主权项 |
1. A system comprising:
a modem; a display screen; a flash memory; a system memory, including a dynamic random access memory; a plurality of general purpose registers; cryptographic logic to encrypt and decrypt information, the cryptographic logic to support a Data Encryption Standard (DES) algorithm, a triple DES (3DES) algorithm, a Rivest-Shamir-Adleman (RSA) algorithm, and a Diffie Hellman algorithm; a plurality of memory partition registers to define a physical address range in the dynamic random access memory for use as a secure memory partition; secure partition enforcement logic coupled to the memory partition registers, the secure partition enforcement logic to selectively permit read or write access to the dynamic random access memory; an on-chip read only memory to store bootstrap security logic to copy code from a non-volatile memory device to the dynamic random access memory and to verify authenticity and integrity of the code; and a plurality of execution units coupled to the plurality of general purpose registers, the plurality of memory partition registers, the on-chip read only memory, the secure partition enforcement logic, and the cryptographic logic; wherein the system is to execute the bootstrap security logic when booted up to enable a secure execution environment; and wherein the system is to support a first security privilege level to execute security functions or services, a second security privilege level to execute third-party supplied security code, and access to virtual address spaces inside and outside a secure memory partition by code at the first security privilege level. |