SELECTIVE MEMORY ENCRYPTION
    1.
    发明申请

    公开(公告)号:US20180011802A1

    公开(公告)日:2018-01-11

    申请号:US15205326

    申请日:2016-07-08

    Abstract: In one example in accordance with the present disclosure, a method may include receiving, by a processor on a system on a chip (SoC), a request to encrypt a subset of data accessed by a process. The method may also include receiving, at a page encryption hardware unit of the SoC, a system call from an operating system on behalf of the process, to generate an encrypted memory page corresponding to the subset of data. The method may also include generating, by the page encryption hardware unit, an encryption/decryption key for the first physical memory address. The encryption/decryption key may not be accessible by the operating system. The method may also include encrypting, by the page encryption hardware unit, the subset of data to the physical memory address using the encryption/decryption key and storing, by the page encryption hardware unit, the encryption/decryption key in a key store.

    Firmware verification through data ports

    公开(公告)号:US10303883B2

    公开(公告)日:2019-05-28

    申请号:US15333779

    申请日:2016-10-25

    Abstract: In some examples, a computing device includes a data port, device memory to store firmware for the computing device, and verification circuitry. The verification circuitry may override operation of the data port responsive to a determination that firmware verification mode criteria are satisfied. The verification circuitry may also extract firmware data from the device memory for verification of the firmware and provide the firmware data to an external device connected to the computing device through the data port.

    Direct memory access encryption with application provided keys

    公开(公告)号:US10310990B2

    公开(公告)日:2019-06-04

    申请号:US15192493

    申请日:2016-06-24

    Abstract: In one example in accordance with the present disclosure, a method may include retrieving, at a memory management unit (MMU), encrypted data from a memory via direct memory access and determining, at the MMU, a peripheral that is the intended recipient of the encrypted data. The method may also include accessing an application key used for transmission between an application and the peripheral, wherein the application key originates from the application and decrypting, at the MMU, the encrypted data using the application key and transmitting the decrypted data to the peripheral.

    Selective memory encryption
    9.
    发明授权

    公开(公告)号:US10261919B2

    公开(公告)日:2019-04-16

    申请号:US15205326

    申请日:2016-07-08

    Abstract: In one example in accordance with the present disclosure, a method may include receiving, by a processor on a system on a chip (SoC), a request to encrypt a subset of data accessed by a process. The method may also include receiving, at a page encryption hardware unit of the SoC, a system call from an operating system on behalf of the process, to generate an encrypted memory page corresponding to the subset of data. The method may also include generating, by the page encryption hardware unit, an encryption/decryption key for the first physical memory address. The encryption/decryption key may not be accessible by the operating system. The method may also include encrypting, by the page encryption hardware unit, the subset of data to the physical memory address using the encryption/decryption key and storing, by the page encryption hardware unit, the encryption/decryption key in a key store.

Patent Agency Ranking