Patent application number | Description | Published |
20090158015 | Uses of Known Good Code for Implementing Processor Architectural Modifications - In one embodiment, a processor comprises a programmable map and a circuit. The programmable map is configured to store data that identifies at least one instruction for which an architectural modification of an instruction set architecture implemented by the processor has been defined, wherein the processor does not implement the modification. The circuitry is configured to detect the instruction or its memory operands and cause a transition to Known Good Code (KGC), wherein the KGC is protected from unauthorized modification and is provided from an authenticated entity. The KGC comprises code that, when executed, emulates the modification. In another embodiment, an integrated circuit comprises at least one processor core; at least one other circuit; and a KGC source configured to supply KGC to the processor core for execution. The KGC comprises interface code for the other circuit whereby an application executing on the processor core interfaces to the other circuit through the KGC. | 06-18-2009 |
20090183245 | Limited Functionality Mode for Secure, Remote, Decoupled Computer Ownership - In one embodiment, a computer system comprises one or more components and a secure computing environment coupled to the components. The secure computing environment is configured to program at least one of the components to enter a limited functionality mode responsive to expiration of a use right to the computer system, wherein operation of the computer system in the limited functionality mode is reduced compared to operation when the use right has not expired. The secure computing environment is configured to monitor the components in the limited functionality mode to detect that a limited functionality mode configuration has been modified by an unauthorized entity and to cause the computer system to enter a second mode in which operation of the computer system is reduced compared to operation in the limited functionality mode in response. In another embodiment, the secure computing environment detects a non-temporal event that indicates a violation of an owner-imposed restriction and enters a limited functionality mode. | 07-16-2009 |
20100174890 | Known Good Code for On-Chip Device Management - In one embodiment, a processor comprises a programmable map and a circuit. The programmable map is configured to store data that identifies at least one instruction for which an architectural modification of an instruction set architecture implemented by the processor has been defined, wherein the processor does not implement the modification. The circuitry is configured to detect the instruction or its memory operands and cause a transition to Known Good Code (KGC), wherein the KGC is protected from unauthorized modification and is provided from an authenticated entity. The KGC comprises code that, when executed, emulates the modification. In another embodiment, an integrated circuit comprises at least one processor core; at least one other circuit; and a KGC source configured to supply KGC to the processor core for execution. The KGC comprises interface code for the other circuit whereby an application executing on the processor core interfaces to the other circuit through the KGC. | 07-08-2010 |
Patent application number | Description | Published |
20090193230 | COMPUTER SYSTEM INCLUDING A MAIN PROCESSOR AND A BOUND SECURITY COPROCESSOR - A computer system includes a main processor and a security control processor that is coupled to the main processor and configured to control and monitor an operational state of the main processor. To ensure the computer system may be trusted, the security control processor may be configured to hold the main processor in a slave mode during initialization of the security control processor such that the main processor is not operable to fetch and execute instructions from an instruction source external to the main processor, for example. In addition, the security control processor may be configured to initialize the operational state of the main processor to a predetermined state by transferring to the main processor via a control interface one or more instructions and to cause the main processor to execute the one or more instructions while the main processor is held in the slave mode. | 07-30-2009 |
20100011147 | Virtualizing an IOMMU - In one embodiment, a system comprises one or more input/output (I/O) devices; an I/O memory management unit (IOMMU) coupled to receive memory requests sourced by the I/O devices and configured to provide address translation for the memory requests; and a virtual machine monitor (VMM) configured to manage one or more virtual machines on the system, wherein the VMM is configured to virtualize the IOMMU, providing one or more virtual IOMMUs for use by one or more virtual machines. | 01-14-2010 |
20100095085 | DMA Address Translation in an IOMMU - In an embodiment, an input/output (I/O) memory management unit (IOMMU) comprises at least one memory configured to store translation data; and control logic coupled to the memory and configured to translate an I/O device-generated memory request using the translation data. The translation data corresponds to one or more device table entries in a device table stored in a memory system of a computer system that includes the IOMMU, wherein the device table entry for a given request is selected by an identifier corresponding to the I/O device that generates the request. The translation data further corresponds to one or more I/O page tables, wherein the selected device table entry for the given request includes a pointer to a set of I/O page tables to be used to translate the given request. | 04-15-2010 |
20100122062 | Using an IOMMU to Create Memory Archetypes - In one embodiment, an input/output (I/O) memory management unit (IOMMU) comprises at least one memory and control logic coupled to the memory. The memory is configured to store translation data corresponding to one or more I/O translation tables stored in a memory system of a computer system that includes the IOMMU. The control logic is configured to translate an I/O device-generated memory request using the translation data. The translation data includes a type field indicating one or more attributes of the translation, and the control logic is configured to control the translation responsive to the type field. | 05-13-2010 |