Patent application number | Description | Published |
20080209578 | Protecting system management mode (SMM) spaces against cache attacks - A computing system may comprise a processor and a memory controller hub coupled by an external bus such as the front side bus. The processor may also comprise a cache. The processor may operate in SMM and the memory coupled to the memory controller hub may comprise SMM spaces such as compatible, HSEG, and TSEG areas. A software-based attack may write malicious instructions into the cache at an address corresponding to the SMM spaces. The illegal processor memory accesses that occur entirely inside the processor caches due to the cache attack may be forced to occur on the external bus. The memory controller hub may be capable of handling the memory accesses occurring on the external bus thus, protecting the SMM spaces against cache attack. | 08-28-2008 |
20120072734 | PLATFORM FIRMWARE ARMORING TECHNOLOGY - A method, apparatus, method, machine-readable medium, and system are disclosed. In one embodiment the method includes is a processor. The processor includes switching a platform firmware update mechanism located in a computer platform to a platform firmware armoring technology (PFAT) mode on a boot of the computer platform. The computer platform includes a platform firmware storage location that stores a platform firmware. The method then persistently locks the platform firmware storage location in response to the platform firmware update mechanism switching to the PFAT mode. When persistently locked, writes are only allowed to the platform firmware storage location by an Authenticated Code Module in the running platform and only after a platform firmware update mechanism unlocking procedure. | 03-22-2012 |
20120167205 | RUNTIME PLATFORM FIRMWARE VERIFICATION - Embodiments of the invention are directed towards logic and/or modules stored in processor secure storage to determine whether a first platform firmware image (e.g., basic input/output system (BIOS), device read-only memory (ROM), manageability engine firmware) loaded onto a processor cache is valid. The processor executes the first platform firmware image if it is determined to be valid. If the first platform image is determined to be invalid, a second platform firmware image is located. If this platform firmware image is determined to be valid, the processor will execute said second platform image. | 06-28-2012 |
20130002398 | Apparatus, System, and Method for Providing Attribute Identity Control Associated with a Processor - Described herein are an apparatus, system, and method for attribute identity control in a processor. The apparatus comprises a logic unit including a radio-frequency identification (RFID) tag comprising a non-volatile memory; and a processor operable to access the non-volatile memory, wherein the non-volatile memory for storing an attribute identity associated with a group of processors, the attribute identity being different from an identity of the processor. | 01-03-2013 |
20130159579 | VIRTUALIZING INTERRUPT PRIORITY AND DELIVERY - Embodiments of processors, methods, and systems for virtualizing interrupt prioritization and delivery are disclosed. In one embodiment, a processor includes instruction hardware and execution hardware. The instruction hardware is to receive a plurality of instructions, including a first instruction to transfer the processor from a root mode to a non-root mode for executing guest software in a virtual machine, wherein the processor is to return to the root mode upon the detection of any of a plurality of virtual machine exit events. The execution hardware is to execute the first instruction, execution of the first instruction to include determining a first virtual processor-priority value and storing the first virtual processor-priority value in a virtual copy of a processor-priority field, where the virtual copy of the processor-priority field is a virtual resource corresponding to a physical resource associated with an interrupt controller. | 06-20-2013 |
20130219191 | PLATFORM FIRMWARE ARMORING TECHNOLOGY - A method, apparatus, machine-readable medium, and system are disclosed. In one embodiment the method includes a processor. The processor includes switching a platform firmware update mechanism located in a computer platform to a platform firmware armoring technology (PFAT) mode on a boot of the computer platform. The computer platform includes a platform firmware storage location that stores a platform firmware. The method then persistently locks the platform firmware storage location in response to the platform firmware update mechanism switching to the PFAT mode. When persistently locked, writes are only allowed to the platform firmware storage location by an Authenticated Code Module in the running platform and only after a platform firmware update mechanism unlocking procedure. | 08-22-2013 |
20130262877 | APPARATUS, SYSTEM, AND METHOD FOR PROVIDING MEMORY ACCESS CONTROL - Described herein are apparatus, system, and method for providing memory access control to protect software (e.g., firmware backup) and other data. The method comprises providing, by a processor, a protected storage area in a memory for storing backup image of software; detecting corruption in the software; accessing the backup image of the software from the protected storage area; and updating the corrupted software using the backup image, wherein the protected storage area is a reserved storage area of the memory. | 10-03-2013 |
20150058510 | VIRTUALIZING INTERRUPT PRIORITY AND DELIVERY - Embodiments of processors, methods, and systems for virtualizing interrupt prioritization and delivery are disclosed. In one embodiment, a processor includes instruction hardware and execution hardware. The instruction hardware is to receive a plurality of instructions, including a first instruction to transfer the processor from a root mode to a non-root mode for executing guest software in a virtual machine, wherein the processor is to return to the root mode upon the detection of any of a plurality of virtual machine exit events. The execution hardware is to execute the first instruction, execution of the first instruction to include determining a first virtual processor-priority value and storing the first virtual processor-priority value in a virtual copy of a processor-priority field, where the virtual copy of the processor-priority field is a virtual resource corresponding to a physical resource associated with an interrupt controller. | 02-26-2015 |