公开(公告)号：EP4379592A2

公开(公告)日：2024-06-05

申请号：EP24170687.8

申请日：2018-08-15

申请人： INTEL Corporation

发明人： Sahita, Ravi L. ,  Patel, Baiju V. ,  Huntley, Barry E. ,  Neiger, Gilbert ,  Khosravi, Hormuzd M. ,  Ouziel, Ido ,  Durham, David M. ,  Schoinas, Ioannis T. ,  Chhabra, Siddhartha ,  Rozas, Carlos V. ,  Gerzon, Gideon

IPC分类号： G06F21/79

CPC分类号： G06F21/71 ,  G06F21/79

摘要： Implementations describe providing isolation in virtualized systems using trust domains. In one implementation, an apparatus comprises: a memory encryption engine to protect memory using encryption; and a processor to execute one or more instructions to allow a virtual machine manager (VMM) to manage a trust domain (TD). The processor is to support at least one of a first instruction to add a memory page to the TD, wherein execution of the first instruction is to use an address of TD control structure, an address of a source page, and an address of destination page to: copy the source memory page to the destination page using an encryption key identified in the TD control structure, a second instruction, wherein execution of the second instruction is to initialize the TD control structure for a TD and generate the encryption key, or a third instruction, wherein execution of the third instruction is to enter the TD and load a saved state of the TD from a data structure.

公开(公告)号：EP4328747A3

公开(公告)日：2024-05-29

申请号：EP24152166.5

申请日：2020-03-21

申请人： INTEL Corporation

发明人： Sahita, Ravi ,  Kung, Tin-Cheung ,  Shanbhogue, Vedvyas ,  Huntley, Barry E. ,  Aharon, Arie

IPC分类号： G06F9/455 ,  G06F21/57

CPC分类号： G06F2009/4558320130101 ,  G06F2009/4558720130101 ,  G06F21/57 ,  G06F9/45558

摘要： Implementations describe a computing system that implements a plurality of virtual machines inside a trust domain (TD), enabled via a secure arbitration mode (SEAM) of the processor. A processor includes one or more registers to store a SEAM range of memory, a TD key identifier of a TD private encryption key. The processor is capable of initializing a trust domain resource manager (TDRM) to manage the TD, and a virtual machine monitor within the TD to manage the plurality of virtual machines therein. The processor is further capable of exclusively associating a plurality of memory pages with the TD, wherein the plurality of memory pages associated with the TD is encrypted with a TD private encryption key inaccessible to the TDRM. The processor is further capable of using the SEAM range of memory, inaccessible to the TDRM, to provide isolation between the TDRM and the plurality of virtual machines.

公开(公告)号：EP4325352A2

公开(公告)日：2024-02-21

申请号：EP24150660.9

申请日：2016-05-26

申请人： Intel Corporation

发明人： Shanbhogue, Vedvyas ,  Brandt, Jason W. ,  Sahita, Ravi L. ,  Huntley, Barry E. ,  Patel, Baiju V.

IPC分类号： G06F9/38

摘要： Embodiments of the subject disclosure provide a processor and a system. The processor comprises: a shadow stack pointer, SSP, register to store a current SSP to identify a top of a current shadow stack; a decode unit to decode a restore shadow stack pointer instruction, the restore shadow stack pointer instruction to indicate a source operand that is to have a first SSP, the first SSP to identify a top of a first shadow stack; and an execution unit coupled with the decode unit, the execution unit, in response to the restore shadow stack pointer instruction, to: perform a plurality of security checks, including to determine whether a value derived from the first SSP is compatible with a value accessed from the first shadow stack; cause an exception, if at least one of the security checks fails; and restore an SSP to the SSP register to switch from the current shadow stack to the first shadow stack, if all of the security checks succeed.

公开(公告)号：EP4099158A1

公开(公告)日：2022-12-07

申请号：EP22184595.1

申请日：2016-05-26

申请人： INTEL Corporation

发明人： Shanbhogue, Vedvyas ,  Brandt, Jason W. ,  Sahita, Ravi L. ,  Huntley, Barry E. ,  Patel, Baiju V.

IPC分类号： G06F9/30 ,  G06F21/52 ,  G06F12/14 ,  G06F9/38

摘要： Embodiments of the subject disclosure provide a processor and a system. The processor comprises: a shadow stack pointer (SSP) register to store an SSP, including a first SSP to identify a top of a first shadow stack, the SSP register to indicate a current SSP for a current shadow stack; a decode unit to decode a shadow stack protection instruction, the shadow stack protection instruction to indicate a second SSP, the second SSP to identify a top of a second shadow stack; and an execution unit coupled with the decode unit. The execution unit, in response to the shadow stack protection instruction, is to perform a plurality of security checks, including to determine whether the second SSP is compatible with a value stored on the second shadow stack. If at least one of the security checks fail, the execution unit is further to: not make the second SSP the current SSP; and cause an exception. If all of the security checks succeed, the execution unit is further to: change the value; and update the SSP register to the second SSP to make the second SSP the current SSP.

公开(公告)号：EP3800546A1

公开(公告)日：2021-04-07

申请号：EP20209381.1

申请日：2016-05-26

申请人： Intel Corporation

发明人： Shanbhogue, Vedvyas ,  Brandt, Jason W. ,  Sahita, Ravi L. ,  Huntley, Barry E. ,  Patel, Baiju V.

IPC分类号： G06F9/30 ,  G06F21/52 ,  G06F12/14

摘要： Embodiments of the subject disclosure provide a processor and a system. The processor comprises: a shadow stack pointer, SSP, register, the SSP register to store a first SSP to identify a top of a first currently active shadow stack; a decode unit to decode a shadow stack protection instruction, the shadow stack protection instruction to indicate a second SSP, the second SSP to identify a top of a second shadow stack that the shadow stack protection instruction is attempting to switch to; and an execution unit coupled with the decode unit. The execution unit, in response to the shadow stack protection instruction, is to: perform one or more security checks, including to determine whether the second SSP indicated by the shadow stack protection instruction matches an SSP stored on the second shadow stack; if at least one of the security checks fail: not store the second SSP to the SSP register; and cause an exception; and if all of the security checks succeed: compromise the SSP stored on the second shadow stack; and store the second SSP to the SSP register.

公开(公告)号：EP3716079A1

公开(公告)日：2020-09-30

申请号：EP20154463.2

申请日：2020-01-30

申请人： INTEL Corporation

发明人： Rodgers, Scott Dion ,  Chappell, Chappell S. ,  Huntley, Barry E.

IPC分类号： G06F12/1009 ,  G06F12/1036 ,  G06F12/109 ,  G06F12/14

摘要： An apparatus and method for managing different page tables for different privilege levels. For example, one embodiment of a processor comprises: a first control register (1310) to store a first base address associated with program code executed at a first privilege level; a second control register (1320) to store a second base address associated with program code executed at a second privilege level lower than the first privilege level; and address translation circuitry to identify a first base translation table (1351) using the first base address responsive to a first address translation request originating from the program code executed at the first privilege level and to identify a second base translation table (1361) using the second base address responsive to a second address translation request originating from the program code executed at the second privilege level.