-
公开(公告)号:US20140189326A1
公开(公告)日:2014-07-03
申请号:US13729371
申请日:2012-12-28
申请人: Rebekah Leslie , Carlos V. Rozas , Vincent R. Scarlata , Simon P. Johnson , Uday R. Savagaonkar , Barry E. Huntley , Vedvyas Shanbhogue , Ittai Anati , Francis X. Mckeen , Michael A. Goldsmith , Ilya Alexandrovich , Alex Berenzon , Wesley H. Smith
发明人: Rebekah Leslie , Carlos V. Rozas , Vincent R. Scarlata , Simon P. Johnson , Uday R. Savagaonkar , Barry E. Huntley , Vedvyas Shanbhogue , Ittai Anati , Francis X. Mckeen , Michael A. Goldsmith , Ilya Alexandrovich , Alex Berenzon , Wesley H. Smith
IPC分类号: G06F9/30
CPC分类号: G06F9/3004 , G06F9/30047 , G06F9/30076 , G06F9/44 , G06F12/084 , G06F12/0875 , G06F12/1483 , G06F2212/452
摘要: Embodiments of an invention for memory management in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first instruction and a second instruction. The execution unit is to execute the first instruction, wherein execution of the first instruction includes allocating a page in an enclave page cache to a secure enclave. The execution unit is also to execute the second instruction, wherein execution of the second instruction includes confirming the allocation of the page.
摘要翻译: 公开了用于安全飞行器中的存储器管理的发明的实施例。 在一个实施例中,处理器包括指令单元和执行单元。 指令单元接收第一指令和第二指令。 执行单元执行第一指令,其中第一指令的执行包括将飞地页面缓存中的页面分配到安全飞地。 执行单元还执行第二指令,其中第二指令的执行包括确认页的分配。
-
公开(公告)号:US20140189325A1
公开(公告)日:2014-07-03
申请号:US13729277
申请日:2012-12-28
申请人: Francis X. Mckeen , Michael A. Goldsmith , Barry E. Huntley , Simon P. Johnson , Rebekah Leslie , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Vedvyas Shanbhogue , Wesley H. Smith , Ittai Anati , Ilya Alexandrovich , Alex Berenzon
发明人: Francis X. Mckeen , Michael A. Goldsmith , Barry E. Huntley , Simon P. Johnson , Rebekah Leslie , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Vedvyas Shanbhogue , Wesley H. Smith , Ittai Anati , Ilya Alexandrovich , Alex Berenzon
IPC分类号: G06F9/30
CPC分类号: G06F12/0804 , G06F9/30047 , G06F12/0875 , G06F12/1408 , G06F2212/1052 , G06F2212/402
摘要: Embodiments of an invention for paging in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first instruction. The execution unit is to execute the first instruction, wherein execution of the first instruction includes evicting a first page from an enclave page cache.
摘要翻译: 公开了用于在安全飞行器中寻呼的发明的实施例。 在一个实施例中,处理器包括指令单元和执行单元。 指令单元接收第一条指令。 执行单元执行第一指令,其中第一指令的执行包括从飞地页面缓存中逐出第一页。
-
公开(公告)号:US09189411B2
公开(公告)日:2015-11-17
申请号:US13729348
申请日:2012-12-28
申请人: Francis X. Mckeen , Michael A. Goldsmith , Barrey E. Huntley , Simon P. Johnson , Rebekah Leslie , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Vedvyas Shanbhogue , Wesley H. Smith
发明人: Francis X. Mckeen , Michael A. Goldsmith , Barrey E. Huntley , Simon P. Johnson , Rebekah Leslie , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Vedvyas Shanbhogue , Wesley H. Smith
CPC分类号: G06F21/60 , G06F12/0875 , G06F12/14 , G06F12/145 , G06F21/72 , G06F2212/1052 , G06F2212/152 , G06F2212/452
摘要: Embodiments of an invention for logging in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive an instruction having an associated enclave page cache address. The execution unit is to execute the instruction without causing a virtual machine exit, wherein execution of the instruction includes logging the instruction and the associated enclave page cache address.
摘要翻译: 公开了用于登录安全飞行器的发明的实施例。 在一个实施例中,处理器包括指令单元和执行单元。 该指令单元用于接收具有关联的飞地页面缓存地址的指令。 执行单元执行指令而不引起虚拟机退出,其中指令的执行包括记录指令和关联的飞地页面缓存地址。
-
公开(公告)号:US20140189242A1
公开(公告)日:2014-07-03
申请号:US13729348
申请日:2012-12-28
申请人: Francis X. Mckeen , Michael A. Goldsmith , Barrey E. Huntley , Simon P. Johnson , Rebekah Leslie , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Vedvyas Shanbhogue , Wesley H. Smith
发明人: Francis X. Mckeen , Michael A. Goldsmith , Barrey E. Huntley , Simon P. Johnson , Rebekah Leslie , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Vedvyas Shanbhogue , Wesley H. Smith
IPC分类号: G06F12/08
CPC分类号: G06F21/60 , G06F12/0875 , G06F12/14 , G06F12/145 , G06F21/72 , G06F2212/1052 , G06F2212/152 , G06F2212/452
摘要: Embodiments of an invention for logging in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive an instruction having an associated enclave page cache address. The execution unit is to execute the instruction without causing a virtual machine exit, wherein execution of the instruction includes logging the instruction and the associated enclave page cache address.
摘要翻译: 公开了用于登录安全飞行器的发明的实施例。 在一个实施例中,处理器包括指令单元和执行单元。 该指令单元用于接收具有关联的飞地页面缓存地址的指令。 执行单元执行指令而不引起虚拟机退出,其中指令的执行包括记录指令和关联的飞地页面缓存地址。
-
公开(公告)号:US20150033034A1
公开(公告)日:2015-01-29
申请号:US13949110
申请日:2013-07-23
申请人: Gideon Gerzon , Shay Gueron , Simon P. Johnson , Francis X. Mckeen , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Ittai Anati
发明人: Gideon Gerzon , Shay Gueron , Simon P. Johnson , Francis X. Mckeen , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Ittai Anati
CPC分类号: H04L9/3239 , G06F9/3004 , G06F12/1441 , G06F21/71 , G06F2221/2111
摘要: Embodiments of an invention for measuring a secure enclave are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first, a second, and a third instruction. The execution unit is to execute the first, the second, and the third instruction. Execution of the first instruction includes initializing a measurement field in a control structure of a secure enclave with an initial value. Execution of the second instruction includes adding a region to the secure enclave. Execution of the third instruction includes measuring a subregion of the region.
摘要翻译: 公开了用于测量安全飞地的发明的实施例。 在一个实施例中,处理器包括指令单元和执行单元。 指令单元将接收第一,第二和第三指令。 执行单元执行第一,第二和第三指令。 执行第一指令包括初始化具有初始值的安全飞地的控制结构中的测量场。 执行第二条指令包括将一个区域添加到安全飞地。 执行第三条指令包括测量该区域的一个子区域。
-
公开(公告)号:US20140189246A1
公开(公告)日:2014-07-03
申请号:US13731439
申请日:2012-12-31
申请人: Bin Xing , Matthew E. Hoekstra , Michael A. Goldsmith , Carlos V. Rozas , Vincent R. Scarlata , Simon P. Johnson , Uday R. Savagaonkar , Francis X. Mckeen , Stephen J. Tolopka
发明人: Bin Xing , Matthew E. Hoekstra , Michael A. Goldsmith , Carlos V. Rozas , Vincent R. Scarlata , Simon P. Johnson , Uday R. Savagaonkar , Francis X. Mckeen , Stephen J. Tolopka
CPC分类号: G06F21/53 , G06F21/71 , G06F2221/2101 , G06F2221/2149
摘要: Embodiments of an invention for measuring applications loaded in secure enclaves at runtime are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive an instruction to extend a first measurement of a secure enclave with a second measurement. The execution unit is to execute the instruction after initialization of the secure enclave.
摘要翻译: 公开了用于在运行时测量加载在安全空间中的应用的发明的实施例。 在一个实施例中,处理器包括指令单元和执行单元。 指令单元接收用于扩展第二测量的安全飞地的第一测量的指令。 执行单元在安全飞地初始化后执行指令。
-
公开(公告)号:US07565492B2
公开(公告)日:2009-07-21
申请号:US11513871
申请日:2006-08-31
IPC分类号: G06F12/00
CPC分类号: G06F21/79 , G06F12/0804 , G06F12/0848 , G06F12/0891 , G06F12/126 , G06F12/1416 , G06F21/556
摘要: A method for managing a cache is disclosed. A context switch is identified. It is determined whether an application running after the context switch requires protection. Upon determining that the application requires protection the cache is partitioned. According to an aspect of the present invention, a partitioned section of the cache is completely over written with data associated with the application. Other embodiments are described and claimed.
摘要翻译: 公开了一种用于管理高速缓存的方法。 识别上下文切换。 确定在上下文切换后运行的应用程序是否需要保护。 在确定应用程序需要保护时,缓存被分区。 根据本发明的一个方面,高速缓存的分区部分完全被写入与应用相关的数据。 描述和要求保护其他实施例。
-
-
-
-
-
-