公开(公告)号：US20230409340A1

公开(公告)日：2023-12-21

申请号：US18307650

申请日：2023-04-26

申请人： Intel Corporation

发明人： Vedvyas Shanbhogue ,  Ravi L. Sahita ,  Vincent Scarlata ,  Barry E. Huntley

IPC分类号： G06F9/4401 ,  G06F9/455 ,  G06F12/1009 ,  H04L9/30 ,  H04L9/32 ,  G06F21/78

CPC分类号： G06F9/4403 ,  G06F9/45558 ,  G06F12/1009 ,  H04L9/30 ,  G06F2009/45579 ,  G06F21/78 ,  G06F2009/45583 ,  G06F2009/45591 ,  G06F2009/45595 ,  H04L9/32

摘要： A processor includes a range register to store information that identifies a reserved range of memory associated with a secure arbitration mode (SEAM) and a core coupled to the range register. The core includes security logic to unlock the range register on a logical processor, of the processor core, that is to initiate the SEAM. The logical processor is to, via execution of the security logic, store, in the reserved range, a SEAM module and a manifest associated with the SEAM module, wherein the SEAM module supports execution of one or more trust domains; initialize a SEAM virtual machine control structure (VMCS) within the reserved range of the memory that is to control state transitions between a virtual machine monitor (VMM) and the SEAM module; and authenticate the SEAM module using a manifest signature of the manifest.

公开(公告)号：US20230315857A1

公开(公告)日：2023-10-05

申请号：US18131199

申请日：2023-04-05

申请人： Intel Corporation

发明人： Ravi L. Sahita ,  Baiju V. Patel ,  Barry E. Huntley ,  Gilbert Neiger ,  Hormuzd M. Khosravi ,  Ido Ouziel ,  David M. Durham ,  Ioannis T. Schoinas ,  Siddhartha Chhabra ,  Carlos V. Rozas ,  Gideon Gerzon

IPC分类号： G06F21/57 ,  G06F21/62 ,  G06F12/14 ,  H04L9/06 ,  H04L9/40 ,  G06F21/53 ,  G06F21/71 ,  G06F21/79

CPC分类号： G06F21/57 ,  G06F21/6218 ,  G06F12/1408 ,  H04L9/0618 ,  H04L63/061 ,  G06F21/53 ,  G06F21/71 ,  G06F21/79 ,  G06F2009/45587

摘要： Implementations describe providing isolation in virtualized systems using trust domains. In one implementation, a processing device includes a memory ownership table (MOT) that is access-controlled against software access. The processing device further includes a processing core to execute a trust domain resource manager (TDRM) to manage a trust domain (TD), maintain a trust domain control structure (TDCS) for managing global metadata for each TD, maintain an execution state of the TD in at least one trust domain thread control structure (TD-TCS) that is access-controlled against software accesses, and reference the MOT to obtain at least one key identifier (key ID) corresponding to an encryption key assigned to the TD, the key ID to allow the processing device to decrypt memory pages assigned to the TD responsive to the processing device executing in the context of the TD, the memory pages assigned to the TD encrypted with the encryption key.

公开(公告)号：US11651085B2

公开(公告)日：2023-05-16

申请号：US16934089

申请日：2020-07-21

申请人： Intel Corporation

发明人： David M. Durham ,  Siddhartha Chhabra ,  Ravi L. Sahita ,  Barry E. Huntley ,  Gilbert Neiger ,  Gideon Gerzon ,  Baiju V. Patel

IPC分类号： G06F21/60 ,  G06F3/06 ,  G06F12/1009 ,  G06F21/57 ,  G06F21/53

CPC分类号： G06F21/602 ,  G06F3/067 ,  G06F3/0623 ,  G06F3/0661 ,  G06F12/1009 ,  G06F21/53 ,  G06F21/57 ,  G06F2212/1052

摘要： A processor executes an untrusted VMM that manages execution of a guest workload. The processor also populates an entry in a memory ownership table for the guest workload. The memory ownership table is indexed by an original hardware physical address, the entry comprises an expected guest address that corresponds to the original hardware physical address, and the entry is encrypted with a key domain key. In response to receiving a request from the guest workload to access memory using a requested guest address, the processor (a) obtains, from the untrusted VMM, a hardware physical address that corresponds to the requested guest address; (b) uses that physical address as an index to find an entry in the memory ownership table; and (c) verifies whether the expected guest address from the found entry matches the requested guest address. Other embodiments are described and claimed.

公开(公告)号：US11650818B2

公开(公告)日：2023-05-16

申请号：US17404890

申请日：2021-08-17

申请人： Intel Corporation

发明人： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Xiaoning Li

IPC分类号： G06F21/54 ,  G06F21/00 ,  G06F9/30 ,  G06F9/38 ,  G06F21/55

CPC分类号： G06F9/3005 ,  G06F9/30054 ,  G06F9/30145 ,  G06F9/3857 ,  G06F9/3861 ,  G06F9/3865 ,  G06F9/3867 ,  G06F21/554

摘要： A processor includes an execution unit and a processing logic operatively coupled to the execution unit, the processing logic to: enter a first execution state and transition to a second execution state responsive to executing a control transfer instruction. Responsive to executing a target instruction of the control transfer instruction, the processing logic further transitions to the first execution state responsive to the target instruction being a control transfer termination instruction of a mode identical to a mode of the processing logic following the execution of the control transfer instruction; and raises an execution exception responsive to the target instruction being a control transfer termination instruction of a mode different than the mode of the processing logic following the execution of the control transfer instruction.

公开(公告)号：US11467982B2

公开(公告)日：2022-10-11

申请号：US16985898

申请日：2020-08-05

申请人： Intel Corporation

发明人： Rajesh P. Banginwar ,  Sumanth Naropanth ,  Sunil K. Notalapati Prabhakara ,  Surendra K. Singh ,  Arvind Mohan ,  Ravi L. Sahita ,  Rahil Malhotra ,  Aman Bakshi ,  Vasudevarao Kamma ,  Jyothi Nayak ,  Vivek Thakkar ,  Royston A. Pinto

IPC分类号： G06F12/14 ,  G06F9/48 ,  G06F21/53 ,  G06F9/455 ,  G06F21/57 ,  G06F12/109 ,  G06F12/02

摘要： A data processing system (DPS) uses platform protection technology (PPT) to protect some or all of the code and data belonging to certain software modules. The PPT may include a virtual machine monitor (VMM) to enable an untrusted application and a trusted application to run on top of a single operating system (OS), while preventing the untrusted application from accessing memory used by the trusted application. The VMM may use a first extended page table (EPT) to translate a guest physical address (GPA) into a first host physical address (HPA) for the untrusted application. The VMM may use a second EPT to translate the GPA into a second HPA for the trusted application. The first and second EPTs may map the same GPA to different HPAs. Other embodiments are described and claimed.

公开(公告)号：US11347839B2

公开(公告)日：2022-05-31

申请号：US16452916

申请日：2019-06-26

申请人： INTEL CORPORATION

发明人： Abhishek Basak ,  Ravi L. Sahita ,  Vedvyas Shanbhogue

IPC分类号： G06F21/00 ,  G06F21/52 ,  G06F12/126 ,  G06F12/06

摘要： Various embodiments are generally directed to techniques for control flow protection with minimal performance overhead, such as by utilizing one or more micro-architectural optimizations to implement a shadow stack (SS) to verify a return address before returning from a function call, for instance. Some embodiments are particularly directed to a computing platform, such as an internet of things (IoT) platform, that overlaps or parallelizes one or more SS access operations with one or more data stack (DS) access operations.

公开(公告)号：US20220019698A1

公开(公告)日：2022-01-20

申请号：US17449343

申请日：2021-09-29

申请人： Intel Corporation

发明人： David M. Durham ,  Gilbert Neiger ,  Barry E. Huntley ,  Ravi L. Sahita ,  Baiju V. Patel

IPC分类号： G06F21/71 ,  G06F9/455 ,  G06F21/53 ,  G06F21/57 ,  G06F21/78 ,  G06F8/61 ,  H04L9/08

摘要： According to one embodiment, a method comprises executing an untrusted host virtual machine monitor (VMM) to manage execution of at least one guest virtual machine (VM). The VMM receives an encrypted key domain key, an encrypted guest code image, and an encrypted guest control structure. The VM also issues a create command. In response, a processor creates a first key domain comprising a region of memory to be encrypted by a key domain key. The encrypted key domain key is decrypted to produce the key domain key, which is inaccessible to the VMM. The VMM issues a launch command. In response, a first guest VM is launched within the first key domain. In response to a second launch command, a second guest VM is launched within the first key domain. The second guest VM provides an agent to act on behalf of the VMM. Other embodiments are described and claimed.

公开(公告)号：US20220019432A1

公开(公告)日：2022-01-20

申请号：US17404890

申请日：2021-08-17

申请人： Intel Corporation

发明人： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Xiaoning Li

IPC分类号： G06F9/30 ,  G06F9/38 ,  G06F21/55

摘要： A processor includes an execution unit and a processing logic operatively coupled to the execution unit, the processing logic to: enter a first execution state and transition to a second execution state responsive to executing a control transfer instruction. Responsive to executing a target instruction of the control transfer instruction, the processing logic further transitions to the first execution state responsive to the target instruction being a control transfer termination instruction of a mode identical to a mode of the processing logic following the execution of the control transfer instruction; and raises an execution exception responsive to the target instruction being a control transfer termination instruction of a mode different than the mode of the processing logic following the execution of the control transfer instruction.

公开(公告)号：US11176059B2

公开(公告)日：2021-11-16

申请号：US16831976

申请日：2020-03-27

申请人： Intel Corporation

发明人： David M. Durham ,  Siddhartha Chhabra ,  Amy L. Santoni ,  Gilbert Neiger ,  Barry E. Huntley ,  Hormuzd M. Khosravi ,  Baiju V. Patel ,  Ravi L. Sahita ,  Gideon Gerzon ,  Ido Ouziel ,  Ioannis T. Schoinas ,  Rajesh M. Sankaran

IPC分类号： G06F12/14 ,  G06F21/53 ,  G06F21/78 ,  G06F21/60 ,  G06F21/82 ,  G06F3/06

摘要： In one embodiment, an apparatus comprises a processor to read a data line from memory in response to a read request from a VM. The data line comprises encrypted memory data. The apparatus also comprises a memory encryption circuit in the processor. The memory encryption circuit is to use an address of the read request to select an entry from a P2K table; obtain a key identifier from the selected entry of the P2K table; use the key identifier to select a key for the read request; and use the selected key to decrypt the encrypted memory data into decrypted memory data. The processor is further to make the decrypted memory data available to the VM. The P2K table comprises multiple entries, each comprising (a) a key identifier for a page of memory and (b) an encrypted address for that page of memory. Other embodiments are described and claimed.

公开(公告)号：US11055401B2

公开(公告)日：2021-07-06

申请号：US15720083

申请日：2017-09-29

申请人： Intel Corporation

发明人： Mingwei Zhang ,  Mingqiu Sun ,  Ravi L. Sahita ,  Chunhui Zhang ,  Xiaoning Li

IPC分类号： H04L29/00 ,  G06F21/53 ,  G06F8/41 ,  G06F9/38 ,  G06F21/12

摘要： Technologies for untrusted code execution include a computing device having a processor with sandbox support. The computing device executes code included in a native domain in a non-privileged, native processor mode. The computing device may invoke a sandbox jump processor instruction during execution of the code in the native domain to enter a sandbox domain. The computing device executes code in the sandbox domain in a non-privileged, sandbox processor mode in response to invoking the sandbox jump instruction. While executing in the sandbox processor mode, the processor denies access to memory outside of the sandbox domain and may deny execution of one or more prohibited instructions. From the sandbox domain, the computing device may execute a sandbox exit instruction to exit the sandbox domain and resume execution in the native domain. The computing device may execute processor instructions to configure the sandbox domain. Other embodiments are described and claimed.