公开(公告)号：US20130159664A1

公开(公告)日：2013-06-20

申请号：US13325282

申请日：2011-12-14

申请人： Paul BLINZER ,  Leendert Peter Van Doorn ,  Gongxian Jeffrey Cheng ,  Elene Terry ,  Thomas Roy Woller ,  Arshad Rahman

发明人： Paul BLINZER ,  Leendert Peter Van Doorn ,  Gongxian Jeffrey Cheng ,  Elene Terry ,  Thomas Roy Woller ,  Arshad Rahman

IPC分类号： G06F12/10

CPC分类号： G06F12/1009 ,  G06F9/3004 ,  G06F9/3881 ,  G06F12/1081 ,  G06F2009/3883 ,  G06F2212/683

摘要： In a CPU of the combined CPU/APD architecture system, the CPU having multiple CPU cores, each core having a first machine specific register for receiving a physical page table/page directory base address, a second machine specific register for receiving a physical address pointing to a location controlled by an IOMMUv2 that is communicatively coupled to an APD, and microcode which when executed causes a write notification to be issued to the physical address contained in the second machine specific register; receiving in the first machine specific register of a CPU core, a physical page table/page directory base address, receiving in the second machine specific register of the CPU core, a physical address pointing to a location controlled by the IOMMUv2, determining that a control register of the CPU core has been updated, and responsive to the determination that the control register has been updated, executing microcode in the CPU core that causes a write notification to be issued to the physical address contained in the second machine specific register, wherein the physical address is able to receive writes that affect IOMMUv2 page table invalidations.

摘要翻译： 在组合的CPU / APD架构系统的CPU中，CPU具有多个CPU内核，每个核具有用于接收物理页表/页目录基地址的第一机器特定寄存器，用于接收物理地址指向 到由通信地耦合到APD的IOMMUv2控制的位置，以及当被执行时导致向包含在第二机器特定寄存器中的物理地址发出写入通知的微代码; 在CPU核心的第一机器特定寄存器中接收物理页表/页目录基地址，在CPU核心的第二机器特定寄存器中接收指向由IOMMUv2控制的位置的物理地址，确定控制 已经更新了CPU核心的寄存器，并且响应于控制寄存器被更新的确定，执行CPU核心中的微代码，使得向第二机器特定寄存器中包含的物理地址发出写入通知，其中， 物理地址能够接收影响IOMMUv2页表无效的写入。

公开(公告)号：US08578129B2

公开(公告)日：2013-11-05

申请号：US13325282

申请日：2011-12-14

申请人： Paul Blinzer ,  Leendert Peter Van Doorn ,  Gongxian Jeffrey Cheng ,  Elene Terry ,  Thomas Roy Woller ,  Arshad Rahman

发明人： Paul Blinzer ,  Leendert Peter Van Doorn ,  Gongxian Jeffrey Cheng ,  Elene Terry ,  Thomas Roy Woller ,  Arshad Rahman

IPC分类号： G06F12/00

CPC分类号： G06F12/1009 ,  G06F9/3004 ,  G06F9/3881 ,  G06F12/1081 ,  G06F2009/3883 ,  G06F2212/683

摘要： In a CPU, the CPU having multiple CPU cores, each core having a first machine specific register, a second machine specific register, and microcode which when executed causes a write notification to be issued to the physical address contained in the second machine specific register; receiving in the first machine specific register of a CPU core, a physical page table/page directory base address, receiving in the second machine specific register of the CPU core, a physical address pointing to a location controlled by the IOMMUv2, determining that a control register of the CPU core has been updated, and responsive to the determination that the control register has been updated, executing microcode in the CPU core that causes a write notification to be issued to the physical address contained in the second machine specific register, wherein the physical address is able to receive writes that affect IOMMUv2 page table invalidations.

摘要翻译： 在CPU中，具有多个CPU核心的CPU，每个核心具有第一机器特定寄存器，第二机器特定寄存器和微代码，当被执行时，将对包含在第二机器特定寄存器中的物理地址发出写入通知; 在CPU核心的第一机器特定寄存器中接收物理页表/页目录基地址，在CPU核心的第二机器特定寄存器中接收指向由IOMMUv2控制的位置的物理地址，确定控制 已经更新了CPU核心的寄存器，并且响应于控制寄存器被更新的确定，执行CPU核心中的微代码，使得向第二机器特定寄存器中包含的物理地址发出写入通知，其中， 物理地址能够接收影响IOMMUv2页表无效的写入。

公开(公告)号：US20120229481A1

公开(公告)日：2012-09-13

申请号：US13310162

申请日：2011-12-02

申请人： Rex McCrary ,  Michael Clair Houston ,  Philip J. Rogers ,  Gongxian Jeffrey Cheng ,  Mark Hummel ,  Charles Roberts Moore ,  Leendert Peter Van Doorn ,  Paul Blinzer

发明人： Rex McCrary ,  Michael Clair Houston ,  Philip J. Rogers ,  Gongxian Jeffrey Cheng ,  Mark Hummel ,  Charles Roberts Moore ,  Leendert Peter Van Doorn ,  Paul Blinzer

IPC分类号： G06T1/00

CPC分类号： G06F9/5044 ,  G06F2209/509

摘要： A method, system, and computer program product are disclosed for providing improved access to accelerated processing device compute resources to user mode applications. The functionality disclosed allows user mode applications to provide commands to an accelerated processing device without the need for kernel mode transitions in order to access a unified ring buffer. Instead, applications are each provided with their own buffers, which the accelerated processing device hardware can access to process commands. With full operating system support, user mode applications are able to utilize the accelerated processing device in much the same way as a CPU.

摘要翻译： 公开了一种方法，系统和计算机程序产品，用于提供对用户模式应用的加速处理设备计算资源的改进访问。 所公开的功能允许用户模式应用程序向加速处理设备提供命令，而不需要内核模式转换以便访问统一的环形缓冲区。 相反，应用程序各自提供有自己的缓冲区，加速处理设备硬件可以访问进程命令。 通过完整的操作系统支持，用户模式应用程序能够以与CPU相同的方式利用加速处理设备。

公开(公告)号：US09176794B2

公开(公告)日：2015-11-03

申请号：US13289260

申请日：2011-11-04

申请人： Jeffrey Gongxian Cheng ,  Paul Blinzer ,  Mark Hummel ,  Leendert Peter Van Doorn

发明人： Jeffrey Gongxian Cheng ,  Paul Blinzer ,  Mark Hummel ,  Leendert Peter Van Doorn

IPC分类号： G06F12/02 ,  G06T1/00 ,  G06T15/00 ,  G06F9/54

CPC分类号： G06F9/545 ,  G06F2209/509

摘要： A method, system, and computer program product are disclosed for providing improved access to accelerated processing device compute resources to user mode applications. The functionality disclosed allows user mode applications to provide commands to an accelerated processing device without the need for kernel mode transitions in order to access a unified ring buffer. Instead, applications are each provided with their own buffers, which the accelerated processing device hardware can access to process commands. With full operating system support, user mode applications are able to utilize the accelerated processing device in much the same way as a CPU.

摘要翻译： 公开了一种方法，系统和计算机程序产品，用于提供对用户模式应用的加速处理设备计算资源的改进访问。 所公开的功能允许用户模式应用程序向加速处理设备提供命令，而不需要内核模式转换以便访问统一的环形缓冲区。 相反，应用程序各自提供有自己的缓冲区，加速处理设备硬件可以访问进程命令。 通过完整的操作系统支持，用户模式应用程序能够以与CPU相同的方式利用加速处理设备。

公开(公告)号：US08055912B2

公开(公告)日：2011-11-08

申请号：US12621524

申请日：2009-11-19

申请人： Steven A. Bade ,  Linda Nancy Betz ,  Andrew Gregory Kegel ,  David R. Safford ,  Leendert Peter Van Doorn

发明人： Steven A. Bade ,  Linda Nancy Betz ,  Andrew Gregory Kegel ,  David R. Safford ,  Leendert Peter Van Doorn

IPC分类号： G06F11/30

CPC分类号： G06F21/575

摘要： Multiple trusted platform modules within a data processing system are used in a redundant manner that provides a reliable mechanism for securely storing secret data at rest that is used to bootstrap a system trusted platform module. A hypervisor requests each trusted platform module to encrypt a copy of the secret data, thereby generating multiple versions of encrypted secret data values, which are then stored within a non-volatile memory within the trusted platform. At some later point in time, the encrypted secret data values are retrieved, decrypted by the trusted platform module that performed the previous encryption, and then compared to each other. If any of the decrypted values do not match a quorum of values from the comparison operation, then a corresponding trusted platform module for a non-matching decrypted value is designated as defective because it has not been able to correctly decrypt a value that it previously encrypted.

摘要翻译： 以冗余的方式使用数据处理系统内的多个可信任的平台模块，其提供用于安全地存储用于引导系统可信平台模块的休息处的秘密数据的可靠机制。 管理程序请求每个可信平台模块加密秘密数据的副本，从而生成加密的秘密数据值的多个版本，然后存储在可信平台内的非易失性存储器中。 在稍后的时间点，加密的秘密数据值由执行先前加密的可信任平台模块进行解密，然后进行比较。 如果解密值中的任何一个与比较操作中的值的数量不匹配，则用于非匹配解密值的相应的可信平台模块被指定为有缺陷的，因为它不能正确解密之前加密的值 。

公开(公告)号：US06546546B1

公开(公告)日：2003-04-08

申请号：US09449098

申请日：1999-11-24

申请人： Leendert Peter Van Doorn

发明人： Leendert Peter Van Doorn

IPC分类号： G06F944

CPC分类号： G06F9/468 ,  G06F12/0253 ,  G06F12/1483

摘要： The Virtual Machine is viewed by many as inherently insecure despite all the efforts to improve its security. This invention provides methods, apparatus, and computer products to implement a system that provides operating system style protection for code. Although applicable to many language systems, the invention is described for a system employing the Java language. Hardware protection domains are used to separate Java classes, provide access control on cross domain method invocations, efficient data sharing between protection domains, and memory and CPU resource control. Apart from the performance impact, these security measures are all transparent to the Java programs, even when a subclass is in one domain and its superclass is in another, when they do not violate the policy. To reduce the performance impact, classes are grouped and shared between protection domains and map data lazily as it is being shared. The system has been implemented on top of the Paramecium operating system used as an example of an extensible operating system application.

摘要翻译： 虚拟机被许多人视为固有的不安全，尽管努力提高其安全性。 本发明提供了实现为代码提供操作系统风格保护的系统的方法，装置和计算机产品。 尽管适用于许多语言系统，但是针对采用Java语言的系统描述了本发明。 硬件保护域用于分离Java类，提供对跨域方法调用的访问控制，保护域之间的有效数据共享以及内存和CPU资源控制。 除了性能影响之外，这些安全措施对于Java程序都是透明的，即使当一个子类在一个域中，并且它的超类在另一个域中，当它们不违反策略时。 为了降低性能影响，类在保护域之间进行分组和共享，并在数据共享时懒惰地映射数据。 该系统已经在作为可扩展操作系统应用程序的示例的Paramecium操作系统之上实现。

公开(公告)号：US08185750B2

公开(公告)日：2012-05-22

申请号：US12059274

申请日：2008-03-31

申请人： Steven A. Bade ,  Ronald Perez ,  Leendert Peter Van Doorn ,  Helmut H. Weber

发明人： Steven A. Bade ,  Ronald Perez ,  Leendert Peter Van Doorn ,  Helmut H. Weber

IPC分类号： G06F12/14 ,  G06F21/22

CPC分类号： G06F21/572

摘要： A method, system and computer program product for enhancing the functionality of the existing core root of trust measurement (CRTM). The CRTM is extended to allow platform manufacturer controlled and certified code to be incorporated into the function of the CRTM, wherein the manufacturer may define the policy for accepting a new function into the CRTM. When a firmware or software module image is compiled, the build process generates a hash value of the compiled firmware or software image, wherein the hash value reflects a fingerprint (or short hand) representation of the compiled image. A determination is made as to whether the hash value of the firmware or software image is to be a CRTM extension. If so, a digital signature of the module is created using the CRTM extension private key. This signature value is added to the firmware or software module.

摘要翻译： 一种用于增强现有核心信任度量（CRTM）功能的方法，系统和计算机程序产品。 CRTM被扩展为允许平台制造商控制和认证的代码被并入CRTM的功能，其中制造商可以将接受新功能的策略定义到CRTM中。 当编译固件或软件模块图像时，构建过程产生编译的固件或软件映像的哈希值，其中散列值反映编译图像的指纹（或短手）表示。 确定固件或软件映像的哈希值是否为CRTM扩展。 如果是这样，使用CRTM扩展专用密钥创建模块的数字签名。 该签名值被添加到固件或软件模块。

公开(公告)号：US07900059B2

公开(公告)日：2011-03-01

申请号：US11301803

申请日：2005-12-13

申请人： Steven A. Bade ,  Andrew Gregory Kegel ,  Leendert Peter Van Doorn

发明人： Steven A. Bade ,  Andrew Gregory Kegel ,  Leendert Peter Van Doorn

IPC分类号： G06F11/30 ,  G06F12/14

CPC分类号： G06F21/57

摘要： A method, system and computer program product for implementing general purpose PCRs with extended semantics (referred to herein as “ePCRs”) in a trusted, measured software module. The module is designed to run in one of a hypervisor context, an isolated partition, or under other isolated configurations. Because the software module is provided using trusted (measured) code, the software implementing the PCRs is able to run as a simple software process in the operating system (OS), as long as the software is first measured and logged. The software-implemented ePCRs are generated as needed to record specific measurements of the software and hardware elements on which an application depends, and the ePCRs are able to ignore other non-dependencies.

摘要翻译： 一种用于在可信测量的软件模块中实现具有扩展语义（在本文中称为“ePCR”）的通用PCR的方法，系统和计算机程序产品。 该模块设计为在虚拟机管理程序上下文，隔离分区或其他隔离配置之一下运行。 由于使用可信（测量）代码提供软件模块，所以实施PCR的软件只要首先测量和记录软件，就可以在操作系统（OS）中作为简单的软件过程运行。 根据需要生成软件实现的ePCR，以记录应用程序所依赖的软件和硬件元素的特定测量，ePCR可以忽略其他不依赖性。

公开(公告)号：US08549288B2

公开(公告)日：2013-10-01

申请号：US12128952

申请日：2008-05-29

申请人： Steven A. Bade ,  Stefan Berger ,  Kenneth Alan Goldman ,  Ronald Perez ,  Reiner Sailer ,  Leendert Peter Van Doorn

发明人： Steven A. Bade ,  Stefan Berger ,  Kenneth Alan Goldman ,  Ronald Perez ,  Reiner Sailer ,  Leendert Peter Van Doorn

IPC分类号： H04L29/06

CPC分类号： G06F21/57

摘要： A trusted platform module is presented that is capable of creating, dynamically, multiple virtual trusted platform modules in a hierarchical organization. A trusted platform module domain is created. The trusted platform module creates virtual trusted platform modules, as needed, in the trusted platform module domain. The virtual trusted platform modules can inherit the permissions of a parent trusted platform module to have the ability to create virtual trusted platform modules themselves. Each virtual trusted platform module is associated with a specific partition. Each partition is associated with an individual operating system. The hierarchy of created operating systems and their privilege of spawning new operating systems is reflected in the hierarchy of trusted platform modules and the privileges each of the trusted platform modules has.

摘要翻译： 提出了一种可信任的平台模块，能够在层次结构中动态创建多个虚拟可信平台模块。 创建可信平台模块域。 可信平台模块根据需要在可信平台模块域中创建虚拟可信平台模块。 虚拟可信平台模块可以继承父信任平台模块的权限，以便能够自己创建虚拟可信平台模块。 每个虚拟可信平台模块与特定分区关联。 每个分区与单个操作系统相关联。 创建的操作系统的层次结构及其产生新操作系统的特权体现在可信平台模块的层次结构和每个可信平台模块所具有的特权上。

公开(公告)号：US20100070781A1

公开(公告)日：2010-03-18

申请号：US12621524

申请日：2009-11-19

申请人： Steven A. Bade ,  Linda Nancy Betz ,  Andrew Gregory Kegel ,  David R. Safford ,  Leendert Peter Van Doorn

发明人： Steven A. Bade ,  Linda Nancy Betz ,  Andrew Gregory Kegel ,  David R. Safford ,  Leendert Peter Van Doorn

IPC分类号： G06F11/30

CPC分类号： G06F21/575

摘要： Multiple trusted platform modules within a data processing system are used in a redundant manner that provides a reliable mechanism for securely storing secret data at rest that is used to bootstrap a system trusted platform module. A hypervisor requests each trusted platform module to encrypt a copy of the secret data, thereby generating multiple versions of encrypted secret data values, which are then stored within a non-volatile memory within the trusted platform. At some later point in time, the encrypted secret data values are retrieved, decrypted by the trusted platform module that performed the previous encryption, and then compared to each other. If any of the decrypted values do not match a quorum of values from the comparison operation, then a corresponding trusted platform module for a non-matching decrypted value is designated as defective because it has not been able to correctly decrypt a value that it previously encrypted.

摘要翻译： 以冗余的方式使用数据处理系统内的多个可信任的平台模块，其提供用于安全地存储用于引导系统可信平台模块的休息处的秘密数据的可靠机制。 管理程序请求每个可信平台模块加密秘密数据的副本，从而生成加密的秘密数据值的多个版本，然后存储在可信平台内的非易失性存储器中。 在稍后的时间点，加密的秘密数据值由执行先前加密的可信任平台模块进行解密，然后进行比较。 如果解密值中的任何一个与比较操作中的值的数量不匹配，则用于非匹配解密值的相应的可信平台模块被指定为有缺陷的，因为它不能正确解密其先前加密的值 。