公开(公告)号：US10671762B2

公开(公告)日：2020-06-02

申请号：US15748893

申请日：2016-08-25

Applicant: Apple Inc.

Inventor： Manu Gulati ,  Joseph Sokol, Jr. ,  Jeffrey R. Wilcox ,  Bernard J. Semeria ,  Michael J. Smith

IPC: G06F21/72 ,  G06F12/02 ,  G06F12/1027 ,  G06F12/14 ,  G06F21/78 ,  H04L9/08

Abstract: In one embodiment, a system includes a non-volatile memory that may serve as both the main memory system and the backing store (or persistent storage). In some embodiments, the non-volatile memory is divided into a main memory portion and a persistent portion. Data in the main memory operation may be encrypted using one or more first keys, and data in the persistent portion may be encrypted using one or more second keys, in an embodiment. The volatile behavior of main memory may be implemented by discarding the one or more first keys in a power down event or other event that indicates a loss of main memory data, while the one or more second keys may be retained. In one embodiment, the physical address space of the non-volatile memory may be a mapping from a second physical address space that is used within the system.

公开(公告)号：US20190188397A1

公开(公告)日：2019-06-20

申请号：US16144176

申请日：2018-09-27

Applicant: Apple Inc.

Inventor： Wade Benson ,  Michael J. Smith ,  Joshua P. de Cesare

IPC: G06F21/62 ,  G06F21/12 ,  G06F21/57 ,  G06F21/60 ,  G06F21/72 ,  G06F21/78 ,  H04L9/08

CPC classification number: G06F21/6209 ,  G06F21/12 ,  G06F21/575 ,  G06F21/602 ,  G06F21/72 ,  G06F21/74 ,  G06F21/78 ,  G06F21/81 ,  H04L9/088

Abstract: Techniques are disclosed relating to data storage. In various embodiments, a computing device includes first and second processors and memory having stored therein a first encrypted operating system executable by the first processor and a second encrypted operating system executable by the second processor. The computing device also includes a secure circuit configured to receive, via a first mailbox mechanism of the secure circuit, a first request from the first processor for a first cryptographic key usable to decrypt the first operating system. The secure circuit is further configured to receive, via a second mailbox mechanism of the secure circuit, a second request from the second processor for a second cryptographic key usable to decrypt the second operating system, and to provide the first and second cryptographic keys.

公开(公告)号：US10049073B2

公开(公告)日：2018-08-14

申请号：US15621265

申请日：2017-06-13

Applicant: Apple Inc.

Inventor： Michael J. Smith ,  Josh P. de Cesare ,  Brijesh Tripathi ,  Derek Iwamoto ,  Shane J Keil

IPC: G06F13/36 ,  G06F13/42 ,  G06F13/40 ,  G06F13/38 ,  G06F13/10 ,  G06F13/28

Abstract: An interface emulator for an IC is disclosed. An interface emulator includes a first first-in, first-out memory (FIFO) and a second FIFO. The first FIFO is coupled to receive data from an access port and a second FIFO coupled to receive data from at least one functional unit in the IC. The access port may be coupled to a device that is external to the IC. The external device may write information into the first FIFO, and this information may subsequently be read by a functional unit in the IC. Similarly, the functional unit may write information into the second FIFO, with the external device subsequently reading the information. Information may be written into the FIFOs in accordance with a predefined protocol. Thus, a particular type of interface may be emulated even though the physical connection and supporting circuitry for that interface is not otherwise implemented in the IC.

公开(公告)号：US20170277648A1

公开(公告)日：2017-09-28

申请号：US15621265

申请日：2017-06-13

Applicant: Apple Inc.

Inventor： Michael J. Smith ,  Josh P. de Cesare ,  Brijesh Tripathi ,  Derek Iwamoto ,  Shane J. Keil

IPC: G06F13/42 ,  G06F13/10 ,  G06F13/40 ,  G06F13/38

CPC classification number: G06F13/4226 ,  G06F13/105 ,  G06F13/28 ,  G06F13/385 ,  G06F13/4022 ,  G06F13/4059

Abstract: An interface emulator for an IC is disclosed. An interface emulator includes a first first-in, first-out memory (FIFO) and a second FIFO. The first FIFO is coupled to receive data from an access port and a second FIFO coupled to receive data from at least one functional unit in the IC. The access port may be coupled to a device that is external to the IC. The external device may write information into the first FIFO, and this information may subsequently be read by a functional unit in the IC. Similarly, the functional unit may write information into the second FIFO, with the external device subsequently reading the information. Information may be written into the FIFOs in accordance with a predefined protocol. Thus, a particular type of interface may be emulated even though the physical connection and supporting circuitry for that interface is not otherwise implemented in the IC.

公开(公告)号：US20150356050A1

公开(公告)日：2015-12-10

申请号：US14459731

申请日：2014-08-14

Applicant: Apple Inc.

Inventor： Michael J. Smith ,  Josh P. de Cesare ,  Brijesh Tripathi ,  Derek Iwamoto ,  Shane J. Keil

IPC: G06F13/42 ,  G06F13/10 ,  G06F13/40

CPC classification number: G06F13/4226 ,  G06F13/105 ,  G06F13/28 ,  G06F13/385 ,  G06F13/4022 ,  G06F13/4059

Abstract: An interface emulator for an IC is disclosed. An interface emulator includes a first first-in, first-out memory (FIFO) and a second FIFO. The first FIFO is coupled to receive data from an access port and a second FIFO coupled to receive data from at least one functional unit in the IC. The access port may be coupled to a device that is external to the IC. The external device may write information into the first FIFO, and this information may subsequently be read by a functional unit in the IC. Similarly, the functional unit may write information into the second FIFO, with the external device subsequently reading the information. Information may be written into the FIFOs in accordance with a predefined protocol. Thus, a particular type of interface may be emulated even though the physical connection and supporting circuitry for that interface is not otherwise implemented in the IC.

Abstract translation: 公开了一种用于IC的接口仿真器。 接口仿真器包括第一先入先出存储器（FIFO）和第二FIFO。 第一FIFO被耦合以从接入端口接收数据，并且第二FIFO被耦合以从IC中的至少一个功能单元接收数据。 访问端口可以耦合到IC外部的设备。 外部设备可以将信息写入第一FIFO，并且该信息随后可以由IC中的功能单元读取。 类似地，功能单元可以将信息写入第二FIFO，随后外部设备读取信息。 可以根据预定义的协议将信息写入FIFO。 因此，即使在IC中没有实现用于该接口的物理连接和支持电路，也可以模拟特定类型的接口。

公开(公告)号：US09202061B1

公开(公告)日：2015-12-01

申请号：US14696622

申请日：2015-04-27

Applicant: Apple Inc.

Inventor： R. Stephen Polzin ,  Fabrice L. Gautier ,  Mitchell D. Adler ,  Timothy R. Paaske ,  Michael J. Smith

IPC: G06F15/177 ,  G06F9/24 ,  G06F1/24 ,  G06F7/04 ,  H04N7/16 ,  G06F21/57 ,  G06F21/60 ,  G06F12/14 ,  G06F9/44 ,  G06F9/445 ,  G06F21/00

CPC classification number: G06F21/575 ,  G06F1/24 ,  G06F9/24 ,  G06F9/4401 ,  G06F9/44505 ,  G06F12/14 ,  G06F15/167 ,  G06F21/00 ,  G06F21/572 ,  G06F21/60 ,  G06F21/74 ,  G06F21/76 ,  G06F21/81

Abstract: An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory.