公开(公告)号：US20170098079A1

公开(公告)日：2017-04-06

申请号：US15380661

申请日：2016-12-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY

IPC: G06F21/57 ,  G06F13/42 ,  H04L9/32 ,  G06F9/44 ,  H04L29/06

CPC classification number: G06F21/572 ,  G06F9/4401 ,  G06F13/24 ,  G06F13/4282 ,  G06F21/554 ,  G06F2221/2107 ,  H04L9/06 ,  H04L9/0618 ,  H04L9/0869 ,  H04L9/3231 ,  H04L9/3242 ,  H04L63/0435 ,  H04L63/0876 ,  H04L63/123

Abstract: An apparatus is provided for protecting a basic input/output system (BIOS) in a computing system. The apparatus includes a BIOS read only memory (ROM), an event detector, and a tamper detector. The BIOS ROM has BIOS contents that are stored as plaintext, and an encrypted message digest, where the encrypted message digest comprises an encrypted version of a first message digest that corresponds to the BIOS contents, and where and the encrypted version is generated via a symmetric key algorithm and a key. The event detector is configured to generate a BIOS check interrupt that interrupts normal operation of the computing system upon the occurrence of an event, where the event includes one or more occurrences of an operating system call. The tamper detector is operatively coupled to the BIOS ROM and is configured to access the BIOS contents and the encrypted message digest upon assertion of the BIOS check interrupt, and is configured to direct a microprocessor to generate a second message digest corresponding to the BIOS contents and a decrypted message digest corresponding to the encrypted message digest using the symmetric key algorithm and the key, and is configured to compare the second message digest with the decrypted message digest, and configured to preclude the operation of the microprocessor if the second message digest and the decrypted message digest are not equal. The microprocessor includes a dedicated crypto/hash unit disposed within execution logic, where the crypto/hash unit generates the second message digest and the decrypted message digest, and where the key is exclusively accessed by the crypto/hash unit. The microprocessor further has a random number generator disposed within the execution logic, where the random number generator generates a random number at completion of a current BIOS check, which is employed by the event detector to randomly set a number of occurrences of the event that are to occur before a following BIOS check.

公开(公告)号：US20170098078A1

公开(公告)日：2017-04-06

申请号：US15380063

申请日：2016-12-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY

IPC: G06F21/57 ,  H04L9/32 ,  G06F13/24 ,  G06F13/42 ,  G06F9/44 ,  H04L29/06

CPC classification number: G06F21/572 ,  G06F9/4401 ,  G06F13/24 ,  G06F13/4282 ,  G06F21/554 ,  G06F2221/2107 ,  H04L9/06 ,  H04L9/0618 ,  H04L9/0869 ,  H04L9/3231 ,  H04L9/3242 ,  H04L63/0435 ,  H04L63/0876 ,  H04L63/123

Abstract: An apparatus is provided for protecting a basic input/output system (BIOS) in a computing system. The apparatus includes a BIOS read only memory (ROM), an event detector, and a tamper detector. The BIOS ROM has BIOS contents that are stored as plaintext, and an encrypted message digest, where the encrypted message digest comprises an encrypted version of a first message digest that corresponds to the BIOS contents, and where and the encrypted version is generated via a symmetric key algorithm and a key. The event detector is configured to generate a BIOS check interrupt that interrupts normal operation of the computing system upon the occurrence of an event, where the event includes one or more occurrences of a PCI Express access. The tamper detector is operatively coupled to the BIOS ROM and is configured to access the BIOS contents and the encrypted message digest upon assertion of the BIOS check interrupt, and is configured to direct a microprocessor to generate a second message digest corresponding to the BIOS contents and a decrypted message digest corresponding to the encrypted message digest using the symmetric key algorithm and the key, and is configured to compare the second message digest with the decrypted message digest, and configured to preclude the operation of the microprocessor if the second message digest and the decrypted message digest are not equal. The microprocessor includes a dedicated crypto/hash unit disposed within execution logic, where the crypto/hash unit generates the second message digest and the decrypted message digest, and where the key is exclusively accessed by the crypto/hash unit. The microprocessor further has a random number generator disposed within the execution logic, where the random number generator generates a random number at completion of a current BIOS check, which is employed by the event detector to randomly set a number of occurrences of the event that are to occur before a following BIOS check.

公开(公告)号：US20170098077A1

公开(公告)日：2017-04-06

申请号：US15380015

申请日：2016-12-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY

IPC: G06F21/57 ,  H04L9/32 ,  G06F13/24 ,  G06F13/42 ,  G06F9/44 ,  H04L29/06

CPC classification number: G06F21/572 ,  G06F9/4401 ,  G06F13/24 ,  G06F13/4282 ,  G06F21/554 ,  G06F2221/2107 ,  H04L9/06 ,  H04L9/0618 ,  H04L9/0869 ,  H04L9/3231 ,  H04L9/3242 ,  H04L63/0435 ,  H04L63/0876 ,  H04L63/123

Abstract: An apparatus is provided for protecting a basic input/output system (BIOS) in a computing system. The apparatus includes a BIOS read only memory (ROM), an event detector, and a tamper detector. The BIOS ROM has BIOS contents that are stored as plaintext, and an encrypted message digest, where the encrypted message digest comprises an encrypted version of a first message digest that corresponds to the BIOS contents, and where and the encrypted version is generated via a symmetric key algorithm and a key. The event detector is configured to generate a BIOS check interrupt that interrupts normal operation of the computing system upon the occurrence of an event, where the event includes one or more occurrences of a change in virtual memory mapping. The tamper detector is operatively coupled to the BIOS ROM and is configured to access the BIOS contents and the encrypted message digest upon assertion of the BIOS check interrupt, and is configured to direct a microprocessor to generate a second message digest corresponding to the BIOS contents and a decrypted message digest corresponding to the encrypted message digest using the symmetric key algorithm and the key, and is configured to compare the second message digest with the decrypted message digest, and configured to preclude the operation of the microprocessor if the second message digest and the decrypted message digest are not equal. The microprocessor includes a dedicated crypto/hash unit disposed within execution logic, where the crypto/hash unit generates the second message digest and the decrypted message digest, and where the key is exclusively accessed by the crypto/hash unit. The microprocessor further has a random number generator disposed within the execution logic, where the random number generator generates a random number at completion of a current BIOS check, which is employed by the event detector to randomly set a number of occurrences of the event that are to occur before a following BIOS check.

公开(公告)号：US20170098076A1

公开(公告)日：2017-04-06

申请号：US15379974

申请日：2016-12-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY

IPC: G06F21/57 ,  H04L9/32 ,  G06F13/24 ,  G06F13/42 ,  G06F9/44 ,  H04L29/06

CPC classification number: G06F21/572 ,  G06F9/4401 ,  G06F13/24 ,  G06F13/4282 ,  G06F21/554 ,  G06F2221/2107 ,  H04L9/06 ,  H04L9/0618 ,  H04L9/0869 ,  H04L9/3231 ,  H04L9/3242 ,  H04L63/0435 ,  H04L63/0876 ,  H04L63/123

Abstract: An apparatus is provided for protecting a basic input/output system (BIOS) in a computing system. The apparatus includes a BIOS read only memory (ROM), an event detector, and a tamper detector. The BIOS ROM has BIOS contents that are stored as plaintext, and an encrypted message digest, where the encrypted message digest comprises an encrypted version of a first message digest that corresponds to the BIOS contents, and where and the encrypted version is generated via a symmetric key algorithm and a key. The event detector is configured to generate a BIOS check interrupt that interrupts normal operation of the computing system upon the occurrence of an event, where the event includes one or more occurrences of a hard disk access. The tamper detector is operatively coupled to the BIOS ROM and is configured to access the BIOS contents and the encrypted message digest upon assertion of the BIOS check interrupt, and is configured to direct a microprocessor to generate a second message digest corresponding to the BIOS contents and a decrypted message digest corresponding to the encrypted message digest using the symmetric key algorithm and the key, and is configured to compare the second message digest with the decrypted message digest, and configured to preclude the operation of the microprocessor if the second message digest and the decrypted message digest are not equal. The microprocessor includes a dedicated crypto/hash unit disposed within execution logic, where the crypto/hash unit generates the second message digest and the decrypted message digest, and where the key is exclusively accessed by the crypto/hash unit. The microprocessor further has a random number generator disposed within the execution logic, where the random number generator generates a random number at completion of a current BIOS check, which is employed by the event detector to randomly set a number of occurrences of the event that are to occur before a following BIOS check.

公开(公告)号：US20160162017A1

公开(公告)日：2016-06-09

申请号：US14994544

申请日：2016-01-13

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY ,  TERRY PARKS

IPC: G06F1/32 ,  G06F12/08

CPC classification number: G06F1/3287 ,  G06F1/04 ,  G06F1/32 ,  G06F9/522 ,  G06F12/0891 ,  G06F2212/1028 ,  G06F2212/60

Abstract: A multi-core microprocessor supports a plurality of operating states that provide different levels of performance and power consumption to the microprocessor and its cores. A control unit puts selected cores into selected operating states at selected times. A core-specific synchronization register is provided for each core external to the core and readable by the control unit. Each core responds to an instruction to target an operating state by writing a value identifying the target operating state to the synchronization register. The control unit causes power saving actions that affect shared resources provided that the actions do not reduce performance of any core sharing the resources below the core's target operating state.

Abstract translation: 多核微处理器支持向微处理器及其核心提供不同级别的性能和功耗的多个操作状态。 控制单元在所选择的时间将选定的磁芯置于选定的运行状态。 为核心外部的每个核心提供核心特定同步寄存器，并由控制单元读取。 每个核心通过将标识目标操作状态的值写入同步寄存器来响应指令以对准操作状态的指令。 如果行为不降低任何核心共享低于核心目标操作状态的资源的核心，控制单元就会产生影响共享资源的省电动作。

公开(公告)号：US20150067301A1

公开(公告)日：2015-03-05

申请号：US14526029

申请日：2014-10-28

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY ,  TERRY PARKS ,  RODNEY E. HOOKER

IPC: G06F15/82 ,  G06F9/38 ,  G06F9/30

CPC classification number: G06F9/441 ,  G06F9/265 ,  G06F9/30043 ,  G06F9/30072 ,  G06F9/30076 ,  G06F9/30105 ,  G06F9/30123 ,  G06F9/30145 ,  G06F9/3017 ,  G06F9/30174 ,  G06F9/30189 ,  G06F9/30196 ,  G06F9/3802 ,  G06F9/4401 ,  G06F9/4403 ,  G06F15/82

Abstract: A microprocessor includes a plurality of registers that holds an architectural state of the microprocessor and an indicator that indicates a boot instruction set architecture (ISA) of the microprocessor as either the x86 ISA or the Advanced RISC Machines (ARM) ISA. The microprocessor also includes a hardware instruction translator that translates x86 ISA instructions and ARM ISA instructions into microinstructions. The hardware instruction translator translates, as instructions of the boot ISA, the initial ISA instructions that the microprocessor fetches from architectural memory space after receiving a reset signal. The microprocessor also includes an execution pipeline, coupled to the hardware instruction translator. The execution pipeline executes the microinstructions to generate results defined by the x86 ISA and ARM ISA instructions. In response to the reset signal, the microprocessor initializes its architectural state in the plurality of registers as defined by the boot ISA prior to fetching the initial ISA instructions.

Abstract translation: 微处理器包括保持微处理器架构状态的多个寄存器和指示微处理器的引导指令集体系结构（ISA）作为x86 ISA或高级RISC机器（ARM）ISA的指示符。 微处理器还包括硬件指令转换器，将x86 ISA指令和ARM ISA指令转换为微指令。 作为引导ISA的指令，硬件指令转换器将转换为接收复位信号后微处理器从架构存储器空间中提取的初始ISA指令。 微处理器还包括耦合到硬件指令转换器的执行流水线。 执行流水线执行微指令以生成由x86 ISA和ARM ISA指令定义的结果。 响应于复位信号，微处理器在获取初始ISA指令之前初始化由引导ISA定义的多个寄存器中的架构状态。

公开(公告)号：US20180032341A1

公开(公告)日：2018-02-01

申请号：US15728551

申请日：2017-10-10

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY ,  TERRY PARKS

IPC: G06F9/30 ,  G06F9/38

CPC classification number: G06F9/30145 ,  G06F9/3005 ,  G06F9/30058 ,  G06F9/30072 ,  G06F9/3017 ,  G06F9/30174 ,  G06F9/3836 ,  G06F9/3859

Abstract: A microprocessor performs an If-Then (IT) instruction and an associated IT block by extracting condition information from the IT instruction and for each instruction of the IT block: determining a respective condition for the instruction using the extract condition information, translating the instruction into a microinstruction, and conditionally executing the microinstruction based on the respective condition. For a first instruction, the translating comprises fusing the IT instruction with the first IT block instruction. A hardware instruction translation unit performs the extracting, determining and translating. Execution units conditionally execute the microinstructions. The hardware instruction translation unit and execution units are distinct hardware elements and are coupled together. The hardware translation unit performs the extracting, fusing and for each instruction of the IT block the determining and translating without writing intermediate results to a system memory, without execution of other architectural instructions by the microprocessor, and/or in six clock cycles or less.

公开(公告)号：US20170098083A1

公开(公告)日：2017-04-06

申请号：US15380825

申请日：2016-12-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY

IPC: G06F21/57 ,  H04L9/06

CPC classification number: G06F21/572 ,  G06F21/554 ,  G06F2221/2107 ,  H04L9/3242

Abstract: An apparatus is provided for protecting a basic input/output system (BIOS) in a computing system. The apparatus includes a BIOS read only memory (ROM), an event detector, and a tamper detector. The BIOS ROM has BIOS contents that are stored as plaintext, and an encrypted message digest, where the encrypted message digest comprises an encrypted version of a first message digest that corresponds to the BIOS contents, and where and the encrypted version is generated via a symmetric key algorithm and a key. The event detector is configured to generate a BIOS check interrupt that interrupts normal operation of the computing system upon the occurrence of an event, where the event includes one or more occurrences of a power glitch exceeding a specified threshold within a specified time period. The tamper detector is operatively coupled to the BIOS ROM and is configured to access the BIOS contents and the encrypted message digest upon assertion of the BIOS check interrupt, and is configured to direct a microprocessor to generate a second message digest corresponding to the BIOS contents and a decrypted message digest corresponding to the encrypted message digest using the symmetric key algorithm and the key, and is configured to compare the second message digest with the decrypted message digest, and configured to preclude the operation of the microprocessor if the second message digest and the decrypted message digest are not equal. The microprocessor includes a dedicated crypto/hash unit disposed within execution logic, where the crypto/hash unit generates the second message digest and the decrypted message digest, and where the key is exclusively accessed by the crypto/hash unit. The microprocessor further has a random number generator disposed within the execution logic, where the random number generator generates a random number at completion of a current BIOS check, which is employed by the event detector to randomly set a number of occurrences of the event that are to occur before a following BIOS check.

公开(公告)号：US20170068546A1

公开(公告)日：2017-03-09

申请号：US15357145

申请日：2016-11-21

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY ,  STEPHAN GASKINS

IPC: G06F9/38 ,  G06F13/42 ,  G06F9/44 ,  G06F13/24

CPC classification number: G06F9/3885 ,  G06F1/04 ,  G06F1/12 ,  G06F1/3203 ,  G06F1/3237 ,  G06F1/324 ,  G06F1/3287 ,  G06F1/3296 ,  G06F9/30032 ,  G06F9/30047 ,  G06F9/30079 ,  G06F9/30087 ,  G06F9/30105 ,  G06F9/30145 ,  G06F9/3802 ,  G06F9/3861 ,  G06F9/4403 ,  G06F9/4405 ,  G06F9/4411 ,  G06F9/4418 ,  G06F12/0808 ,  G06F12/084 ,  G06F12/0875 ,  G06F13/24 ,  G06F13/364 ,  G06F13/42 ,  G06F21/53 ,  G06F21/57 ,  G06F2212/452 ,  G06F2212/6028 ,  G06F2212/62 ,  H01L22/34 ,  H04L9/0877 ,  H04L9/0897 ,  Y02B70/12 ,  Y02B70/123 ,  Y02B70/126 ,  Y02B70/30 ,  Y02D10/10 ,  Y02D10/126 ,  Y02D10/128 ,  Y02D10/13 ,  Y02D10/171 ,  Y02D10/172 ,  Y02D10/30 ,  Y02D50/20

Abstract: A microprocessor includes an indicator and a plurality of processing cores. Each of the plurality of processing cores is configured to generate a default core ID and to sample the indicator. When the indicator indicates a first predetermined value, the default core ID generated by a default one of the plurality of processing cores designates the default processing core to be a bootstrap processor. When the indicator indicates a second predetermined value distinct from the first predetermined value, the plurality of processing cores are configured to generate alternate core IDs that are different from the default core IDs. One of the alternate core IDs designates an alternate processing core, other than the default processing core, to be the bootstrap processor.

Abstract translation: 微处理器包括指示器和多个处理核心。 多个处理核心中的每一个被配置为生成默认核心ID并对指示器进行采样。 当指示符指示第一预定值时，由多个处理核心中的默认核心ID产生的默认核心ID将默认处理核心指定为引导处理器。 当指示符指示与第一预定值不同的第二预定值时，多个处理核被配置为生成与默认核心ID不同的替代核心ID。 替代核心ID之一指定除了默认处理核心之外的替代处理核心，作为自举处理器。

公开(公告)号：US20170003707A1

公开(公告)日：2017-01-05

申请号：US15265127

申请日：2016-09-14

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. GLENN HENRY ,  TERRY PARKS ,  BRENT BEAN ,  STEPHAN GASKINS

IPC: G06F1/12 ,  G06F1/32 ,  G06F9/44

CPC classification number: G06F9/3885 ,  G06F1/04 ,  G06F1/12 ,  G06F1/3203 ,  G06F1/3237 ,  G06F1/324 ,  G06F1/3287 ,  G06F1/3296 ,  G06F9/30032 ,  G06F9/30047 ,  G06F9/30079 ,  G06F9/30087 ,  G06F9/30105 ,  G06F9/30145 ,  G06F9/3802 ,  G06F9/3861 ,  G06F9/4403 ,  G06F9/4405 ,  G06F9/4411 ,  G06F9/4418 ,  G06F12/0808 ,  G06F12/084 ,  G06F12/0875 ,  G06F13/24 ,  G06F13/364 ,  G06F13/42 ,  G06F21/53 ,  G06F21/57 ,  G06F2212/452 ,  G06F2212/6028 ,  G06F2212/62 ,  H01L22/34 ,  H04L9/0877 ,  H04L9/0897 ,  Y02B70/12 ,  Y02B70/123 ,  Y02B70/126 ,  Y02B70/30 ,  Y02D10/10 ,  Y02D10/126 ,  Y02D10/128 ,  Y02D10/13 ,  Y02D10/171 ,  Y02D10/172 ,  Y02D10/30 ,  Y02D50/20

Abstract: A microprocessor includes a plurality of cores, a shared cache memory, and a control unit that individually puts each core to sleep by stopping its clock signal. Each core executes a sleep instruction and responsively makes a respective request of the control unit to put the core to sleep, which the control unit responsively does, and detects when all the cores have made the respective request and responsively wakes up only the last requesting cores. The last core writes back and invalidates the shared cache memory and indicates it has been invalidated and makes a request to the control unit to put the last core back to sleep. The control unit puts the last core back to sleep and continuously keeps the other cores asleep while the last core writes back and invalidates the shared cache memory, indicates the shared cache memory was invalidated, and is put back to sleep.

Abstract translation: 微处理器包括多个核心，共享高速缓冲存储器和控制单元，其通过停止其时钟信号来单独地将每个核心置于睡眠状态。 每个核心执行睡眠指令，并且响应地使控制单元的相应请求将核心置于睡眠状态，控制单元响应地进行该操作，并且检测所有核心何时完成了各自的请求，并且响应地只唤醒最后请求的核心 。 最后一个内核写回并使共享高速缓存内存无效，并指示它已被无效，并向控制单元发出请求以使最后一个核心返回休眠状态。 控制单元将最后一个核心置于休眠状态，并持续保持其他内核处于睡眠状态，同时最后一个内核回写并使共享缓存内存无效，表示共享高速缓存内存无效，并返回睡眠状态。