公开(公告)号：US09798898B2

公开(公告)日：2017-10-24

申请号：US14884525

申请日：2015-10-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: G06F21/00 ,  G06F21/72 ,  G06F9/30 ,  H04L9/08 ,  G06F21/74 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/60 ,  G06F21/71 ,  H04L9/06

CPC classification number: G06F21/72 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/74 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0827 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A microprocessor conditionally grants a request to switch from a normal execution mode in which encrypted instructions cannot be executed, into a secure execution mode (SEM). Thereafter, the microprocessor executes a plurality of instructions, including a store-key instruction to write a set of one or more cryptographic key values into a secure memory of the microprocessor. After fetching an encrypted program from an instruction cache, the microprocessor decrypts the encrypted program into plaintext instructions using decryption logic within the microprocessor's instruction-processing pipeline.

公开(公告)号：US09361097B2

公开(公告)日：2016-06-07

申请号：US14088565

申请日：2013-11-25

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean

IPC: G06F9/28 ,  G06F9/30

CPC classification number: G06F9/30178 ,  G06F9/26 ,  G06F9/268 ,  G06F9/28 ,  G06F9/30145 ,  G06F9/32 ,  G06F9/3802

Abstract: A microprocessor includes one or more memories configured to hold microcode instructions, wherein at least a portion of the microcode instructions are compressed. The microprocessor also includes a decompression unit configured to decompress the compressed microcode instructions after being fetched from the one or more memories and before being executed. A method includes receiving from a memory a first N-bit wide microcode word, determining whether or not a predetermined portion of the first N-bit wide microcode word is a predetermined value, if the predetermined portion is not the predetermined value, decompressing the first N-bit wide microcode word to generate an M-bit wide microcode word, and if the predetermined portion is the predetermined value, receiving from the memory a second N-bit wide microcode word and joining portions of the first and second N-bit wide microcode words to generate the M-bit wide microcode word.

Abstract translation: 微处理器包括被配置为保持微代码指令的一个或多个存储器，其中至少一部分微代码指令被压缩。 该微处理器还包括一个解压缩单元，配置成在从一个或多个存储器中取出并在被执行之前解压缩压缩的微代码指令。 一种方法包括从存储器接收第一N位宽的微码字，如果预定部分不是预定值，则确定第一N位宽微码字的预定部分是否是预定值，解压缩第一 N位宽的微码字以产生M位宽的微码字，并且如果预定部分是预定值，则从存储器接收第二N位宽的微码字，并将第一和第二N位宽的连接部分 微码字来生成M位宽的微码字。

公开(公告)号：US20150113253A1

公开(公告)日：2015-04-23

申请号：US14088565

申请日：2013-11-25

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean

IPC: G06F9/28

CPC classification number: G06F9/30178 ,  G06F9/26 ,  G06F9/268 ,  G06F9/28 ,  G06F9/30145 ,  G06F9/32 ,  G06F9/3802

Abstract: A microprocessor includes one or more memories configured to hold microcode instructions, wherein at least a portion of the microcode instructions are compressed. The microprocessor also includes a decompression unit configured to decompress the compressed microcode instructions after being fetched from the one or more memories and before being executed. A method includes receiving from a memory a first N-bit wide microcode word, determining whether or not a predetermined portion of the first N-bit wide microcode word is a predetermined value, if the predetermined portion is not the predetermined value, decompressing the first N-bit wide microcode word to generate an M-bit wide microcode word, and if the predetermined portion is the predetermined value, receiving from the memory a second N-bit wide microcode word and joining portions of the first and second N-bit wide microcode words to generate the M-bit wide microcode word.

Abstract translation: 微处理器包括被配置为保持微代码指令的一个或多个存储器，其中至少一部分微代码指令被压缩。 该微处理器还包括一个解压缩单元，配置成在从一个或多个存储器中取出并在被执行之前解压缩压缩的微代码指令。 一种方法包括从存储器接收第一N位宽的微码字，如果预定部分不是预定值，则确定第一N位宽微码字的预定部分是否是预定值，解压缩第一 N位宽的微码字以产生M位宽的微码字，并且如果预定部分是预定值，则从存储器接收第二N位宽的微码字，并将第一和第二N位宽的连接部分 微码字来生成M位宽的微码字。

公开(公告)号：US09911008B2

公开(公告)日：2018-03-06

申请号：US14884547

申请日：2015-10-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: G06F21/72 ,  G06F9/30 ,  H04L9/08 ,  G06F21/74 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/60 ,  G06F21/71 ,  H04L9/06

CPC classification number: G06F21/72 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/3017 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/74 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0827 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A microprocessor is provided in which an encrypted program can replace the decryption keys that are used to decrypt sections of the encrypted program. The microprocessor may be decrypting and executing a first section of the encrypted program when it encounters, decrypts, and executes an encrypted store-key instruction to store a new set of decryption keys. After executing the store-key instruction, the microprocessor decrypts and executes a subsequent section of the encrypted program using the new set of decryption keys. On-the-fly key switching may occur numerous times with successive encrypted store-key instructions and successive sets of encrypted instructions.

公开(公告)号：US09483263B2

公开(公告)日：2016-11-01

申请号：US14072428

申请日：2013-11-05

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Rodney E. Hooker ,  John D. Bunda ,  Brent Bean

IPC: G06F9/00 ,  G06F9/44 ,  G06F9/26 ,  G06F9/30

CPC classification number: G06F9/26 ,  G06F9/30145 ,  G06F9/30174

Abstract: A microprocessor includes a plurality of processing cores each comprises a corresponding memory physically located inside the core and readable by the core but not readable by the other cores (“core memory”). The microprocessor also includes a memory physically located outside all of the cores and readable by all of the cores (“uncore memory”). For each core, the uncore memory and corresponding core memory collectively provide M words of storage for microcode instructions fetchable by the core as follows: the uncore memory provides J of the M words of microcode instruction storage, and the corresponding core memory provides K of the M words of microcode instruction storage. J, K and M are counting numbers, and M=J+K. The memories are non-architecturally-visible and accessed using a fetch address provided by a non-architectural program counter, and the microcode instructions are non-architectural instructions that implement architectural instructions.

Abstract translation: 微处理器包括多个处理核心，每个处理核心包括物理上位于核心内并由核心读取但不能被其他核心（“核心存储器”）读取的对应存储器。 微处理器还包括物理上位于所有核心外的所有核心（“非存储器”）可读取的存储器。 对于每个核心，非核存储器和对应的核心存储器共同提供M个字节的存储器，用于由核心获取的微代码指令，如下：非存储器提供微代码指令存储器的M个字节的J，并且相应的核心存储器提供K M码的微码指令存储。 J，K和M是计数数，M = J + K。 存储器是非架构可见的，并且使用由非架构程序计数器提供的提取地址来访问，并且微代码指令是实施架构指令的非架构指令。

公开(公告)号：US08886960B2

公开(公告)日：2014-11-11

申请号：US14066485

申请日：2013-10-29

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: G06F21/00 ,  H04L9/08 ,  G06F12/08 ,  G06F21/52 ,  G06F21/71 ,  G06F21/72 ,  G06F9/30 ,  G06F21/60 ,  H04L9/06 ,  G06F21/54

CPC classification number: H04L9/0827 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A microprocessor includes an architected register having a bit. The microprocessor sets the bit. The microprocessor also includes a fetch unit that fetches encrypted instructions from an instruction cache and decrypts them prior to executing them, in response to the microprocessor setting the bit. The microprocessor saves the value of the bit to a stack in memory and then clears the bit, in response to receiving an interrupt. The fetch unit fetches unencrypted instructions from the instruction cache and executes them without decrypting them, after the microprocessor clears the bit. The microprocessor restores the saved value from the stack in memory to the bit in the architected register, in response to executing a return from interrupt instruction. The fetch unit resumes fetching and decrypting the encrypted instructions, in response to determining that the restored value of the bit is set.

Abstract translation: 微处理器包括具有一定位的架构化寄存器。 微处理器设置位。 微处理器还包括提取单元，其响应于微处理器设置该位，从指令高速缓存取出加密指令并在执行它们之前对其进行解密。 微处理器将该位的值保存到存储器中的堆栈，然后清除该位，以响应接收到中断。 提取单元从指令高速缓存中读取未加密的指令，并在微处理器清零位之后执行它们而不对其进行解密。 微处理器将保存的值从存储器中的堆栈恢复到架构化寄存器中的位，以响应执行中断指令的返回。 响应于确定该位的恢复值被设置，获取单元恢复获取和解密加密指令。

公开(公告)号：US08880902B2

公开(公告)日：2014-11-04

申请号：US14066428

申请日：2013-10-29

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: G06F21/00 ,  H04L9/08 ,  G06F12/08 ,  G06F21/52 ,  G06F21/71 ,  G06F21/72 ,  G06F9/30 ,  G06F21/60 ,  H04L9/06 ,  G06F21/54

CPC classification number: H04L9/0827 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0875 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A microprocessor is provided with a method for decrypting encrypted instruction data into plain text instruction data and securely executing the same. The microprocessor includes a master key register file comprising a plurality of master keys. Selection logic circuitry in the microprocessor selects a combination of at least two of the plurality of master keys. Key expansion circuitry in the microprocessor performs mathematical operations on the selected master keys to generate a decryption key having a long effective key length. Instruction decryption circuitry performs an efficient mathematical operation on the encrypted instruction data and the decryption key to decrypt the encrypted instruction data into plain text instruction data.

Abstract translation: 微处理器具有用于将加密指令数据解密为明文指令数据并安全执行该方法。 微处理器包括一个包含多个主密钥的主密钥寄存器文件。 微处理器中的选择逻辑电路选择多个主键中的至少两个的组合。 微处理器中的密钥扩展电路对所选择的主密钥执行数学运算，以产生具有长的有效密钥长度的解密密钥。 指令解密电路对加密指令数据和解密密钥进行有效的数学运算，将加密指令数据解密为明文指令数据。

公开(公告)号：US20140297993A1

公开(公告)日：2014-10-02

申请号：US14072428

申请日：2013-11-05

Applicant: VIA Technologies, Inc.

Inventor： G. Glenn Henry ,  Terry Parks ,  Rodney E. Hooker ,  John D. Bunda ,  Brent Bean

IPC: G06F9/30

CPC classification number: G06F9/26 ,  G06F9/30145 ,  G06F9/30174

Abstract: A microprocessor includes a plurality of processing cores each comprises a corresponding memory physically located inside the core and readable by the core but not readable by the other cores (“core memory”). The microprocessor also includes a memory physically located outside all of the cores and readable by all of the cores (“uncore memory”). For each core, the uncore memory and corresponding core memory collectively provide M words of storage for microcode instructions fetchable by the core as follows: the uncore memory provides J of the M words of microcode instruction storage, and the corresponding core memory provides K of the M words of microcode instruction storage. J, K and M are counting numbers, and M=J+K. The memories are non-architecturally-visible and accessed using a fetch address provided by a non-architectural program counter, and the microcode instructions are non-architectural instructions that implement architectural instructions.

Abstract translation: 微处理器包括多个处理核心，每个处理核心包括物理上位于核心内并由核心读取但不能被其他核心（“核心存储器”）读取的对应存储器。 微处理器还包括物理上位于所有核心外的所有核心（“非存储器”）可读取的存储器。 对于每个核心，非核存储器和对应的核心存储器共同提供M个字节的存储器，用于由核心获取的微代码指令，如下：非存储器提供微代码指令存储器的M个字节的J，并且相应的核心存储器提供K M码的微码指令存储。 J，K和M是计数数，M = J + K。 存储器是非架构可见的，并且使用由非架构程序计数器提供的提取地址来访问，并且微代码指令是实施架构指令的非架构指令。

公开(公告)号：US10108431B2

公开(公告)日：2018-10-23

申请号：US15265127

申请日：2016-09-14

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Stephan Gaskins

IPC: G06F1/00 ,  G06F9/38 ,  G06F1/32 ,  G06F12/084 ,  G06F13/24 ,  G06F9/4401 ,  G06F13/364 ,  G06F12/0808 ,  G06F9/30 ,  G06F12/0875 ,  G06F1/04 ,  G06F1/12 ,  G06F13/42 ,  G06F21/53 ,  G06F21/57 ,  H04L9/08 ,  H01L21/66

Abstract: A microprocessor includes a plurality of cores, a shared cache memory, and a control unit that individually puts each core to sleep by stopping its clock signal. Each core executes a sleep instruction and responsively makes a respective request of the control unit to put the core to sleep, which the control unit responsively does, and detects when all the cores have made the respective request and responsively wakes up only the last requesting cores. The last core writes back and invalidates the shared cache memory and indicates it has been invalidated and makes a request to the control unit to put the last core back to sleep. The control unit puts the last core back to sleep and continuously keeps the other cores asleep while the last core writes back and invalidates the shared cache memory, indicates the shared cache memory was invalidated, and is put back to sleep.

公开(公告)号：US09967092B2

公开(公告)日：2018-05-08

申请号：US14884416

申请日：2015-10-15

Applicant: VIA TECHNOLOGIES, INC.

Inventor： G. Glenn Henry ,  Terry Parks ,  Brent Bean ,  Thomas A. Crispin

IPC: H04L29/06 ,  H04L9/08 ,  G06F12/14 ,  G06F12/0862 ,  G06F12/0855 ,  G06F12/0875 ,  G06F9/30 ,  G06F21/52 ,  G06F21/54 ,  G06F21/60 ,  G06F21/71 ,  G06F21/72 ,  H04L9/06

CPC classification number: H04L9/0825 ,  G06F9/30003 ,  G06F9/30079 ,  G06F9/30178 ,  G06F9/30189 ,  G06F12/0855 ,  G06F12/0862 ,  G06F12/0875 ,  G06F12/1408 ,  G06F21/52 ,  G06F21/54 ,  G06F21/602 ,  G06F21/71 ,  G06F21/72 ,  G06F2212/1052 ,  G06F2212/402 ,  G06F2212/452 ,  G06F2212/6026 ,  G06F2221/2107 ,  H04L9/0618 ,  H04L9/0827 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/0894 ,  H04L2209/12 ,  H04L2209/20

Abstract: A secure memory, key expansion logic, and decryption logic are provided for a microprocessor that executes encrypted instructions. The secure memory stores a plurality of decryption key primitives. The key expansion logic selects two or more decryption key primitives from the secure memory and then derives a decryption key from them. The decryption logic uses the decryption key to decrypt an encrypted instruction fetched from the instruction cache. The decryption key primitives are selected on the basis of an encrypted instruction address, one of them is rotated by an amount also determined by the encrypted instruction address, and then they are additively or subtractively accumulated, also on the basis of the encrypted instruction address.