-
1.发明授权公开(公告)号:US07165132B1
公开(公告)日:2007-01-16
申请号:US10956650
申请日:2004-10-01
CPC分类号: G06F15/16
摘要: In one embodiment, a processing node includes a plurality of processor cores and a reconfigurable interconnect. The processing node also includes a controller configured to schedule transactions received from each processor core. The interconnect may be coupled to convey between a first processor core and the controller, transactions that each include a first corresponding indicator that indicates the source of the transaction. The interconnect may also be coupled to convey transactions between a second processor core and the controller, transactions that each include a second corresponding indicator that indicates the source of the transaction. When operating in a first mode, the interconnect is configurable to cause the first indicator to indicate that the corresponding transactions were conveyed from the second processor core and to cause the second indicator to indicate that the corresponding transactions were conveyed from the first processor core.
摘要翻译: 在一个实施例中,处理节点包括多个处理器核和可重配置互连。 处理节点还包括被配置为调度从每个处理器核心接收的事务的控制器。 互连可以被耦合以在第一处理器核心和控制器之间传送,每个事务包括指示事务源的第一对应指示符。 互连还可以被耦合以在第二处理器核心和控制器之间传送事务,每个事务包括指示事务源的第二对应指示符。 当以第一模式操作时,互连可配置为使得第一指示符指示相应的事务从第二处理器核心传送并使第二指示符指示对应的事务从第一处理器核心传送。
-
2.发明授权Computer system including a secure execution mode-capable CPU and a security services processor connected via a secure communication path 有权计算机系统包括安全执行模式的CPU和通过安全通信路径连接的安全服务处理器公开(公告)号:US07603550B2
公开(公告)日:2009-10-13
申请号:US10419082
申请日:2003-04-18
申请人: Kevin J. McGrath , Geoffrey S. Strongin , Dale E. Gulick , William A. Hughes , David S. Christie
发明人: Kevin J. McGrath , Geoffrey S. Strongin , Dale E. Gulick , William A. Hughes , David S. Christie
CPC分类号: G06F9/4403 , G06F21/10 , G06F21/74
摘要: A computer system includes a processor which may initialize a secure execution mode by executing a security initialization instruction. Further, the processor may operate in the secure execution mode by executing a secure operating system code segment. The computer system also includes an input/output (I/O) interface coupled to the processor via an I/O link. The I/O interface may receive transactions performed as a result of the execution of the security initialization instruction. The transactions include at least a portion of the secure operating system code segment. The I/O interface may also determine whether the processor is a source of the transactions. The computer system further includes a security services processor coupled to the I/O interface via a peripheral bus. The I/O interface may convey the transactions to the security services processor dependent upon determining that the processor is the source of the transactions.
摘要翻译: 计算机系统包括可以通过执行安全初始化指令来初始化安全执行模式的处理器。 此外,处理器可以通过执行安全操作系统代码段在安全执行模式下操作。 计算机系统还包括通过I / O链路耦合到处理器的输入/输出(I / O)接口。 I / O接口可以接收由于执行安全初始化指令而执行的事务。 交易包括安全操作系统代码段的至少一部分。 I / O接口还可以确定处理器是否是事务的来源。 计算机系统还包括通过外围总线耦合到I / O接口的安全服务处理器。 取决于确定处理器是交易的来源,I / O接口可以将交易传达给安全服务处理器。
-
3.发明授权Initialization of a computer system including a secure execution mode-capable processor 有权包括安全执行模式处理器的计算机系统的初始化公开(公告)号:US07603551B2
公开(公告)日:2009-10-13
申请号:US10419121
申请日:2003-04-18
申请人: Kevin J. McGrath , Geoffrey S. Strongin , David S. Christie , William A. Hughes , Dale E. Gulick
发明人: Kevin J. McGrath , Geoffrey S. Strongin , David S. Christie , William A. Hughes , Dale E. Gulick
CPC分类号: G06F9/4403
摘要: The initialization of a computer system including a secure execution mode-capable processor includes storing a secure operating system code segment loader to a plurality of locations corresponding to a particular range of addresses within a system memory. The method also includes executing a security initialization instruction. Executing the security initialization instruction may cause several operations to be performed including transmitting a start transaction including a base address of the particular range of addresses. In addition, executing the security instruction may also cause another operation to be performed including retrieving the secure operating system code segment loader from the system memory and transmitting the secure operating system code segment loader for validation as a plurality of data transactions.
摘要翻译: 包括具有安全执行模式能力的处理器的计算机系统的初始化包括将安全操作系统代码段加载器存储到对应于系统存储器内的特定地址范围的多个位置。 该方法还包括执行安全初始化指令。 执行安全初始化指令可能导致执行若干操作,包括发送包括特定地址范围的基地址的开始事务。 此外,执行安全指令还可以引起执行另一操作,包括从系统存储器检索安全操作系统代码段加载器,并将安全操作系统代码段加载器发送为多个数据事务。
-
公开(公告)号:US07058791B1
公开(公告)日:2006-06-06
申请号:US09824988
申请日:2001-04-02
IPC分类号: G06F9/44
CPC分类号: G06F12/04 , G06F9/4552
摘要: A processor generates a mode indication based on two or more other indications. The mode indication is indicative of whether or not a particular mode is active in the processor. Each indication is stored in a storage location which is addressable via a different instruction. In one embodiment, a long mode in which a 64 bit operating mode is selectable in addition to 32 bit and 16 bit modes may be activated via a long mode active indication. The long mode active indication may be generated by the processor, and may indicate that long mode is active if paging is enabled and a long mode enable indication indicates that long mode is enabled. In this manner, long mode may be activated after paging is enabled (with a set of long mode page tables indicated by the page table base address).
摘要翻译: 处理器基于两个或多个其他指示生成模式指示。 模式指示表示处理器中特定模式是否有效。 每个指示存储在可通过不同指令寻址的存储位置。 在一个实施例中,除了32位和16位模式之外,64位操作模式可选择的长模式可以经由长模式活动指示而被激活。 长模式活动指示可以由处理器产生,并且如果寻呼被使能且长模式使能指示指示长模式被使能,则可以指示长模式是活动的。 以这种方式,在启用寻呼(具有由页表基地址指示的一组长模式页表)之后,可以激活长模式。
-
5.发明授权Mechanism for selectively blocking peripheral device accesses to system memory 有权选择性地阻止外围设备访问系统内存的机制公开(公告)号:US07146477B1
公开(公告)日:2006-12-05
申请号:US10419090
申请日:2003-04-18
IPC分类号: G06F12/00
CPC分类号: G06F12/1475
摘要: A system is configured to selectively block peripheral accesses to system memory. The system includes a secure execution mode (SEM)-capable processor configured to operate in a trusted execution mode. The system also includes a system memory including a plurality of addressable locations. The system further includes a memory controller that may determine a source of an access request to one or more of the plurality of locations of the system memory. The memory controller may further allow the access request to proceed in response to determining that the source of the access request is the SEM-capable processor.
摘要翻译: 系统被配置为选择性地阻止对系统存储器的外围访问。 该系统包括被配置为以可信执行模式操作的安全执行模式(SEM)能力处理器。 该系统还包括包括多个可寻址位置的系统存储器。 系统还包括存储器控制器,其可以确定对系统存储器的多个位置中的一个或多个的访问请求的来源。 响应于确定访问请求的源是具有SEM能力的处理器,存储器控制器还可以允许访问请求继续进行。
-
6.发明授权Address size and operand size prefix overrides for default sizes defined by an operating mode of a processor 有权由处理器的操作模式定义的默认大小的地址大小和操作数大小前缀替换公开(公告)号:US06571330B1
公开(公告)日:2003-05-27
申请号:US09483560
申请日:2000-01-14
申请人: Kevin J. McGrath , Michael T. Clark
发明人: Kevin J. McGrath , Michael T. Clark
IPC分类号: G06F934
CPC分类号: G06F9/30192 , G06F9/30185 , G06F9/30189 , G06F9/342
摘要: A processor supports a processing mode in which the default address size is greater than 32 bits and the default operand size is 32 bits. The default address size may be nominally indicated as 64 bits, although various embodiments of the processor may implement any address size which exceeds 32 bits, up to and including 64 bits, in the processing mode. The processing mode may be established by placing an enable indication in a control register into an enabled state and by setting a first operating mode indication and a second operating mode indication in a segment descriptor to predefined states. Additionally, an instruction prefix may be coded into an instruction to override the default address and/or operand size. Thus, an address size of 32 bits may be used when desired, and an operand size of 64 bits may be used when desired.
摘要翻译: 处理器支持默认地址大小大于32位,默认操作数大小为32位的处理模式。 默认地址大小可以标称地指示为64位,尽管处理器的各种实施例可以在处理模式中实现超过32位,高达并包括64位的任何地址大小。 可以通过将控制寄存器中的使能指示置于使能状态并且通过将段描述符中的第一操作模式指示和第二操作模式指示设置为预定状态来建立处理模式。 另外,指令前缀可以被编码到用于覆盖默认地址和/或操作数大小的指令中。 因此,如果需要,可以使用32位的地址大小,并且当需要时可以使用64位的操作数大小。
-
7.发明授权Method and apparatus for controlling interrupts in a secure execution mode-capable processor 有权用于控制具有安全执行模式的处理器中的中断的方法和装置公开(公告)号:US07165135B1
公开(公告)日:2007-01-16
申请号:US10419122
申请日:2003-04-18
IPC分类号: G06F7/04
CPC分类号: G06F21/74
摘要: A method is provided for controlling interrupts in a secure execution mode-capable processor. The method includes detecting an interrupt and performing a predetermined routine in response to detecting the interrupt. The method further includes performing a second routine prior to performing the predetermined routine in response to detecting the interrupt depending upon whether the processor is operating in a secure execution mode.
摘要翻译: 提供了一种用于控制具有安全执行模式的处理器中的中断的方法。 该方法包括响应于检测到中断而检测中断并执行预定程序。 该方法还包括在执行预定例程之前执行第二例程以响应于根据处理器是否以安全执行模式操作来检测中断。
-
公开(公告)号:US07130977B1
公开(公告)日:2006-10-31
申请号:US10419085
申请日:2003-04-18
IPC分类号: G06F12/00
CPC分类号: G06F12/145 , G06F12/1009
摘要: Controlling access to a control register of a microprocessor. A method of controlling access to a control register such as CR3, for example, of a processor having a normal execution mode and a secure execution mode may include storing address translation table information in the control register, allowing a software invoked write access to modify the address translation table information during the normal execution mode and selectively inhibiting the software invoked write during the secure execution mode.
摘要翻译: 控制访问微处理器的控制寄存器。 控制对诸如具有正常执行模式和安全执行模式的处理器之类的控制寄存器(例如CR 3)的访问的方法可以包括将地址转换表信息存储在控制寄存器中,允许软件调用写访问来修改 在正常执行模式期间的地址转换表信息,并且在安全执行模式期间选择性地禁止软件调用写入。
-
9.发明授权Method for selectively disabling interrupts on a secure execution mode-capable processor 有权用于选择性地禁用具有安全执行模式的处理器上的中断的方法公开(公告)号:US07130951B1
公开(公告)日:2006-10-31
申请号:US10419091
申请日:2003-04-18
CPC分类号: G06F9/4812
摘要: A method of controlling a secure execution mode-capable processor includes allowing a plurality of interrupts to interrupt the secure execution mode-capable processor when the secure execution mode-capable processor is operating in a non-secure execution mode. The method also includes disabling the plurality of interrupts from interrupting the secure execution mode-capable processor when the secure execution mode-capable processor is operating in a secure execution mode.
摘要翻译: 控制具有安全执行模式的处理器的方法包括当具有安全执行模式的处理器在非安全执行模式下操作时允许多个中断来中断具有安全执行模式的处理器。 该方法还包括当安全执行模式处理器以安全执行模式操作时禁用多个中断来中断具有安全执行模式的处理器。
-
10.发明授权Method of controlling access to an address translation data structure of a computer system 有权控制对计算机系统的地址转换数据结构的访问的方法公开(公告)号:US07082507B1
公开(公告)日:2006-07-25
申请号:US10419086
申请日:2003-04-18
IPC分类号: G06F12/14
CPC分类号: G06F12/1491 , G06F12/10 , G06F12/145
摘要: A method of controlling access to an address translation data structure of a computer system. The computer system includes a processor having a normal execution mode and a secure execution mode. The method includes executing code and generating a linear address. During translation of the linear address into a physical address, the method also includes generating a read-only page fault exception during the normal execution mode in response to detecting a software invoked write access to an address translation data structure having a read/write attribute set to be read-only. The method further includes selectively generating either the read-only page fault exception or a security exception during the secure execution mode in response to detecting the software invoked write access.
摘要翻译: 一种控制对计算机系统的地址转换数据结构的访问的方法。 计算机系统包括具有正常执行模式和安全执行模式的处理器。 该方法包括执行代码并生成线性地址。 在将线性地址转换为物理地址期间,该方法还包括在正常执行模式期间响应于检测到具有读/写属性集的地址转换数据结构的软件调用写访问而产生只读页错误异常 是只读的。 该方法还包括响应于检测到软件调用的写访问而在安全执行模式期间选择性地生成只读页错误异常或安全异常。
-
-
-
-
-
-
-
-
-
搜索结果
38 条记录 (耗时 0.025 秒)