-
1.发明申请SECURE DATA PROTECTION WITH IMPROVED READ-ONLY MEMORY LOCKING DURING SYSTEM PRE-BOOT 有权在系统预引导期间安全数据保护与改进的只读存储器锁定公开(公告)号:US20140047174A1
公开(公告)日:2014-02-13
申请号:US13570315
申请日:2012-08-09
IPC分类号: G06F12/14
CPC分类号: G06F12/1416 , G06F12/1425
摘要: Generally, this disclosure provides methods and systems for secure data protection with improved read-only memory locking during system pre-boot including protection of Advanced Configuration and Power Interface (ACPI) tables. The methods may include selecting a region of system memory to be protected, the selection occurring in response to a system reset state and performed by a trusted control block (TCB) comprising a trusted basic input/output system (BIOS); programming an address decoder circuit to configure the selected region as read-write; moving data to be secured to the selected region; programming the address decoder circuit to configure the selected region as read-only; and locking the read-only configuration in the address decoder circuit.
摘要翻译: 通常,本公开提供用于在系统预引导期间具有改进的只读存储器锁定的安全数据保护的方法和系统,包括高级配置和电源接口(ACPI)表的保护。 所述方法可以包括选择要保护的系统存储器的区域,响应于系统复位状态而发生的选择并且由包括可信赖的基本输入/输出系统(BIOS)的信任控制块(TCB)执行的选择; 编程地址解码器电路以将所选择的区域配置为读写; 将数据移动到所选区域; 编程地址解码器电路将所选区域配置为只读; 并将只读配置锁定在地址解码器电路中。
-
2.发明授权Secure data protection with improved read-only memory locking during system pre-boot 有权在系统预引导期间通过改进的只读存储器锁定来保护数据公开(公告)号:US09075751B2
公开(公告)日:2015-07-07
申请号:US13570315
申请日:2012-08-09
CPC分类号: G06F12/1416 , G06F12/1425
摘要: Generally, this disclosure provides methods and systems for secure data protection with improved read-only memory locking during system pre-boot including protection of Advanced Configuration and Power Interface (ACPI) tables. The methods may include selecting a region of system memory to be protected, the selection occurring in response to a system reset state and performed by a trusted control block (TCB) comprising a trusted basic input/output system (BIOS); programming an address decoder circuit to configure the selected region as read-write; moving data to be secured to the selected region; programming the address decoder circuit to configure the selected region as read-only; and locking the read-only configuration in the address decoder circuit.
摘要翻译: 通常,本公开提供用于在系统预引导期间具有改进的只读存储器锁定的安全数据保护的方法和系统,包括高级配置和电源接口(ACPI)表的保护。 所述方法可以包括选择要保护的系统存储器的区域,响应于系统复位状态而发生的选择并且由包括可信赖的基本输入/输出系统(BIOS)的信任控制块(TCB)执行的选择; 编程地址解码器电路以将所选择的区域配置为读写; 将数据移动到所选区域; 编程地址解码器电路将所选区域配置为只读; 并将只读配置锁定在地址解码器电路中。
-
公开(公告)号:US20140089573A1
公开(公告)日:2014-03-27
申请号:US13625673
申请日:2012-09-24
IPC分类号: G06F12/00
CPC分类号: G06F13/1689
摘要: Embodiments of the invention describe apparatuses, systems and methods for enabling memory device access prior to bus training, thereby enabling firmware image storage in non-flash nonvolatile memory, such as DDR DRAM. The increasing size of firmware images, such as BIOS, MRC, and ME firmware, makes current non-volatile storage solutions, such as SPI flash memory, impractical; executing BIOS code in flash is slow, and having a separate non-volatile memory device increases device costs. Furthermore, solutions such as Cache-as-RAM, which are utilized for running the pre-memory BIOS code, are limited by the cache size that is not scalable to the increasing complexity of BIOS code.Embodiments of the invention enable the use of persistent memory, such as DRAM, for BIOS code execution and data transfer by allowing DRAM access before memory channel training; said firmware images may then executed to “train” memory channels for subsequent system use.
摘要翻译: 本发明的实施例描述了用于在总线训练之前使存储器件访问的装置,系统和方法,从而使得非易失性存储器(例如DDR DRAM)中的固件图像存储能够实现。 诸如BIOS,MRC和ME固件等固件映像的增加使当前的非易失性存储解决方案(如SPI闪存)变得不切实际; 在闪存中执行BIOS代码很慢,并且具有单独的非易失性存储器设备会增加设备成本。 此外,用于运行预存储器BIOS代码的诸如Cache-as-RAM的解决方案受到不能随着BIOS代码日益增加的复杂性而变化的高速缓存大小的限制。 本发明的实施例能够通过在存储器信道训练之前允许DRAM访问来使用诸如DRAM之类的持久存储器用于BIOS代码执行和数据传输; 所述固件图像然后可以被执行以“训练”存储器通道用于随后的系统使用。
-
公开(公告)号:US20150161037A1
公开(公告)日:2015-06-11
申请号:US14100721
申请日:2013-12-09
IPC分类号: G06F12/02
CPC分类号: G06F12/0246 , G06F12/0804 , G06F12/0866 , G06F12/0868 , G06F12/0891 , G06F2212/1032 , G06F2212/7203
摘要: Apparatus, systems, and methods to manage memory operations are described. In one example, a controller comprises logic to receive a first transaction to operate on a first data element in a volatile memory, determine whether the first data element is to be stored in a nonvolatile memory, and in response to a determination that the first data element is to be stored in a nonvolatile memory, to forward the first transaction to the memory controller coupled to the nonvolatile memory. Other examples are also disclosed and claimed.
摘要翻译: 描述了管理存储器操作的装置,系统和方法。 在一个示例中,控制器包括接收第一事务以操作易失性存储器中的第一数据元素的逻辑,确定第一数据元素是否要存储在非易失性存储器中,并且响应于确定第一数据 元件将被存储在非易失性存储器中,以将第一事务转发到耦合到非易失性存储器的存储器控制器。 还公开并要求保护其他实例。
-
5.发明申请Methods and apparatus for processing an extensible firmware interface byte code instruction in a loop 审中-公开在循环中处理可扩展固件接口字节码指令的方法和装置公开(公告)号:US20050251652A1
公开(公告)日:2005-11-10
申请号:US10832505
申请日:2004-04-27
CPC分类号: G06F9/45504 , G06F9/4484
摘要: Methods and apparatus to process a virtual machine instruction in a loop are described herein. In an example method, at least one of a loop-start instruction and a loop-end instruction associated with a loop having the virtual machine instruction is monitored. In response to detecting the loop-start instruction, the virtual machine instruction is validated. Further, the virtual machine instruction is converted into one or more native instructions in response to a failure to detect the loop-end instruction. Other embodiments may be described and claimed.
摘要翻译: 本文描述了在循环中处理虚拟机指令的方法和装置。 在示例性方法中,监视与具有虚拟机指令的循环相关联的循环开始指令和循环结束指令中的至少一个。 响应于检测到循环启动指令,验证虚拟机指令。 此外,响应于检测到循环结束指令的故障,虚拟机指令被转换成一个或多个本机指令。 可以描述和要求保护其他实施例。
-
-
-
-
搜索结果
5 条记录 (耗时 0.018 秒)
