-
公开(公告)号:US08510569B2
公开(公告)日:2013-08-13
申请号:US12639616
申请日:2009-12-16
申请人: Ned Smith , Vedvyas Shanbhogue , Arvind Kumar , Purushottam Goel
发明人: Ned Smith , Vedvyas Shanbhogue , Arvind Kumar , Purushottam Goel
CPC分类号: G06F21/554 , G06F21/44 , G06F21/57 , G06F21/64
摘要: In one embodiment, a processor includes a microcode storage including processor instructions to create and execute a hidden resource manager (HRM) to execute in a hidden environment that is not visible to system software. The processor may further include an extend register to store security information including a measurement of at least one kernel code module of the hidden environment and a status of a verification of the at least one kernel code module. Other embodiments are described and claimed.
-
公开(公告)号:US20100169968A1
公开(公告)日:2010-07-01
申请号:US12347890
申请日:2008-12-31
CPC分类号: G06F12/1408 , G06F9/45558 , G06F9/4812 , G06F9/5077 , G06F2009/45579 , G06F2212/1052 , H04L9/14 , H04L9/3242 , H04L63/168 , H04L2209/24 , Y02D10/22 , Y02D10/24 , Y02D10/36
摘要: Methods and apparatus relating to processor extensions for execution of secure embedded containers are described. In an embodiment, a scalable solution for manageability function is provided, e.g., for UMPC environments or otherwise where utilizing a dedicated processor or microcontroller for manageability is inappropriate or impractical. For example, in an embodiment, an OS (Operating System) or VMM (Virtual Machine Manager) Independent (generally referred to herein as “OI”) architecture involves creating one or more containers on a processor by dynamically partitioning resources (such as processor cycles, memory, devices) between the HOST OS/VMM and the OI container. Other embodiments are also described and claimed.
摘要翻译: 描述与用于执行安全嵌入式容器的处理器扩展有关的方法和装置。 在一个实施例中,提供了用于可管理性功能的可扩展解决方案,例如对于UMPC环境,或者其他利用专用处理器或微控制器进行可管理性是不合适或不切实际的。 例如,在一个实施例中,OS(操作系统)或VMM(虚拟机管理器)独立(本文通常称为“OI”)架构涉及通过动态地划分资源(例如处理器周期)来在处理器上创建一个或多个容器 ,内存,设备)在HOST OS / VMM和OI容器之间。 还描述和要求保护其他实施例。
-
公开(公告)号:US09086913B2
公开(公告)日:2015-07-21
申请号:US12347890
申请日:2008-12-31
CPC分类号: G06F12/1408 , G06F9/45558 , G06F9/4812 , G06F9/5077 , G06F2009/45579 , G06F2212/1052 , H04L9/14 , H04L9/3242 , H04L63/168 , H04L2209/24 , Y02D10/22 , Y02D10/24 , Y02D10/36
摘要: Methods and apparatus relating to processor extensions for execution of secure embedded containers are described. In an embodiment, a scalable solution for manageability function is provided, e.g., for UMPC environments or otherwise where utilizing a dedicated processor or microcontroller for manageability is inappropriate or impractical. For example, in an embodiment, an OS (Operating System) or VMM (Virtual Machine Manager) Independent (generally referred to herein as “OI”) architecture involves creating one or more containers on a processor by dynamically partitioning resources (such as processor cycles, memory, devices) between the HOST OS/VMM and the OI container. Other embodiments are also described and claimed.
摘要翻译: 描述与用于执行安全嵌入式容器的处理器扩展有关的方法和装置。 在一个实施例中,提供了用于可管理性功能的可扩展解决方案,例如对于UMPC环境,或者其他利用专用处理器或微控制器进行可管理性是不合适或不切实际的。 例如,在一个实施例中,OS(操作系统)或VMM(虚拟机管理器)独立(本文通常称为“OI”)架构涉及通过动态地划分资源(例如处理器周期)来在处理器上创建一个或多个容器 ,内存,设备)在HOST OS / VMM和OI容器之间。 还描述和要求保护其他实施例。
-
公开(公告)号:US20130179693A1
公开(公告)日:2013-07-11
申请号:US13782484
申请日:2013-03-01
IPC分类号: G06F21/44
CPC分类号: G06F21/554 , G06F21/44 , G06F21/57 , G06F21/64
摘要: In one embodiment, a processor includes a microcode storage including processor instructions to create and execute a hidden resource manager (HRM) to execute in a hidden environment that is not visible to system software. The processor may further include an extend register to store security information including a measurement of at least one kernel code module of the hidden environment and a status of a verification of the at least one kernel code module. Other embodiments are described and claimed.
-
5.发明申请Providing Integrity Verification And Attestation In A Hidden Execution Environment 有权在隐藏的执行环境中提供完整性验证和证明公开(公告)号:US20110145598A1
公开(公告)日:2011-06-16
申请号:US12639616
申请日:2009-12-16
CPC分类号: G06F21/554 , G06F21/44 , G06F21/57 , G06F21/64
摘要: In one embodiment, a processor includes a microcode storage including processor instructions to create and execute a hidden resource manager (HRM) to execute in a hidden environment that is not visible to system software. The processor may further include an extend register to store security information including a measurement of at least one kernel code module of the hidden environment and a status of a verification of the at least one kernel code module. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,处理器包括微代码存储器,其包括处理器指令,用于创建和执行在系统软件不可见的隐藏环境中执行的隐藏资源管理器(HRM)。 处理器还可以包括扩展寄存器,用于存储包括隐藏环境的至少一个内核代码模块的测量值和至少一个内核代码模块的验证状态的安全信息。 描述和要求保护其他实施例。
-
6.发明申请METHOD, APPARATUS AND SYSTEM FOR PERFORMING MANAGEMENT COMPONENT TRANSPORT PROTOCOL (MCTP) COMMUNICATIONS WITH A UNIVERSAL SERIAL BUS (USB) DEVICE 有权用于通过通用串行总线(USB)设备执行管理组件运输协议(MCTP)通信的方法,装置和系统公开(公告)号:US20150169453A1
公开(公告)日:2015-06-18
申请号:US14126915
申请日:2013-07-31
申请人: Vedvyas Shanbhogue , Arvind Kumar
发明人: Vedvyas Shanbhogue , Arvind Kumar
CPC分类号: G06F12/0811 , G06F12/0808 , G06F12/084 , G06F12/128 , G06F13/4027 , G06F13/4269 , G06F2212/284 , G06F2212/305 , G06F2212/69 , G11C7/1072
摘要: In an embodiment, a first portion of a cache memory is associated with a first core. This first cache memory portion is of a distributed cache memory, and may be dynamically controlled to be one of a private cache memory for the first core and a shared cache memory shared by a plurality of cores (including the first core) according to an addressing mode, which itself is dynamically controllable. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,高速缓存存储器的第一部分与第一核心相关联。 该第一高速缓冲存储器部分是分布式高速缓存存储器,并且可以被动态地控制为根据寻址的第一核心的专用高速缓冲存储器和由多个核心(包括第一核心)共享的共享高速缓冲存储器之一 模式,其本身是动态可控的。 描述和要求保护其他实施例。
-
7.发明申请公开(公告)号:US20190228145A1
公开(公告)日:2019-07-25
申请号:US16370921
申请日:2019-03-30
申请人: Vedvyas Shanbhogue , Ravi Sahita , Abhishek Basak , Pradeep Pappachan , Utkarsh Kakaiya , Ravi Sahita , Rupin Vakharwala
发明人: Vedvyas Shanbhogue , Ravi Sahita , Abhishek Basak , Pradeep Pappachan , Utkarsh Kakaiya , Ravi Sahita , Rupin Vakharwala
摘要: Systems, methods, and apparatuses relating to performing an attachment of an input-output memory management unit (IOMMU) to a device, and a verification of the attachment. In one embodiment, a protocol and IOMMU extensions are used by a secure arbitration mode (SEAM) module and/or circuitry to determine if the IOMMU that is attached to the device requested to be mapped to a trusted domain.
-
8.发明授权System, apparatus, and method for transparent page level instruction translation 有权用于透明页面级指令转换的系统,设备和方法公开(公告)号:US09330020B2
公开(公告)日:2016-05-03
申请号:US14142309
申请日:2013-12-27
申请人: Paul Caprioli , Vedvyas Shanbhogue , Koichi Yamada
发明人: Paul Caprioli , Vedvyas Shanbhogue , Koichi Yamada
CPC分类号: G06F12/1027 , G06F12/1009
摘要: Detailed herein are systems, apparatuses, and methods for transparent page level instruction translation. Exemplary embodiments include an instruction translation lookaside buffer (iTLB), wherein each iTLB entry includes a linear address of a page in memory, a physical address of the page in memory, and a remapping indicator.
摘要翻译: 这里详细描述了用于透明页面级指令转换的系统,装置和方法。 示例性实施例包括指令转换后备缓冲器(iTLB),其中每个iTLB条目包括存储器中的页面的线性地址,存储器中的页面的物理地址以及重映射指示符。
-
公开(公告)号:US20140189326A1
公开(公告)日:2014-07-03
申请号:US13729371
申请日:2012-12-28
申请人: Rebekah Leslie , Carlos V. Rozas , Vincent R. Scarlata , Simon P. Johnson , Uday R. Savagaonkar , Barry E. Huntley , Vedvyas Shanbhogue , Ittai Anati , Francis X. Mckeen , Michael A. Goldsmith , Ilya Alexandrovich , Alex Berenzon , Wesley H. Smith
发明人: Rebekah Leslie , Carlos V. Rozas , Vincent R. Scarlata , Simon P. Johnson , Uday R. Savagaonkar , Barry E. Huntley , Vedvyas Shanbhogue , Ittai Anati , Francis X. Mckeen , Michael A. Goldsmith , Ilya Alexandrovich , Alex Berenzon , Wesley H. Smith
IPC分类号: G06F9/30
CPC分类号: G06F9/3004 , G06F9/30047 , G06F9/30076 , G06F9/44 , G06F12/084 , G06F12/0875 , G06F12/1483 , G06F2212/452
摘要: Embodiments of an invention for memory management in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first instruction and a second instruction. The execution unit is to execute the first instruction, wherein execution of the first instruction includes allocating a page in an enclave page cache to a secure enclave. The execution unit is also to execute the second instruction, wherein execution of the second instruction includes confirming the allocation of the page.
摘要翻译: 公开了用于安全飞行器中的存储器管理的发明的实施例。 在一个实施例中,处理器包括指令单元和执行单元。 指令单元接收第一指令和第二指令。 执行单元执行第一指令,其中第一指令的执行包括将飞地页面缓存中的页面分配到安全飞地。 执行单元还执行第二指令,其中第二指令的执行包括确认页的分配。
-
公开(公告)号:US20140189325A1
公开(公告)日:2014-07-03
申请号:US13729277
申请日:2012-12-28
申请人: Francis X. Mckeen , Michael A. Goldsmith , Barry E. Huntley , Simon P. Johnson , Rebekah Leslie , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Vedvyas Shanbhogue , Wesley H. Smith , Ittai Anati , Ilya Alexandrovich , Alex Berenzon
发明人: Francis X. Mckeen , Michael A. Goldsmith , Barry E. Huntley , Simon P. Johnson , Rebekah Leslie , Carlos V. Rozas , Uday R. Savagaonkar , Vincent R. Scarlata , Vedvyas Shanbhogue , Wesley H. Smith , Ittai Anati , Ilya Alexandrovich , Alex Berenzon
IPC分类号: G06F9/30
CPC分类号: G06F12/0804 , G06F9/30047 , G06F12/0875 , G06F12/1408 , G06F2212/1052 , G06F2212/402
摘要: Embodiments of an invention for paging in secure enclaves are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first instruction. The execution unit is to execute the first instruction, wherein execution of the first instruction includes evicting a first page from an enclave page cache.
摘要翻译: 公开了用于在安全飞行器中寻呼的发明的实施例。 在一个实施例中,处理器包括指令单元和执行单元。 指令单元接收第一条指令。 执行单元执行第一指令,其中第一指令的执行包括从飞地页面缓存中逐出第一页。
-
-
-
-
-
-
-
-
-
搜索结果
65 条记录 (耗时 0.035 秒)