公开(公告)号：US10262162B2

公开(公告)日：2019-04-16

申请号：US15635294

申请日：2017-06-28

申请人： Intel Corporation

发明人： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Uday Savagaonkar ,  Ravi L. Sahita

IPC分类号： G06F9/30 ,  G06F21/71 ,  G06F9/38 ,  G06F21/52

摘要： In an embodiment, the present invention includes a processor having an execution logic to execute instructions and a control transfer termination (CTT) logic coupled to the execution logic. This logic is to cause a CTT fault to be raised if a target instruction of a control transfer instruction is not a CTT instruction. Other embodiments are described and claimed.

公开(公告)号：US09852301B2

公开(公告)日：2017-12-26

申请号：US14582797

申请日：2014-12-24

申请人： Intel Corporation

发明人： Alpa Narendra Trivedi ,  Siddhartha Chhabra ,  Uday Savagaonkar ,  Men Long

IPC分类号： G06F21/60 ,  G06F21/62 ,  H04L9/08

CPC分类号： G06F21/606 ,  G06F21/6218 ,  H04L9/0822 ,  H04L9/0861

摘要： Embodiments of an invention for establishing secure channels between a protected execution environment and fixed-function endpoints are disclosed. In one embodiment, and system includes an architecturally protected memory, a processing core communicatively coupled to the architecturally protected memory, and a key distribution engine. The processing core is to implement an architecturally-protected execution environment by performing at least one of executing instructions residing in the architecturally protected memory and preventing an unauthorized access to the architecturally protected memory. The key distribution engine is to provide a secure channel between an application executing within the architecturally-protected execution environment and a fixed-function endpoint by generating a decrypted content encryption key by decrypting an encrypted content encryption key using a key wrapping key shared between the processing core and the key distribution engine and providing the decrypted content encryption key to the fixed-function endpoint.

公开(公告)号：US09698989B2

公开(公告)日：2017-07-04

申请号：US13949213

申请日：2013-07-23

申请人： Intel Corporation

发明人： Vincent Scarlata ,  Carlos Rozas ,  Simon Johnson ,  Uday Savagaonkar ,  Ittai Anati ,  Francis McKeen ,  Michael Goldsmith

IPC分类号： H04L9/32 ,  G06F21/12 ,  G06F21/53

CPC分类号： H04L9/3213 ,  G06F21/12 ,  G06F21/53 ,  H04L9/3263

摘要： Embodiments of an invention for feature licensing in a secure processing environment are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive an instruction to initialize a secure enclave. The execution unit is to execute the instruction. Execution of the instruction includes determining whether a requested feature is licensed for use in the secure enclave.

公开(公告)号：US09684511B2

公开(公告)日：2017-06-20

申请号：US14039663

申请日：2013-09-27

申请人： Intel Corporation

发明人： Vedvyas Shanbhogue ,  Jason Brandt ,  Uday Savagaonkar ,  Ravi Sahita

IPC分类号： G06F7/38 ,  G06F12/16 ,  G06F9/30 ,  G06F9/38 ,  G06F21/00

CPC分类号： G06F9/30054 ,  G06F9/30076 ,  G06F9/30181 ,  G06F9/3861 ,  G06F21/00

摘要： In an embodiment, the present invention includes a processor having a decode unit, an execution unit, and a retirement unit. The decode unit is to decode control transfer instructions and the execution unit is to execute control transfer instructions. The retirement unit is to retire a first control transfer instruction, and to raise a fault if a next instruction to be retired after the first control transfer instruction is not a second control transfer instruction and a target instruction of the first control transfer instruction is in code using the control transfer instructions.

公开(公告)号：US20220224510A1

公开(公告)日：2022-07-14

申请号：US17706288

申请日：2022-03-28

申请人： Intel Corporation

发明人： Eugene M. Kishinevsky ,  Uday Savagaonkar ,  Alpa T. Narendra Trivedi ,  Siddhartha Chhabra ,  Baiju V. Patel ,  Men Long ,  Kirk S. Yap ,  David M. Durham

IPC分类号： H04L9/06 ,  G06F12/14 ,  G09C1/00 ,  G06F21/85 ,  G06F21/60

摘要： Encryption interface technologies are described. A processor can include a system agent, an encryption interface, and a memory controller. The system agent can communicate data with a hardware functional block. The encryption interface can be coupled between the system agent and a memory controller. The encryption interface can receive a plaintext request from the system agent, encrypt the plaintext request to obtain an encrypted request, and communicate the encrypted request to the memory controller. The memory controller can communicate the encrypted request to a main memory of the computing device.

公开(公告)号：US20180067758A1

公开(公告)日：2018-03-08

申请号：US15647646

申请日：2017-07-12

申请人： Intel Corporation

发明人： Ravi L. Sahita ,  Uday Savagaonkar

IPC分类号： G06F9/455 ,  G06F21/57 ,  G06F21/51

CPC分类号： G06F9/45533 ,  G06F21/51 ,  G06F21/57

摘要： Systems and methods are described herein that discuss how a computing platform executing a virtualized environment, in one example, can be integrity verified adaptively and on demand. This may occur at initial runtime, as well as during continued operations, and allows the platform user to install software from various vendors without sacrificing the integrity measurement and therefore the trustworthiness of the platform.

公开(公告)号：US09729309B2

公开(公告)日：2017-08-08

申请号：US13719939

申请日：2012-12-19

申请人： Intel Corporation

发明人： Simon Johnson ,  Abhishek Das ,  Carlos Rozas ,  Uday Savagaonkar ,  Robert Blankenship ,  Kiran Padwekar

IPC分类号： G06F21/00 ,  H04L29/06 ,  H04L9/32 ,  H04L9/00

CPC分类号： H04L9/00 ,  G06F21/556 ,  G06F21/606 ,  H04L9/32 ,  H04L63/0428 ,  H04L63/0471 ,  H04L63/123

摘要： Embodiments of an invention for securing transmissions between processor packages are disclosed. In one embodiment, an apparatus includes an encryption unit to encrypt first content to be transmitted from the apparatus to a processor package directly through a point-to-point link.

公开(公告)号：US09710293B2

公开(公告)日：2017-07-18

申请号：US13665416

申请日：2012-10-31

申请人： Intel Corporation

发明人： Ravi Sahita ,  Uday Savagaonkar

IPC分类号： G06F9/455 ,  G06F21/57 ,  G06F21/51

CPC分类号： G06F9/45533 ,  G06F21/51 ,  G06F21/57

摘要： Systems and methods are described herein that discuss how a computing platform executing a virtualized environment, in one example, can be integrity verified adaptively and on demand. This may occur at initial runtime, as well as during continued operations, and allows the platform user to install software from various vendors without sacrificing the integrity measurement and therefore the trustworthiness of the platform.

公开(公告)号：US20200004991A1

公开(公告)日：2020-01-02

申请号：US16352051

申请日：2019-03-13

申请人： Intel Corporation

发明人： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Uday Savagaonkar ,  Ravi L. Sahita

IPC分类号： G06F21/71 ,  G06F9/30 ,  G06F9/38 ,  G06F21/52

摘要： In an embodiment, the present invention includes a processor having an execution logic to execute instructions and a control transfer termination (CTT) logic coupled to the execution logic. This logic is to cause a CTT fault to be raised if a target instruction of a control transfer instruction is not a CTT instruction. Other embodiments are described and claimed.

公开(公告)号：US10379888B2

公开(公告)日：2019-08-13

申请号：US15647646

申请日：2017-07-12

申请人： Intel Corporation

发明人： Ravi L. Sahita ,  Uday Savagaonkar

IPC分类号： G06F9/455 ,  G06F21/57 ,  G06F21/51

摘要： Systems and methods are described herein that discuss how a computing platform executing a virtualized environment, in one example, can be integrity verified adaptively and on demand. This may occur at initial runtime, as well as during continued operations, and allows the platform user to install software from various vendors without sacrificing the integrity measurement and therefore the trustworthiness of the platform.