| Patent application number | Description | Published |
|---|
| 20090089566 | SUPPORTING ADVANCED RAS FEATURES IN A SECURED COMPUTING SYSTEM - Systems and methods for enabling Reliability, Availability & Serviceability features after launching a secure environment under the control of LaGrande Technology (LT), or comparable security technology, without compromising security are provided. In one embodiment, the method comprises adding at least one specific capability to a processor to enable at least one of CPU hot-plug, CPU migration, CPU hot removal and capacity on demand. | 04-02-2009 |
| 20090172372 | METHODS AND APPARATUS FOR GENERATING SYSTEM MANAGEMENT INTERRUPTS - A method includes determining a plurality of memory addresses, each memory address being different from one another. The method further includes generating a plurality of system management interrupt interprocessor interrupts, each system management interrupt interprocessor interrupt having a corresponding processor in a plurality of processors in a system and each system management interrupt interprocessor interrupt including one of the plurality of memory addresses. The method further includes directing each system management interrupt interprocessor interrupt to the corresponding processor. An associated machine readable medium is also disclosed. | 07-02-2009 |
| 20090172639 | FIRMWARE INTEGRITY VERIFICATION - In some embodiments, the integrity of firmware stored in a non-volatile memory is verified prior to initiation of a firmware reset vector. Other embodiments are described and claimed. | 07-02-2009 |
| 20090172806 | SECURITY MANAGEMENT IN MULTI-NODE, MULTI-PROCESSOR PLATFORMS - Multi-node and multi-processor security management is described in this application. Data may be secured in a TPM of any one of a plurality of nodes, each node including one or more processors. The secured data may be protected using hardware hooks to prevent unauthorized access to the secured information. Security hierarchy may be put in place to protect certain memory addresses from access by requiring permission by VMM, OS, ACM or processor hardware. The presence of secured data may be communicated to each of the nodes to ensure that data is protected. Other embodiments are described. | 07-02-2009 |
| Patent application number | Description | Published |
|---|
| 20090172385 | ENABLING SYSTEM MANAGEMENT MODE IN A SECURE SYSTEM - Apparatuses, methods, and systems for enabling system management mode in a secure system are disclosed. In one embodiment, a processor includes sub-operating-system mode logic, virtual machine logic, and control logic. The sub-operating-system mode logic is to support a sub-operating-system mode. The virtual machine logic is to support virtualization. The control logic is to prevent virtualization from being enabled when the sub-operating-system mode is disabled. | 07-02-2009 |
| 20090249050 | SYSTEM AND METHOD FOR ESTABLISHING A TRUST DOMAIN ON A COMPUTER PLATFORM - Embodiments of the invention provide systems and methods associated with a measurement engine in a server platform. In one such embodiment of the invention, the measurement engine hardware verifies/authenticates its own firmware and then system initialization firmware by measuring such firmware and storing measurement results in a register that is not spoofable by malicious code. In this instance, the measurement engine holds the host CPU complex in a reset state until the measurement engine has verified the system initialization firmware. In another such embodiment of the invention, the measurement engine hardware also measures firmware associated with one or more system service processors and stores such measurement results in a register. In this case, the measurement engine holds the system service processors and the host CPU complex in reset until the measurements are completed. Other embodiments are described. | 10-01-2009 |
| 20110161676 | ENTERING A SECURED COMPUTING ENVIRONMENT USING MULTIPLE AUTHENTICATED CODE MODULES - Systems, apparatuses, and methods, and for entering a secured system environment using multiple authenticated code modules are disclosed. In one embodiment, a processor includes a decoder and control logic. The decoder is to decode a secured enter instruction. The control logic is to find an entry corresponding to the processor in a match table in a master authenticated code module and to read a master header and an individual authenticated code module from the master authenticated code module in response to decoding the secured enter instruction. | 06-30-2011 |
