公开(公告)号：US09461818B2

公开(公告)日：2016-10-04

申请号：US14066350

申请日：2013-10-29

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: G06F11/30 ,  H04L9/08 ,  G06F12/08 ,  G06F21/52 ,  G06F21/71 ,  G06F21/72 ,  G06F9/30 ,  G06F21/60 ,  H04L9/06 ,  G06F21/54

CPC classification number: H04L9/0827 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A method for encrypting a program for subsequent execution by a microprocessor configured to decrypt and execute the encrypted program includes receiving an object file specifying an unencrypted program that includes conventional branch instructions whose target address may be determined pre-run time. The method also includes analyzing the program to obtain chunk information that divides the program into a sequence of chunks each comprising a sequence of instructions and that includes encryption key data associated with each of the chunks. The encryption key data associated with each of the chunks is distinct. The method also includes replacing each of the conventional branch instructions that specifies a target address that is within a different chunk than the chunk in which the conventional branch instruction resides with a branch and switch key instruction. The method also includes encrypting the program based on the chunk information.

Abstract translation: 用于加密被配置为解密和执行加密程序的微处理器后续执行的程序的方法包括接收指定未加密程序的目标文件，其包括其目标地址可以被确定为预先运行时间的常规分支指令。 该方法还包括分析程序以获得将程序划分成每个包括指令序列并且包括与每个块相关联的加密密钥数据的块的序列的块信息。 与每个块相关联的加密密钥数据是不同的。 该方法还包括用分支和切换键指令代替指定与常规分支指令所在的块不同的块内的目标地址的每个常规分支指令。 该方法还包括基于块信息来加密程序。

公开(公告)号：US20150113250A1

公开(公告)日：2015-04-23

申请号：US14088620

申请日：2013-11-25

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean

IPC: G06F9/30

CPC classification number: G06F9/30145 ,  G06F9/30178 ,  G06F9/328 ,  G06F9/3891

Abstract: A microprocessor includes a plurality of memories each configured to hold microcode instructions. At least a first of the plurality of memories is configured to provide M-bit wide words of compressed microcode instructions, and at least a second of the plurality of memories is configured to provide N-bit wide words of uncompressed microcode instructions. M and N are integers greater than zero and N is greater than M. The microprocessor also includes a decompression unit configured to decompress the compressed microcode instructions after being fetched from the at least a first of the plurality of memories and before being executed.

Abstract translation: 微处理器包括多个存储器，每个存储器被配置为保持微码指令。 所述多个存储器中的至少第一个被配置为提供压缩微码指令的M位宽的字，并且所述多个存储器中的至少一个存储器被配置为提供未压缩的微代码指令的N位宽字。 M和N是大于零并且N大于M的整数。微处理器还包括解压缩单元，其被配置为在从多个存储器中的至少第一个存储器中取出并在执行之前解压缩压缩的微代码指令。

公开(公告)号：US09892283B2

公开(公告)日：2018-02-13

申请号：US14884502

申请日：2015-10-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: G06F21/72 ,  G06F9/30 ,  H04L9/08 ,  G06F21/74 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/60 ,  G06F21/71 ,  H04L9/06

CPC classification number: G06F21/72 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/602 ,  G06F21/71 ,  G06F21/74 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A microprocessor and method are provided for securely decrypting and executing encrypted instructions within a microprocessor. A plurality of master keys are stored in a secure memory. Encrypted instructions are fetched from an instruction cache. A set of one or more master keys are selected from the secure memory based upon an encrypted instruction fetch address. The selected set of master keys or a decryption key derived therefrom is used to decrypt the encrypted instructions fetched from the instruction cache. The decrypted instructions are then securely executed within the microprocessor. In one implementation, the master keys are intervolved with each other to produce a new decryption key with every fetch quantum. Moreover, a new set of master keys is selected with every new block of instructions.

公开(公告)号：US09830155B2

公开(公告)日：2017-11-28

申请号：US15140010

申请日：2016-04-27

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean

IPC: G06F9/30 ,  G06F9/28 ,  G06F9/32 ,  G06F9/38

CPC classification number: G06F9/30178 ,  G06F9/26 ,  G06F9/268 ,  G06F9/28 ,  G06F9/30145 ,  G06F9/32 ,  G06F9/3802

Abstract: A microprocessor includes compressed and uncompressed microcode memory storages, having N-bit wide and M-bit wide addressable words, respectively, where N

公开(公告)号：US09507404B2

公开(公告)日：2016-11-29

申请号：US14281621

申请日：2014-05-19

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Stephan Gaskins

IPC: G06F1/00 ,  G06F1/32 ,  G06F12/08 ,  G06F13/24 ,  G06F9/38 ,  G06F9/30 ,  G06F9/44 ,  G06F1/04 ,  G06F1/12

CPC classification number: G06F9/3885 ,  G06F1/04 ,  G06F1/12 ,  G06F1/3203 ,  G06F1/3237 ,  G06F1/324 ,  G06F1/3287 ,  G06F1/3296 ,  G06F9/30032 ,  G06F9/30047 ,  G06F9/30079 ,  G06F9/30087 ,  G06F9/30105 ,  G06F9/30145 ,  G06F9/3802 ,  G06F9/3861 ,  G06F9/4403 ,  G06F9/4405 ,  G06F9/4411 ,  G06F9/4418 ,  G06F12/0808 ,  G06F12/084 ,  G06F12/0875 ,  G06F13/24 ,  G06F13/364 ,  G06F13/42 ,  G06F21/53 ,  G06F21/57 ,  G06F2212/452 ,  G06F2212/6028 ,  G06F2212/62 ,  H01L22/34 ,  H04L9/0877 ,  H04L9/0897 ,  Y02B70/12 ,  Y02B70/123 ,  Y02B70/126 ,  Y02B70/30 ,  Y02D10/10 ,  Y02D10/126 ,  Y02D10/128 ,  Y02D10/13 ,  Y02D10/171 ,  Y02D10/172 ,  Y02D10/30 ,  Y02D50/20

Abstract: A microprocessor includes a plurality of cores, a shared cache memory, and a control unit that individually puts each core to sleep by stopping its clock signal. Each core executes a sleep instruction and responsively makes a respective request of the control unit to put the core to sleep, which the control unit responsively does, and detects when all the cores have made the respective request and responsively wakes up only the last requesting cores. The last core writes back and invalidates the shared cache memory and indicates it has been invalidated and makes a request to the control unit to put the last core back to sleep. The control unit puts the last core back to sleep and continuously keeps the other cores asleep while the last core writes back and invalidates the shared cache memory, indicates the shared cache memory was invalidated, and is put back to sleep.

Abstract translation: 微处理器包括多个核心，共享高速缓冲存储器和控制单元，其通过停止其时钟信号来单独地将每个核心置于睡眠状态。 每个核心执行睡眠指令，并且响应地使控制单元的相应请求将核心置于睡眠状态，控制单元响应地进行该操作，并且检测所有核心何时完成了各自的请求，并且响应地只唤醒最后请求的核心 。 最后一个内核写回并使共享高速缓存内存无效，并指示它已被无效，并向控制单元发出请求以使最后一个核心返回休眠状态。 控制单元将最后一个核心置于休眠状态，并持续保持其他内核处于睡眠状态，同时最后一个内核回写并使共享缓存内存无效，表示共享高速缓存内存无效，并返回睡眠状态。

公开(公告)号：US09372696B2

公开(公告)日：2016-06-21

申请号：US14088620

申请日：2013-11-25

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean

IPC: G06F9/30 ,  G06F9/32 ,  G06F9/38

CPC classification number: G06F9/30145 ,  G06F9/30178 ,  G06F9/328 ,  G06F9/3891

Abstract: A microprocessor includes a plurality of memories each configured to hold microcode instructions. At least a first of the plurality of memories is configured to provide M-bit wide words of compressed microcode instructions, and at least a second of the plurality of memories is configured to provide N-bit wide words of uncompressed microcode instructions. M and N are integers greater than zero and N is greater than M. The microprocessor also includes a decompression unit configured to decompress the compressed microcode instructions after being fetched from the at least a first of the plurality of memories and before being executed.

Abstract translation: 微处理器包括多个存储器，每个存储器被配置为保持微码指令。 所述多个存储器中的至少第一个被配置为提供压缩微码指令的M位宽的字，并且所述多个存储器中的至少一个存储器被配置为提供未压缩的微代码指令的N位宽字。 M和N是大于零并且N大于M的整数。微处理器还包括解压缩单元，其被配置为在从多个存储器中的至少第一个存储器中取出并在执行之前解压缩压缩的微代码指令。

公开(公告)号：US20150067214A1

公开(公告)日：2015-03-05

申请号：US14281621

申请日：2014-05-19

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Stephan Gaskins

IPC: G06F1/32 ,  G06F13/24 ,  G06F12/08

CPC classification number: G06F9/3885 ,  G06F1/04 ,  G06F1/12 ,  G06F1/3203 ,  G06F1/3237 ,  G06F1/324 ,  G06F1/3287 ,  G06F1/3296 ,  G06F9/30032 ,  G06F9/30047 ,  G06F9/30079 ,  G06F9/30087 ,  G06F9/30105 ,  G06F9/30145 ,  G06F9/3802 ,  G06F9/3861 ,  G06F9/4403 ,  G06F9/4405 ,  G06F9/4411 ,  G06F9/4418 ,  G06F12/0808 ,  G06F12/084 ,  G06F12/0875 ,  G06F13/24 ,  G06F13/364 ,  G06F13/42 ,  G06F21/53 ,  G06F21/57 ,  G06F2212/452 ,  G06F2212/6028 ,  G06F2212/62 ,  H01L22/34 ,  H04L9/0877 ,  H04L9/0897 ,  Y02B70/12 ,  Y02B70/123 ,  Y02B70/126 ,  Y02B70/30 ,  Y02D10/10 ,  Y02D10/126 ,  Y02D10/128 ,  Y02D10/13 ,  Y02D10/171 ,  Y02D10/172 ,  Y02D10/30 ,  Y02D50/20

Abstract: A microprocessor includes a plurality of cores, a shared cache memory, and a control unit that individually puts each core to sleep by stopping its clock signal. Each core executes a sleep instruction and responsively makes a respective request of the control unit to put the core to sleep, which the control unit responsively does, and detects when all the cores have made the respective request and responsively wakes up only the last requesting cores. The last core writes back and invalidates the shared cache memory and indicates it has been invalidated and makes a request to the control unit to put the last core back to sleep. The control unit puts the last core back to sleep and continuously keeps the other cores asleep while the last core writes back and invalidates the shared cache memory, indicates the shared cache memory was invalidated, and is put back to sleep.

Abstract translation: 微处理器包括多个核心，共享高速缓冲存储器和控制单元，其通过停止其时钟信号来单独地将每个核心置于睡眠状态。 每个核心执行睡眠指令，并且响应地使控制单元的相应请求将核心置于睡眠状态，控制单元响应地进行该操作，并且检测所有核心何时完成了各自的请求，并且响应地只唤醒最后请求的核心 。 最后一个内核写回并使共享高速缓存内存无效，并指示它已被无效，并向控制单元发出请求以使最后一个核心返回休眠状态。 控制单元将最后一个核心置于休眠状态，并持续保持其他内核处于睡眠状态，同时最后一个内核回写并使共享缓存内存无效，表示共享高速缓存内存无效，并返回睡眠状态。

公开(公告)号：US08850229B2

公开(公告)日：2014-09-30

申请号：US14066270

申请日：2013-10-29

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: G06F21/00 ,  G06F21/71 ,  G06F9/30 ,  H04L9/08 ,  G06F21/52 ,  G06F21/60 ,  G06F12/08 ,  G06F21/54 ,  H04L9/06 ,  G06F21/72

CPC classification number: H04L9/0827 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: An apparatus for generating a decryption key for use to decrypt a block of encrypted instruction data being fetched from an instruction cache in a microprocessor at a fetch address includes a first multiplexer that selects a first key value from a plurality of key values based on a first portion of the fetch address. A second multiplexer selects a second key value from the plurality of key values based on the first portion of the fetch address. A rotater rotates the first key value based on a second portion of the fetch address. An arithmetic unit selectively adds or subtracts the rotated first key value to or from the second key value based on a third portion of the fetch address to generate the decryption key.

Abstract translation: 一种用于产生解密密钥的装置，用于解密从提取地址的微处理器中的指令高速缓存取出的加密指令数据块，其包括：第一多路复用器，其基于第一和第二多个键值从多个键值中选择第一键值 提取地址的一部分。 第二多路复用器根据提取地址的第一部分从多个键值中选择第二键值。 旋转器基于获取地址的第二部分旋转第一键值。 算术单元基于获取地址的第三部分，有选择地向第二密钥值添加或减去所转动的第一密钥值，以生成解密密钥。

公开(公告)号：US20140195823A1

公开(公告)日：2014-07-10

申请号：US14066485

申请日：2013-10-29

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: G06F21/54

CPC classification number: H04L9/0827 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A microprocessor includes an architected register having a bit. The microprocessor sets the bit. The microprocessor also includes a fetch unit that fetches encrypted instructions from an instruction cache and decrypts them prior to executing them, in response to the microprocessor setting the bit. The microprocessor saves the value of the bit to a stack in memory and then clears the bit, in response to receiving an interrupt. The fetch unit fetches unencrypted instructions from the instruction cache and executes them without decrypting them, after the microprocessor clears the bit. The microprocessor restores the saved value from the stack in memory to the bit in the architected register, in response to executing a return from interrupt instruction. The fetch unit resumes fetching and decrypting the encrypted instructions, in response to determining that the restored value of the bit is set.

Abstract translation: 微处理器包括具有一定位的架构化寄存器。 微处理器设置位。 微处理器还包括提取单元，其响应于微处理器设置该位，从指令高速缓存取出加密指令并在执行它们之前对其进行解密。 微处理器将该位的值保存到存储器中的堆栈，然后清除该位，以响应接收到中断。 提取单元从指令高速缓存中读取未加密的指令，并在微处理器清零位之后执行它们而不对其进行解密。 微处理器将保存的值从存储器中的堆栈恢复到架构化寄存器中的位，以响应执行中断指令的返回。 响应于确定该位的恢复值被设置，获取单元恢复获取和解密加密指令。

公开(公告)号：US20140195822A1

公开(公告)日：2014-07-10

申请号：US14066428

申请日：2013-10-29

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: H04L9/06 ,  H04L9/08 ,  G06F21/60

CPC classification number: H04L9/0827 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A microprocessor is provided with a method for decrypting encrypted instruction data into plain text instruction data and securely executing the same. The microprocessor includes a master key register file comprising a plurality of master keys. Selection logic circuitry in the microprocessor selects a combination of at least two of the plurality of master keys. Key expansion circuitry in the microprocessor performs mathematical operations on the selected master keys to generate a decryption key having a long effective key length. Instruction decryption circuitry performs an efficient mathematical operation on the encrypted instruction data and the decryption key to decrypt the encrypted instruction data into plain text instruction data.

Abstract translation: 微处理器具有用于将加密指令数据解密为明文指令数据并安全执行该方法。 微处理器包括一个包含多个主密钥的主密钥寄存器文件。 微处理器中的选择逻辑电路选择多个主密钥中的至少两个的组合。 微处理器中的密钥扩展电路对所选择的主密钥执行数学运算，以产生具有长的有效密钥长度的解密密钥。 指令解密电路对加密指令数据和解密密钥进行有效的数学运算，将加密指令数据解密为明文指令数据。