公开(公告)号：US20180239713A1

公开(公告)日：2018-08-23

申请号：US15861364

申请日：2018-01-03

Applicant: INTEL CORPORATION

Inventor： Krystof C. Zmudzinski ,  Siddhartha Chhabra ,  Uday R. Savagaonkar ,  Simon P. Johnson ,  Rebekah M. Leslie-Hurd ,  Francis X. McKeen ,  Gilbert Neiger ,  Raghunandan Makaram ,  Carlos V. Rozas ,  Amy L. Santoni ,  Vincent R. Scarlata ,  Vedvyas Shanbhogue ,  Ilya Alexandrovich ,  Ittai Anati ,  Wesley H. Smith ,  Michael Goldsmith

IPC: G06F12/1009 ,  G06F12/1027 ,  G06F9/455 ,  G06F12/14 ,  G06F12/109

CPC classification number: G06F12/1009 ,  G06F9/455 ,  G06F9/45558 ,  G06F12/1027 ,  G06F12/1036 ,  G06F12/1045 ,  G06F12/109 ,  G06F12/1441 ,  G06F2009/45583 ,  G06F2212/1016 ,  G06F2212/1052 ,  G06F2212/151 ,  G06F2212/657 ,  G06F2212/684

Abstract: A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

公开(公告)号：US20180203801A1

公开(公告)日：2018-07-19

申请号：US15408774

申请日：2017-01-18

Applicant: Intel Corporation

Inventor： Rebekah M. Leslie-Hurd ,  Francis X. McKeen ,  Carlos V. Rozas ,  Gilbert Neiger ,  Asit Mallick ,  Ittai Anati ,  Ilya Alexandrovich ,  Vedvyas Shanbhogue ,  Somnath Chakrabarti

IPC: G06F12/0837 ,  G06F9/30 ,  G06F9/455 ,  G06F12/1045

CPC classification number: G06F12/0837 ,  G06F9/30003 ,  G06F9/45558 ,  G06F12/1063 ,  G06F2009/45583 ,  G06F2009/45591 ,  G06F2212/152 ,  G06F2212/60 ,  G06F2212/621 ,  G06F2212/68

Abstract: A processing device includes a conflict resolution logic circuit to initiate a tracking phase to track translation look aside buffer (TLB) mappings to an enclave memory cache (EPC) page of a secure enclave. The conflict resolution logic circuit is further to execute a tracking instruction as part of the tracking phase, wherein the tracking instruction takes any page in the secure enclave as an argument parameter to the tracking instruction.

公开(公告)号：US20180060099A1

公开(公告)日：2018-03-01

申请号：US15251425

申请日：2016-08-30

Applicant: INTEL CORPORATION

Inventor： Vedvyas Shanbhogue ,  Gilbert Neiger ,  Arumugam Thiyagarajah

IPC: G06F9/455 ,  G06F12/14 ,  G06F11/30 ,  G06F11/22

CPC classification number: G06F9/45558 ,  G06F11/221 ,  G06F11/3027 ,  G06F11/3055 ,  G06F12/1045 ,  G06F12/1475 ,  G06F2009/45579 ,  G06F2009/45583 ,  G06F2009/45591 ,  G06F2212/1008 ,  G06F2212/151 ,  G06F2212/152 ,  G06F2212/68

Abstract: A processor may include a register to store a bus-lock-disable bit and an execution unit to execute instructions. The execution unit may receive an instruction that includes a memory access request. The execution may further determine that the memory access request requires acquiring a bus lock, and, responsive to detecting that the bus-lock-disable bit indicates that bus locks are disabled, signal a fault to an operating system.

公开(公告)号：US09875189B2

公开(公告)日：2018-01-23

申请号：US14738037

申请日：2015-06-12

Applicant: INTEL CORPORATION

Inventor： Krystof C. Zmudzinski ,  Siddhartha Chhabra ,  Uday R. Savagaonkar ,  Simon P. Johnson ,  Rebekah M. Leslie-Hurd ,  Francis X. McKeen ,  Gilbert Neiger ,  Raghunandan Makaram ,  Carlos V. Rozas ,  Amy L. Santoni ,  Vincent R. Scarlata ,  Vedvyas Shanbhogue ,  Ilya Alexandrovich ,  Ittai Anati ,  Wesley H. Smith ,  Michael Goldsmith

IPC: G06F12/00 ,  G06F13/00 ,  G06F13/28 ,  G06F12/1009 ,  G06F12/1027 ,  G06F12/1036 ,  G06F12/109 ,  G06F12/14 ,  G06F9/455 ,  G06F12/1045

CPC classification number: G06F12/1009 ,  G06F9/455 ,  G06F9/45558 ,  G06F12/1027 ,  G06F12/1036 ,  G06F12/1045 ,  G06F12/109 ,  G06F12/1441 ,  G06F2009/45583 ,  G06F2212/1016 ,  G06F2212/1052 ,  G06F2212/151 ,  G06F2212/657 ,  G06F2212/684

Abstract: A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

公开(公告)号：US20180011793A1

公开(公告)日：2018-01-11

申请号：US15711615

申请日：2017-09-21

Applicant: Intel Corporation

Inventor： Rebekah M. Leslie-Hurd ,  Carlos V. Rozas ,  Francis X. Mckeen ,  Ilya Alexandrovich ,  Vedvyas Shanbhogue ,  Bin Xing ,  Mark W. Shanahan ,  Simon P. Johnson

IPC: G06F12/0844 ,  G06F12/0882

CPC classification number: G06F12/0844 ,  G06F11/073 ,  G06F11/0775 ,  G06F12/0882 ,  G06F2212/1032 ,  G06F2212/1052 ,  G06F2212/281 ,  G06F2212/312 ,  G06F2212/402 ,  G06F2212/608

Abstract: A processor implementing techniques to supporting fault information delivery is disclosed. In one embodiment, the processor includes a memory controller unit to access an enclave page cache (EPC) and a processor core coupled to the memory controller unit. The processor core to detect a fault associated with accessing the EPC and generate an error code associated with the fault. The error code reflects an EPC-related fault cause. The processor core is further to encode the error code into a data structure associated with the processor core. The data structure is for monitoring a hardware state related to the processor core.

公开(公告)号：US09785800B2

公开(公告)日：2017-10-10

申请号：US14757964

申请日：2015-12-23

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Ravi L. Sahita ,  Deepak K. Gupta

IPC: G06F21/00 ,  G06F21/64 ,  G06F9/30 ,  G06F9/38

CPC classification number: G06F9/3861 ,  G06F9/3005 ,  G06F9/30054 ,  G06F9/30076 ,  G06F21/123 ,  G06F21/125

Abstract: A processor includes an execution unit and a processing logic operatively coupled to the execution unit, the processing logic to: enter a first execution state; responsive to executing a control transfer instruction having a pre-defined subcode, remain in the first execution state; responsive to executing a control transfer instruction not having the pre-defined subcode, transition into a second execution state; and responsive to determining, in the second execution state, that a next instruction to be executed differs from an ENDBRANCH instruction, raise an execution exception.

公开(公告)号：US09766889B2

公开(公告)日：2017-09-19

申请号：US15074573

申请日：2016-03-18

Applicant: Intel Corporation

Inventor： Rebekah Leslie-Hurd ,  Carlos V. Rozas ,  Vincent R. Scarlata ,  Simon P. Johnson ,  Uday R. Savagaonkar ,  Barry E. Huntley ,  Vedvyas Shanbhogue ,  Ittai Anati ,  Francis X. Mckeen ,  Michael A. Goldsmith ,  Ilya Alexandrovich ,  Alex Berenzon ,  Wesley H. Smith ,  Gilbert Neiger

IPC: G06F12/00 ,  G06F9/30 ,  G06F12/0875 ,  G06F9/44 ,  G06F12/084 ,  G06F12/14

CPC classification number: G06F9/3004 ,  G06F9/30047 ,  G06F9/30076 ,  G06F9/44 ,  G06F12/084 ,  G06F12/0875 ,  G06F12/1483 ,  G06F2212/452

Abstract: Embodiments of an invention for memory management in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first instruction and a second instruction. The execution unit is to execute the first instruction, wherein execution of the first instruction includes allocating a page in an enclave page cache to a secure enclave. The execution unit is also to execute the second instruction, wherein execution of the second instruction includes confirming the allocation of the page.

公开(公告)号：US20170177339A1

公开(公告)日：2017-06-22

申请号：US14975840

申请日：2015-12-20

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Barry E. Huntley ,  Baiju V. Patel ,  Deepak K. Gupta

IPC: G06F9/30 ,  G06F9/32

CPC classification number: G06F9/3004 ,  G06F9/30134 ,  G06F9/461 ,  G06F21/52 ,  G06F21/74

Abstract: Methods and apparatuses relating to switching of a shadow stack pointer are described. In one embodiment, a hardware processor includes a hardware decode unit to decode an instruction, and a hardware execution unit to execute the instruction to: pop a token for a thread from a shadow stack, wherein the token includes a shadow stack pointer for the thread with at least one least significant bit (LSB) of the shadow stack pointer overwritten with a bit value of an operating mode of the hardware processor for the thread, remove the bit value in the at least one LSB from the token to generate the shadow stack pointer, and set a current shadow stack pointer to the shadow stack pointer from the token when the operating mode from the token matches a current operating mode of the hardware processor.

公开(公告)号：US20170109192A1

公开(公告)日：2017-04-20

申请号：US15391576

申请日：2016-12-27

Applicant: Intel Corporation

Inventor： Gilbert Neiger ,  Mayank Bomb ,  Manohar Castelino ,  Robert Chappell ,  David Durham ,  Barry Huntley ,  Anton Ivanov ,  Madhavan Parthasarathy ,  Scott Rodgers ,  Ravi Sahita ,  Vedvyas Shanbhogue

IPC: G06F9/455 ,  G06F9/48

CPC classification number: G06F9/45558 ,  G06F9/30076 ,  G06F9/45533 ,  G06F9/4555 ,  G06F9/4812 ,  G06F11/07 ,  G06F2009/45583

Abstract: Embodiments of an invention for virtualization exceptions are disclosed. In one embodiment, a processor includes instruction hardware, control logic, and execution hardware. The instruction hardware is to receive a plurality of instructions, including an instruction to enter a virtual machine. The control logic is to determine, in response to a privileged event occurring within the virtual machine, whether to generate a virtualization exception. The execution hardware is to generate a virtualization exception in response to the control logic determining to generate a virtualization exception.

公开(公告)号：US20170063547A1

公开(公告)日：2017-03-02

申请号：US14791203

申请日：2015-07-02

Applicant: Intel Corporation

Inventor： Jason W Brandt ,  Vedvyas Shanbhogue

IPC: H04L9/08

CPC classification number: H04L9/0894 ,  G06F9/45533 ,  G06F21/53 ,  G06F2009/45587

Abstract: Embodiments of an invention for loading and virtualizing cryptographic keys are disclosed. In one embodiment, a processor includes a local key storage location, a backup key storage location, and execution hardware. Neither the local key storage location nor the backup key storage location is readable by software. The execution hardware is to perform a first operation and a second operation. The first operation includes loading a cryptographic key into the local key storage location. The second operation includes copying the cryptographic key from the local key storage location to the backup key storage location.

Abstract translation: 公开了用于加载和虚拟化密码密钥的发明的实施例。 在一个实施例中，处理器包括本地密钥存储位置，备份密钥存储位置和执行硬件。 本地密钥存储位置和备份密钥存储位置都不被软件读取。 执行硬件是执行第一操作和第二操作。 第一操作包括将加密密钥加载到本地密钥存储位置。 第二操作包括将加密密钥从本地密钥存储位置复制到备份密钥存储位置。