发明名称 |
Method and apparatus for secure execution using a secure memory partition |
摘要 |
A processor capable of secure execution. The processor contains an execution unit and secure partition logic that secures a partition in memory. The processor also contains cryptographic logic coupled to the execution unit that encrypts and decrypts secure data and code. |
申请公布号 |
US9323954(B2) |
申请公布日期 |
2016.04.26 |
申请号 |
US201414583051 |
申请日期 |
2014.12.24 |
申请人 |
Intel Corporation |
发明人 |
Mittal Millind |
分类号 |
G06F21/72;G06F12/14;G06F21/60;G06F21/57 |
主分类号 |
G06F21/72 |
代理机构 |
Vecchia Patent Agent, LLC |
代理人 |
Vecchia Patent Agent, LLC |
主权项 |
1. A processor comprising:
a plurality of general purpose registers; cryptographic logic to encrypt and decrypt information, the cryptographic logic to support a Data Encryption Standard (DES) algorithm, a triple DES (3DES) algorithm, a Rivest-Shamir-Adleman (RSA) algorithm, and a Diffie Hellman algorithm; a plurality of memory partition registers to define a physical address range in a dynamic random access memory for use as a secure memory partition; secure partition enforcement logic coupled to the memory partition registers, the secure partition enforcement logic to selectively permit read or write access to the dynamic random access memory; an on-chip read only memory to store bootstrap security logic to copy code from a non-volatile memory device to the dynamic random access memory and to verify authenticity and integrity of the code; and a plurality of execution units coupled to the plurality of general purpose registers, the plurality of memory partition registers, the on-chip read only memory, the secure partition enforcement logic, and the cryptographic logic; wherein the processor is to execute the bootstrap security logic when booted up to enable a secure execution environment; and wherein the processor is to support a first security privilege level to execute security functions or services, a second security privilege level to execute third-party supplied security code, and access to virtual address spaces inside and outside a secure memory partition by code at the first security privilege level. |
地址 |
Santa Clara CA US |