公开(公告)号：US20150178500A1

公开(公告)日：2015-06-25

申请号：US14639854

申请日：2015-03-05

Applicant: Intel Corporation

Inventor： Adrian R. Pearson ,  Christopher Andrew Thornburg ,  Steven J. Brown ,  Peter R. Munguia

IPC: G06F21/57

CPC classification number: G06F3/0625 ,  G06F1/3234 ,  G06F3/0622 ,  G06F21/57 ,  G06F21/575 ,  G06F21/79 ,  H04L9/3247

Abstract: A disclosed example method involves configuring a processor to, when transitioning the processor system to a low-power mode, use a key and a random or pseudo-random value to generate a first signature based on a sample of memory regions to be protected during the low-power mode, the memory regions based on a manufacturer required regions table and a third-party required regions table. The disclosed example method also involves configuring a processor to, during a resume process of the processor system from the low-power mode, generate a second signature based on the sample of the memory regions protected during the low-power mode. The disclosed example method also involves configuring a processor to, when the first signature matches the second signature, cause the processor system to resume from the low-power mode, and when the first signature does not match the second signature, generate an error.

Abstract translation: 所公开的示例性方法包括配置处理器以在将处理器系统转换到低功率模式时，使用密钥和随机或伪随机值，以基于在所述第一签名期间保护的存储器区域的样本来生成第一签名 低功耗模式，内存区域基于制造商所需的区域表和第三方所需区域表。 所公开的示例性方法还涉及将处理器配置成在处理器系统从低功率模式的恢复过程期间，基于在低功率模式期间受保护的存储器区域的采样来生成第二签名。 所公开的示例方法还涉及将处理器配置为当第一签名与第二签名匹配时使得处理器系统从低功率模式恢复，并且当第一签名与第二签名不匹配时，生成错误。

公开(公告)号：US09542114B2

公开(公告)日：2017-01-10

申请号：US15187348

申请日：2016-06-20

Applicant: Intel Corporation

Inventor： Adrian R. Pearson ,  Christopher Andrew Thornburg ,  Steven J. Brown ,  Peter R. Munguia

IPC: H04L9/00 ,  G06F3/06 ,  H04L9/32 ,  G06F1/32

CPC classification number: G06F3/0625 ,  G06F1/3234 ,  G06F3/0622 ,  G06F21/57 ,  G06F21/575 ,  G06F21/79 ,  H04L9/3247

Abstract: A disclosed example involves managing power states, signing a suspend-to-RAM (STR) data structure by: generating a header key, a scatter/gather table key and a dynamic random access memory (DRAM) key using a root key generated by the secure processor. Generating a header signature using the header key, the header signature based on a table header and a random or pseudo-random value. Generating a scatter/gather table signature using the scatter/gather table key, the scatter/gather table signature based on a scatter/gather table header and a random or pseudo-random value. Generating a DRAM signature using the DRAM key and a value from a region of DRAM. Storing the header signature, the scatter/gather table signature and the DRAM signature in the STR data structure. Resume the processor system from the low-power mode when the data structure is valid based on a comparison of a first signature and a second signature.

Abstract translation: 所公开的示例涉及通过以下方式来管理电源状态，签名挂起到RAM（STR）数据结构：使用根据密钥生成的根密钥生成头部密钥，分散/聚集表密钥和动态随机存取存储器（DRAM）密钥 安全处理器。 使用头部密钥生成头部签名，基于表头部的头部签名和随机或伪随机值。 使用分散/收集表密钥生成分散/收集表签名，基于分散/收集表头的分散/收集表签名和随机或伪随机值。 使用DRAM密钥和来自DRAM区域的值生成DRAM签名。 在STR数据结构中存储头标签，分散/收集表签名和DRAM签名。 当数据结构基于第一签名和第二签名的比较而有效时，从低功率模式恢复处理器系统。

公开(公告)号：US09372993B2

公开(公告)日：2016-06-21

申请号：US14639854

申请日：2015-03-05

Applicant: Intel Corporation

Inventor： Adrian R. Pearson ,  Christopher Andrew Thornburg ,  Steven J. Brown ,  Peter R. Munguia

IPC: G06F21/57

CPC classification number: G06F3/0625 ,  G06F1/3234 ,  G06F3/0622 ,  G06F21/57 ,  G06F21/575 ,  G06F21/79 ,  H04L9/3247

Abstract: A disclosed example method involves configuring a processor to, when transitioning the processor system to a low-power mode, use a key and a random or pseudo-random value to generate a first signature based on a sample of memory regions to be protected during the low-power mode, the memory regions based on a manufacturer required regions table and a third-party required regions table. The disclosed example method also involves configuring a processor to, during a resume process of the processor system from the low-power mode, generate a second signature based on the sample of the memory regions protected during the low-power mode. The disclosed example method also involves configuring a processor to, when the first signature matches the second signature, cause the processor system to resume from the low-power mode, and when the first signature does not match the second signature, generate an error.

Abstract translation: 所公开的示例性方法包括配置处理器以在将处理器系统转换到低功率模式时，使用密钥和随机或伪随机值，以基于在所述第一签名期间保护的存储器区域的样本来生成第一签名 低功耗模式，内存区域基于制造商所需的区域表和第三方所需区域表。 所公开的示例性方法还涉及将处理器配置成在处理器系统从低功率模式的恢复过程期间，基于在低功率模式期间受保护的存储器区域的采样来生成第二签名。 所公开的示例方法还涉及将处理器配置为当第一签名与第二签名匹配时使得处理器系统从低功率模式恢复，并且当第一签名与第二签名不匹配时，生成错误。

公开(公告)号：US20160299721A1

公开(公告)日：2016-10-13

申请号：US15187348

申请日：2016-06-20

Applicant: Intel Corporation

Inventor： Adrian R. Pearson ,  Christopher Andrew Thornburg ,  Steven J. Brown ,  Peter R. Munguia

IPC: G06F3/06 ,  G06F1/32 ,  H04L9/32

CPC classification number: G06F3/0625 ,  G06F1/3234 ,  G06F3/0622 ,  G06F21/57 ,  G06F21/575 ,  G06F21/79 ,  H04L9/3247

Abstract: A disclosed example involves managing power states, signing a suspend-to-RAM (STR) data structure by: generating a header key, a scatter/gather table key and a dynamic random access memory (DRAM) key using a root key generated by the secure processor. Generating a header signature using the header key, the header signature based on a table header and a random or pseudo-random value. Generating a scatter/gather table signature using the scatter/gather table key, the scatter/gather table signature based on a scatter/gather table header and a random or pseudo-random value. Generating a DRAM signature using the DRAM key and a value from a region of DRAM. Storing the header signature, the scatter/gather table signature and the DRAM signature in the STR data structure. Resume the processor system from the low-power mode when the data structure is valid based on a comparison of a first signature and a second signature.

Abstract translation: 所公开的示例涉及通过以下方式来管理电源状态，签名挂起到RAM（STR）数据结构：使用由该密钥生成的根密钥生成头部密钥，分散/聚集表密钥和动态随机存取存储器（DRAM）密钥 安全处理器。 使用头部密钥生成头部签名，基于表头部的头部签名和随机或伪随机值。 使用分散/收集表密钥生成分散/收集表签名，基于分散/收集表头的分散/收集表签名和随机或伪随机值。 使用DRAM密钥和来自DRAM区域的值生成DRAM签名。 在STR数据结构中存储头标签，分散/收集表签名和DRAM签名。 当数据结构基于第一签名和第二签名的比较而有效时，从低功率模式恢复处理器系统。