公开(公告)号：WO2018063727A1

公开(公告)日：2018-04-05

申请号：PCT/US2017/049499

申请日：2017-08-30

Applicant: INTEL CORPORATION

Inventor： SULTANA, Salmin ,  BRATANOV, Stanislav ,  DURHAM, David M. ,  STRONG, Beeman C.

IPC: G06F21/54 ,  G06F21/51

Abstract: One embodiment provides an apparatus. The apparatus includes collector circuitry to capture processor trace (PT) data from a PT driver. The PT data includes a first target instruction pointer (TIP) packet including a first runtime target address of an indirect branch instruction of an executing target application. The apparatus further includes decoder circuitry to extract the first TIP packet from the PT data and to decode the first TIP packet to yield the first runtime target address. The apparatus further includes control flow validator circuitry to determine whether a control flow transfer to the first runtime target address corresponds to a control flow violation based, at least in part, on a control flow graph (CFG). The CFG including a plurality of nodes, each node including a start address of a first basic block, an end address of the first basic block and a next possible address of a second basic block or a not found tag.

Abstract translation: 一个实施例提供了一种装置。 该设备包括收集器电路以从PT驱动器捕获处理器追踪（PT）数据。 PT数据包括第一目标指令指针（TIP）分组，其包括执行目标应用的间接分支指令的第一运行时目标地址。 该设备还包括解码器电路，用于从PT数据提取第一TIP分组并解码第一TIP分组以产生第一运行时目标地址。 该设备还包括控制流确认器电路，用于至少部分地基于控制流图（CFG）来确定到第一运行时间目标地址的控制流转移是否对应于控制流违例。 CFG包括多个节点，每个节点包括第一基本块的起始地址，第一基本块的结束地址和第二基本块的下一个可能地址或未找到的标签。

公开(公告)号：WO2018031212A1

公开(公告)日：2018-02-15

申请号：PCT/US2017/043024

申请日：2017-07-20

Applicant: INTEL CORPORATION

Inventor： DURHAM, David M. ,  SAHITA, Ravi L. ,  HUNTLEY, Barry E. ,  DESHPANDE, Nikhil M.

IPC: H04L9/32 ,  H04L9/08 ,  H04L29/06 ,  H04L29/08

CPC classification number: G06F21/6245 ,  G06F21/53 ,  H04L9/08 ,  H04L9/0894 ,  H04L9/3236 ,  H04L63/06

Abstract: A method, system, computer-readable media, and apparatus for ensuring a secure cloud environment is provided, where public cloud services providers can remove their code from the Trusted Computing Base (TCB) of their cloud services consumers. The method for ensuring a secure cloud environment keeps the Virtual Machine Monitor (VMM), devices, firmware and the physical adversary (where a bad administrator/technician attempts to directly access the cloud host hardware) outside of a consumer's Virtual Machine (VM) TCB. Only the consumer that owns this secure VM can modify the VM or access contents of the VM (as determined by the consumer).

Abstract translation: 提供了用于确保安全云环境的方法，系统，计算机可读介质和装置，其中公共云服务提供商可以从其云服务的可信计算库（TCB）中移除他们的代码 消费者。 确保安全云环境的方法使消费者的虚拟机（VM）TCB之外的虚拟机监视器（VMM），设备，固件和物理对手（坏的管理员/技术人员试图直接访问云主机硬件的地方） 。 只有拥有该安全虚拟机的消费者可以修改虚拟机或访问虚拟机的内容（由用户决定）。

公开(公告)号：WO2017058463A1

公开(公告)日：2017-04-06

申请号：PCT/US2016/050093

申请日：2016-09-02

Applicant: INTEL CORPORATION

Inventor： DURHAM, David M. ,  LEMAY, Michael ,  LONG, Men

IPC: G06F12/10

CPC classification number: G06F12/1027 ,  G06F9/3005 ,  G06F12/1408 ,  G06F12/1475 ,  G06F2212/402 ,  G06F2212/50

Abstract: Technologies for execute only transactional memory include a computing device with a processor and a memory. The processor includes an instruction translation lookaside buffer (iTLB) and a data translation lookaside buffer (dTLB). In response to a page miss, the processor determines whether a page physical address is within an execute only transactional (XOT) range of the memory. If within the XOT range, the processor may populate the iTLB with the page physical address and prevent the dTLB from being populated with the page physical address. In response to an asynchronous change of control flow such as an interrupt, the processor determines whether a last iTLB translation is within the XOT range. If within the XOT range, the processor clears or otherwise secures the processor register state. The processor ensures that an XOT range starts execution at an authorized entry point. Other embodiments are described and claimed.

Abstract translation: 仅用于执行事务性存储器的技术包括具有处理器和存储器的计算设备。 处理器包括指令转换后备缓冲器（iTLB）和数据转换后备缓冲器（dTLB）。 响应于页面未命中，处理器确定页面物理地址是否在存储器的仅执行事务（XOT）范围内。 如果在XOT范围内，处理器可以使用页面物理地址填充iTLB，并防止dTLB填充页面物理地址。 响应于诸如中断的控制流的异步改变，处理器确定最后的iTLB转换是否在XOT范围内。 如果在XOT范围内，处理器将清除或以其他方式保护处理器寄存器状态。 处理器确保XOT范围在授权的入口点开始执行。 描述和要求保护其他实施例。

公开(公告)号：WO2016160119A1

公开(公告)日：2016-10-06

申请号：PCT/US2016/016355

申请日：2016-02-03

Applicant: INTEL CORPORATION

Inventor： LEMAY, Michael ,  DURHAM, David M. ,  LONG, Men

IPC: G06F21/56 ,  G06F12/10

CPC classification number: G06F21/567 ,  G06F12/0802 ,  G06F12/1009 ,  G06F21/564

Abstract: Memory scanning methods and apparatus are disclosed. An example apparatus includes a walker to traverse a paging structure of an address translation system; a bit analyzer to determine whether a bit associated with an entry of the paging structure is indicative of the entry being recently accessed; an address identifier to, when the bit analyzer determines that the bit associated with the entry of the paging structure is indicative of the entry being recently accessed, determine an address associated with the entry; and an outputter to provide the determined address to a memory scanner.

Abstract translation: 公开了存储器扫描方法和装置。 示例性装置包括：行走者，用于遍历地址转换系统的寻呼结构; 位分析器，用于确定与所述寻呼结构的条目相关联的位是否指示最近访问的条目; 地址标识符，当位分析器确定与寻呼结构的条目相关联的位指示最近被访问的条目时，确定与条目相关联的地址; 以及输出器，用于将确定的地址提供给存储器扫描器。

公开(公告)号：WO2013039476A1

公开(公告)日：2013-03-21

申请号：PCT/US2011/051261

申请日：2011-09-12

Applicant: INTEL CORPORATION ,  DEWAN, Prashant ,  DURHAM, David M. ,  KANG, Xiaozhu ,  GREWAL, Karanvir S.

Inventor： DEWAN, Prashant ,  DURHAM, David M. ,  KANG, Xiaozhu ,  GREWAL, Karanvir S.

IPC: H04L9/32 ,  H04N21/4415 ,  G06K9/78

CPC classification number: H04L9/3231 ,  G06F21/32 ,  G06F21/6209 ,  G06F2221/2109 ,  H04L9/0825 ,  H04L63/045 ,  H04L63/0861

Abstract: A method and device for securely sharing images across untrusted channels includes downloading an encrypted image from a remote server to a computing device. The encrypted image may be encrypted at the time of uploading by another user. The current user of the computing device is authenticated using a facial recognition procedure. If the current user is authenticated and is determined to be authorized to view the decrypted image, the encrypted image is decrypted and displayed to the user. If the user becomes unauthenticated (e.g., the user leaves the computing device or another user replaces the current user), the encrypted image is displayed in place of the encrypted image such that the decrypted image is displayed only for authorized persons physically present at the computing device.

Abstract translation: 一种用于在不信任信道上安全地共享图像的方法和设备包括将加密图像从远程服务器下载到计算设备。 加密图像可以在其他用户上传时被加密。 使用面部识别程序认证计算设备的当前用户。 如果当前用户被认证并被确定被授权以查看解密的图像，则加密的图像被解密并显示给用户。 如果用户变得未认证（例如，用户离开计算设备或另一用户替换当前用户），则加密图像被代替加密图像被显示，使得解密的图像仅针对被计算的物理存在的授权人员显示 设备。

公开(公告)号：WO2013002789A1

公开(公告)日：2013-01-03

申请号：PCT/US2011/042413

申请日：2011-06-29

Applicant: INTEL CORPORATION ,  GUERON, Shay ,  SAVAGAONKAR, Uday ,  MCKEEN, Francis X. ,  ROZAS, Carlos V. ,  DURHAM, David M. ,  DOWECK, Jacob ,  MULLA, Ofir ,  ANATI, Ittai ,  GREENFIELD, Zvika ,  MAOR, Moshe

Inventor： GUERON, Shay ,  SAVAGAONKAR, Uday ,  MCKEEN, Francis X. ,  ROZAS, Carlos V. ,  DURHAM, David M. ,  DOWECK, Jacob ,  MULLA, Ofir ,  ANATI, Ittai ,  GREENFIELD, Zvika ,  MAOR, Moshe

IPC: G06F21/24 ,  G06F21/02 ,  G06F12/14

CPC classification number: G06F21/72 ,  G06F12/1408 ,  G06F21/00 ,  G06F21/64 ,  H04L9/0637 ,  H04L9/3242

Abstract: A method and apparatus to provide cryptographic integrity checks and replay protection to protect against hardware attacks on system memory is provided. A mode of operation for block ciphers enhances the standard XTS-AES mode of operation to perform memory encryption by extending a tweak to include a "time stamp" indicator. A tree-based replay protection scheme uses standard XTS-AES to encrypt contents of a cache line in the system memory. A Message-Authentication Code (MAC) for the cache line is encrypted using enhanced XTS-AES and a "time stamp" indicator associated with the cache line. The "time stamp indicator" is stored in a processor.

Abstract translation: 提供了一种提供加密完整性检查和重放保护以防止对系统存储器的硬件​​攻击的方法和装置。 分组密码的操作模式增强了标准的XTS-AES操作模式，通过扩展调整以包括“时间戳”指示符来执行存储器加密。 基于树的重放保护方案使用标准的XTS-AES来加密系统内存中的高速缓存行的内容。 高速缓存行的消息认证码（MAC）使用增强型XTS-AES和与高速缓存行相关联的“时间戳”指示符进行加密。 “时间戳指示符”存储在处理器中。

公开(公告)号：WO2019066918A1

公开(公告)日：2019-04-04

申请号：PCT/US2017/054383

申请日：2017-09-29

Applicant: INTEL CORPORATION

Inventor： DURHAM, David M. ,  SAHITA, Ravi ,  SHANBHOGUE, Vedvyas ,  HUNTLEY, Barry E. ,  PATEL, Baiju V. ,  GERZON, Gideon ,  SCHOINAS, Ioannis T. ,  KHOSRAVI, Hormuzd M. ,  CHHABRA, Siddhartha ,  ROZAS, Carlos V.

IPC: G06F21/60 ,  G06F21/62 ,  H04L9/08 ,  H04L9/06

Abstract: There is disclosed a microprocessor, including : a processing core; and a total memory encryption (TME) engine to provide TME for a first trust domain (TD), and further to: allocate a block of physical memory to the first TD and a first cryptographic key to the first TD; map within an extended page table (EPT) a host physical address (HPA) space to a guest physical address (GPA) space of the TD; create a memory ownership table (MOT) entry for a memory page within the block of physical memory, wherein the MOT table comprises a GPA reverse mapping; encrypt the MOT entry using the first cryptographic key; and append to the MOT entry verification data, wherein the MOT entry verification data enables detection of an attack on the MOT entry.

公开(公告)号：WO2017105758A1

公开(公告)日：2017-06-22

申请号：PCT/US2016/062575

申请日：2016-11-17

Applicant: INTEL CORPORATION

Inventor： NEIGER, Gilbert ,  ANDERSON, Andrew V. ,  UHLIG, Richard A. ,  DURHAM, David M. ,  SINGHAL, Ronak ,  WU, Xiangbin ,  KOTTAPALLI, Sailesh

IPC: G06F11/30

CPC classification number: G06F11/3466 ,  G06F3/0604 ,  G06F3/0644 ,  G06F3/0673 ,  G06F11/3024 ,  G06F13/24

Abstract: Embodiments of an invention for monitoring the operation of a processor are disclosed. In one embodiment, a system includes a processor and a hardware agent external to the processor. The processor includes virtualization logic to provide for the processor to operate in a root mode and in a non-root mode. The hardware agent is to verify operation of the processor in the non-root mode based on tracing information to be collected by a software agent to be executed by the processor in the root mode.

Abstract translation: 公开了用于监视处理器的操作的发明的实施例。 在一个实施例中，系统包括处理器和处理器外部的硬件代理。 处理器包括虚拟化逻辑以提供处理器以根模式和非根模式操作。 硬件代理是基于由根处理器执行的软件代理收集的跟踪信息来验证处于非根模式的处理器的操作。

公开(公告)号：WO2014084914A1

公开(公告)日：2014-06-05

申请号：PCT/US2013/048036

申请日：2013-06-27

Applicant: INTEL CORPORATION

Inventor： DEWAN, Prashant ,  SAVAGAONKAR, Uday R. ,  DURHAM, David M. ,  SCHMITZ, Paul S. ,  MARTIN, Jason ,  GOLDSMITH, Michael A. ,  SAHITA, Ravi ,  MCKEEN, Francis X. ,  ROZAS, Carlos V. ,  VEMBU, Balaji ,  SCOTT, Janus ,  STRONGIN, Geoffrey S. ,  KANG, Xiaozhu ,  GREWAL, Karanvir S. ,  CHHABRA, Siddhartha ,  TRIVEDI, Alpa T. Narendra

IPC: G06F21/50

CPC classification number: G06F21/64 ,  G06F21/53 ,  G06F21/56

Abstract: In accordance with some embodiments, a protected execution environment may be defined for a graphics processing unit. This framework not only protects the workloads from malware running on the graphics processing unit but also protects those workloads from malware running on the central processing unit. In addition, the trust framework may facilitate proof of secure execution by measuring the code and data structures used to execute the workload. If a part of the trusted computing base of this framework or protected execution environment is compromised, that part can be patched remotely and the patching can be proven remotely throughout attestation in some embodiments.

Abstract translation: 根据一些实施例，可以为图形处理单元定义受保护的执行环境。 该框架不仅保护了图形处理单元上运行的恶意软件的工作负载，还保护了这些工作负载免受中央处理单元上运行的恶意软件。 此外，信任框架可以通过测量用于执行工作负载的代码和数据结构来促进安全执行的证明。 如果该框架或受保护的执行环境的可信计算基础的一部分受到损害，那么该部分可以被远程修补，并且在一些实施例中可以通过证明来远程验证修补。

公开(公告)号：WO2013101188A1

公开(公告)日：2013-07-04

申请号：PCT/US2011/068118

申请日：2011-12-30

Applicant: INTEL CORPORATION ,  SAHITA, Ravi L. ,  RASHEED, Yasser ,  SHANBHOGUE, Vedvyas ,  DURHAM, David M. ,  ROBINSON, Scott H. ,  SCHMITZ, Paul S.

Inventor： SAHITA, Ravi L. ,  RASHEED, Yasser ,  SHANBHOGUE, Vedvyas ,  DURHAM, David M. ,  ROBINSON, Scott H. ,  SCHMITZ, Paul S.

IPC: G06F21/22 ,  G06F21/20

CPC classification number: G06F12/10 ,  G06F21/554 ,  G06F21/6227 ,  G06F2212/251 ,  G06F2221/034

Abstract: Embodiments of apparatuses and methods for memory event notification are disclosed. In one embodiment, a processor includes address translation hardware and memory event hardware. The address translation hardware is to support translation of a first address, used by software to access a memory, to a second address, used by the processor to access the memory. The memory event hardware is to detect an access to a registered portion of memory.

Abstract translation: 公开了用于存储器事件通知的装置和方法的实施例。 在一个实施例中，处理器包括地址转换硬件和存储器事件硬件。 地址转换硬件是支持由软件使用的访问存储器的第一地址到由处理器使用以访问存储器的第二地址的翻译。 存储器事件硬件是检测对存储器的注册部分的访问。