人地址: US CA Santa Clara
- 专利权人: Intel Corporation
- 当前专利权人: Intel Corporation
- 当前专利权人地址: US CA Santa Clara
- 主分类号: G06F12/14
- IPC分类号: G06F12/14 ; G06F21/78 ; G06F21/64 ; G06F21/60 ; H04L9/32 ; G06F9/455
摘要:
Techniques are described for providing low-overhead cryptographic memory isolation to mitigate attack vulnerabilities in a multi-user virtualized computing environment. Memory read and memory write operations for target data, each operation initiated via an instruction associated with a particular virtual machine (VM), include the generation and/or validation of a message authentication code that is based at least on a VM-specific cryptographic key and a physical memory address of the target data. Such operations may further include transmitting the generated message authentication code via a plurality of ancillary bits incorporated within a data line that includes the target data. In the event of a validation failure, one or more error codes may be generated and provided to distinct trust domain architecture entities based on an operating mode of the associated virtual machine.
信息查询