专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130326288A1 PROCESSOR THAT DETECTS WHEN SYSTEM MANAGEMENT MODE ATTEMPTS TO REACH PROGRAM CODE OUTSIDE OF PROTECTED SPACE 审中-公开
标题翻译：当系统管理模式尝试达到保护空间外的程序代码时，检测器的处理器
公开(公告)号：US20130326288A1
公开(公告)日：2013-12-05
申请号：US13997046
申请日：2011-12-31
申请人： Shamanna M. Datta , Rajesh S. Parathasarathy , Mahesh S. Natu , Frank Binns , Mohan J. Kumar
发明人： Shamanna M. Datta , Rajesh S. Parathasarathy , Mahesh S. Natu , Frank Binns , Mohan J. Kumar
IPC分类号： G06F11/07
CPC分类号： G06F11/0754 , G06F12/1441 , G06F21/52
摘要： A method is described that includes detecting that a memory access of system management mode program code is attempting to reach program code outside of a protected region of memory by comparing a target memory address of a memory access instruction of the system management program code again information that defines confines of the protection region. The method also includes raising an error signal in response to the detecting.
摘要翻译：描述了一种方法，其包括通过将系统管理程序代码的存储器访问指令的目标存储器地址再次比较来检测系统管理模式程序代码的存储器访问尝试到达存储器的受保护区域之外的程序代码，定义保护区域的范围。该方法还包括响应于检测而提高误差信号。

2. 发明授权

US09448867B2 Processor that detects when system management mode attempts to reach program code outside of protected space 有权
标题翻译：检测系统管理模式何时尝试到达受保护的空间之外的程序代码的处理器
公开(公告)号：US09448867B2
公开(公告)日：2016-09-20
申请号：US13997046
申请日：2011-12-31
申请人： Shamanna M. Datta , Rajesh S. Parathasarathy , Mahesh S. Natu , Frank Binns , Mohan J. Kumar
发明人： Shamanna M. Datta , Rajesh S. Parathasarathy , Mahesh S. Natu , Frank Binns , Mohan J. Kumar
IPC分类号： G06F11/00 , G06F11/07 , G06F12/14 , G06F21/52
CPC分类号： G06F11/0754 , G06F12/1441 , G06F21/52
摘要： A method is described that includes detecting that a memory access of system management mode program code is attempting to reach program code outside of a protected region of memory by comparing a target memory address of a memory access instruction of the system management program code again information that defines confines of the protection region. The method also includes raising an error signal in response to the detecting.
摘要翻译：描述了一种方法，其包括通过将系统管理程序代码的存储器访问指令的目标存储器地址再次比较来检测系统管理模式程序代码的存储器访问尝试到达存储器的受保护区域之外的程序代码，定义保护区域的范围。该方法还包括响应于检测而提高误差信号。

3. 发明申请

US20110055469A1 Providing State Storage In A Processor For System Management Mode 有权
标题翻译：在系统管理模式的处理器中提供状态存储
公开(公告)号：US20110055469A1
公开(公告)日：2011-03-03
申请号：US12550737
申请日：2009-08-31
申请人： Mahesh S. Natu , Thanunathan Rangarajan , Gautam B. Doshi , Shammanna M. Datta , Baskaran Ganesan , Mohan J. Kumar , Rajesh S. Parthasarathy , Frank Binns , Rajesh Nagaraja Murthy , Robert C. Swanson
发明人： Mahesh S. Natu , Thanunathan Rangarajan , Gautam B. Doshi , Shammanna M. Datta , Baskaran Ganesan , Mohan J. Kumar , Rajesh S. Parthasarathy , Frank Binns , Rajesh Nagaraja Murthy , Robert C. Swanson
IPC分类号： G06F12/06
CPC分类号： G06F13/24 , G06F9/30101 , G06F9/3017 , G06F9/30189 , G06F9/3851 , G06F9/461 , G11C7/1072 , G11C11/40615
摘要： In one embodiment, the present invention includes a processor that has an on-die storage such as a static random access memory to store an architectural state of one or more threads that are swapped out of architectural state storage of the processor on entry to a system management mode (SMM). In this way communication of this state information to a system management memory can be avoided, reducing latency associated with entry into SMM. Embodiments may also enable the processor to update a status of executing agents that are either in a long instruction flow or in a system management interrupt (SMI) blocked state, in order to provide an indication to agents inside the SMM. Other embodiments are described and claimed.
摘要翻译：在一个实施例中，本发明包括具有诸如静态随机存取存储器之类的片上存储器的处理器，用于存储在进入系统时从处理器的架构状态存储器交换的一个或多个线程的架构状态管理模式（SMM）。以这种方式，可以避免该状态信息与系统管理存储器的通信，减少与进入SMM相关联的延迟。实施例还可以使处理器更新处于长指令流或处于系统管理中断（SMI）阻塞状态中的执行代理的状态，以向SMM内的代理提供指示。描述和要求保护其他实施例。

4. 发明授权

US08578138B2 Enabling storage of active state in internal storage of processor rather than in SMRAM upon entry to system management mode 有权
标题翻译：在进入系统管理模式时，将活动状态存储在处理器的内部存储器中，而不是在SMRAM中
公开(公告)号：US08578138B2
公开(公告)日：2013-11-05
申请号：US12550737
申请日：2009-08-31
申请人： Mahesh S. Natu , Thanunathan Rangarajan , Gautam B. Doshi , Shammanna M. Datta , Baskaran Ganesan , Mohan J. Kumar , Rajesh S. Parthasarathy , Frank Binns , Rajesh Nagaraja Murthy , Robert C. Swanson
发明人： Mahesh S. Natu , Thanunathan Rangarajan , Gautam B. Doshi , Shammanna M. Datta , Baskaran Ganesan , Mohan J. Kumar , Rajesh S. Parthasarathy , Frank Binns , Rajesh Nagaraja Murthy , Robert C. Swanson
IPC分类号： G06F9/48
CPC分类号： G06F13/24 , G06F9/30101 , G06F9/3017 , G06F9/30189 , G06F9/3851 , G06F9/461 , G11C7/1072 , G11C11/40615
摘要： In one embodiment, the present invention includes a processor that has an on-die storage such as a static random access memory to store an architectural state of one or more threads that are swapped out of architectural state storage of the processor on entry to a system management mode (SMM). In this way communication of this state information to a system management memory can be avoided, reducing latency associated with entry into SMM. Embodiments may also enable the processor to update a status of executing agents that are either in a long instruction flow or in a system management interrupt (SMI) blocked state, in order to provide an indication to agents inside the SMM. Other embodiments are described and claimed.
摘要翻译：在一个实施例中，本发明包括具有诸如静态随机存取存储器之类的片上存储器的处理器，用于存储在进入系统时从处理器的架构状态存储器交换的一个或多个线程的架构状态管理模式（SMM）。以这种方式，可以避免该状态信息与系统管理存储器的通信，减少与进入SMM相关联的延迟。实施例还可以使处理器更新处于长指令流或处于系统管理中断（SMI）阻塞状态中的执行代理的状态，以向SMM内的代理提供指示。描述和要求保护其他实施例。

5. 发明授权

US09566158B2 Hardware protection of virtual machine monitor runtime integrity watcher 有权
标题翻译：虚拟机监控运行时完整性监视器的硬件保护
公开(公告)号：US09566158B2
公开(公告)日：2017-02-14
申请号：US13995742
申请日：2011-12-31
申请人： Shamanna M. Datta , Albert J. Munoz , Mahesh S. Natu , Scott T. Durrant
发明人： Shamanna M. Datta , Albert J. Munoz , Mahesh S. Natu , Scott T. Durrant
IPC分类号： G06F9/455 , A61F2/34 , A61B17/80 , A61F2/30 , A61B17/82 , A61B17/86 , A61F2/46
CPC分类号： A61F2/34 , A61B17/8066 , A61B17/82 , A61B17/866 , A61B17/8685 , A61F2/30734 , A61F2/30749 , A61F2/30771 , A61F2/30907 , A61F2/30965 , A61F2002/30011 , A61F2002/30169 , A61F2002/30189 , A61F2002/30326 , A61F2002/3038 , A61F2002/30387 , A61F2002/30449 , A61F2002/30462 , A61F2002/30471 , A61F2002/30474 , A61F2002/30507 , A61F2002/30538 , A61F2002/30578 , A61F2002/30579 , A61F2002/30611 , A61F2002/30617 , A61F2002/30736 , A61F2002/3082 , A61F2002/30841 , A61F2002/3092 , A61F2002/3096 , A61F2002/3412 , A61F2002/3429 , A61F2002/3441 , A61F2002/3448 , A61F2002/348 , A61F2002/3487 , A61F2002/4615 , A61F2002/4619 , G06F9/45533 , G06F9/45558 , G06F21/53 , G06F2009/45583 , G06F2221/2149
摘要： An apparatus and method for hardware protection of a virtual machine monitor (VMM) runtime integrity watcher is described. A set of one or more hardware range registers that protect a contiguous memory space that is to store the VMM runtime integrity watcher. The set of hardware range registers are to protect the VMM runtime integrity watcher from being modified when loaded into the contiguous memory space. The VMM runtime integrity watcher, when executed, performs an integrity check on a VMM during runtime of the VMM.
摘要翻译：描述了用于虚拟机监视器（VMM）运行时完整性监视器的硬件保护的装置和方法。一组一个或多个硬件范围寄存器，用于保护存储VMM运行时完整性监视器的连续内存空间。该组硬件范围寄存器用于保护VMM运行时完整性监视器在加载到连续的内存空间时被修改。 VMM运行时完整性观察器在执行时，在VMM的运行期间对VMM执行完整性检查。

6. 发明授权

US08812828B2 Methods and apparatuses for recovering usage of trusted platform module 有权
标题翻译：恢复信任平台模块使用的方法和装置
公开(公告)号：US08812828B2
公开(公告)日：2014-08-19
申请号：US12947218
申请日：2010-11-16
申请人： Shamanna M. Datta , Mahesh S. Natu
发明人： Shamanna M. Datta , Mahesh S. Natu
IPC分类号： G06F9/24 , G06F21/57 , G06F21/00 , G06F11/07
CPC分类号： G06F21/57 , G06F11/0793 , G06F21/00 , G06F21/575
摘要： Methods and systems to perform platform security in conjunction with hardware-base root of trust logic are presented. In one embodiment, a method includes determining whether a status from an authenticated code module is indicative of an error or not. The method further includes determining whether the hardware-based root of trust logic is enabled based on content in a non-volatile memory location. If the hardware-based root of trust is enabled and the status is indicative of an error, the method further includes writing to the non-volatile memory location to disable hardware-based root of trust logic during a next boot sequence. In one embodiment, a platform initializes and uses the trusted platform module in conjunction with the hardware-based root of trust logic or with a platform-based root of trust logic.
摘要翻译：提出了结合信任逻辑的硬件根本来执行平台安全性的方法和系统。在一个实施例中，一种方法包括确定来自认证代码模块的状态是否指示错误。该方法还包括基于非易失性存储器位置中的内容来确定信任逻辑的基于硬件的根是否被启用。如果启用了基于硬件的信任根，并且状态指示了错误，则该方法还包括在下一个引导序列期间写入非易失性存储器位置以禁用基于硬件的信任逻辑根。在一个实施例中，平台与基于硬件的信任逻辑根或基于平台的信任逻辑逻辑基础一起初始化并使用可信平台模块。

7. 发明申请

US20130275980A1 HARDWARE PROTECTION OF VIRTUAL MACHINE MONITOR RUNTIME INTEGRITY WATCHER 有权
标题翻译：虚拟机监控器的硬件保护运行完整性监视器
公开(公告)号：US20130275980A1
公开(公告)日：2013-10-17
申请号：US13995742
申请日：2011-06-08
申请人： Shamanna M. Datta , Albert J. Munoz , Mahesh S. Natu , Scott T. Durrant
发明人： Shamanna M. Datta , Albert J. Munoz , Mahesh S. Natu , Scott T. Durrant
IPC分类号： G06F9/455
CPC分类号： A61F2/34 , A61B17/8066 , A61B17/82 , A61B17/866 , A61B17/8685 , A61F2/30734 , A61F2/30749 , A61F2/30771 , A61F2/30907 , A61F2/30965 , A61F2002/30011 , A61F2002/30169 , A61F2002/30189 , A61F2002/30326 , A61F2002/3038 , A61F2002/30387 , A61F2002/30449 , A61F2002/30462 , A61F2002/30471 , A61F2002/30474 , A61F2002/30507 , A61F2002/30538 , A61F2002/30578 , A61F2002/30579 , A61F2002/30611 , A61F2002/30617 , A61F2002/30736 , A61F2002/3082 , A61F2002/30841 , A61F2002/3092 , A61F2002/3096 , A61F2002/3412 , A61F2002/3429 , A61F2002/3441 , A61F2002/3448 , A61F2002/348 , A61F2002/3487 , A61F2002/4615 , A61F2002/4619 , G06F9/45533 , G06F9/45558 , G06F21/53 , G06F2009/45583 , G06F2221/2149
摘要： An apparatus and method for hardware protection of a virtual machine monitor (VMM) runtime integrity watcher is described. A set of one or more hardware range registers that protect a contiguous memory space that is to store the VMM runtime integrity watcher. The set of hardware range registers are to protect the VMM runtime integrity watcher from being modified when loaded into the contiguous memory space. The VMM runtime integrity watcher, when executed, performs an integrity check on a VMM during runtime of the VMM.
摘要翻译：描述了用于虚拟机监视器（VMM）运行时完整性监视器的硬件保护的装置和方法。一组一个或多个硬件范围寄存器，用于保护存储VMM运行时完整性监视器的连续内存空间。该组硬件范围寄存器用于保护VMM运行时完整性监视器在加载到连续的内存空间时被修改。 VMM运行时完整性观察器在执行时，在VMM的运行期间对VMM执行完整性检查。

8. 发明申请

US20120124356A1 METHODS AND APPARATUSES FOR RECOVERING USAGE OF TRUSTED PLATFORM MODULE 有权
标题翻译：恢复使用信号平台模块的方法和设备
公开(公告)号：US20120124356A1
公开(公告)日：2012-05-17
申请号：US12947218
申请日：2010-11-16
申请人： Shamanna M. Datta , Mahesh S. Natu
发明人： Shamanna M. Datta , Mahesh S. Natu
IPC分类号： G06F9/24
CPC分类号： G06F21/57 , G06F11/0793 , G06F21/00 , G06F21/575
摘要： Methods and systems to perform platform security in conjunction with hardware-base root of trust logic are presented. In one embodiment, a method includes determining whether a status from an authenticated code module is indicative of an error or not. The method further includes determining whether the hardware-based root of trust logic is enabled based on content in a non-volatile memory location. If the hardware-based root of trust is enabled and the status is indicative of an error, the method further includes writing to the non-volatile memory location to disable hardware-based root of trust logic during a next boot sequence. In one embodiment, a platform initializes and uses the trusted platform module in conjunction with the hardware-based root of trust logic or with a platform-based root of trust logic.
摘要翻译：提出了结合信任逻辑的硬件根本来执行平台安全性的方法和系统。在一个实施例中，一种方法包括确定来自认证代码模块的状态是否指示错误。该方法还包括基于非易失性存储器位置中的内容来确定信任逻辑的基于硬件的根是否被启用。如果启用了基于硬件的信任根，并且状态指示了错误，则该方法还包括在下一个引导序列期间写入非易失性存储器位置以禁用基于硬件的信任逻辑根。在一个实施例中，平台与基于硬件的信任逻辑根或基于平台的信任逻辑逻辑基础一起初始化并使用可信平台模块。

9. 发明授权

US07246224B2 System and method to enable platform personality migration 有权
标题翻译：系统和方法，实现平台人格迁移
公开(公告)号：US07246224B2
公开(公告)日：2007-07-17
申请号：US10951277
申请日：2004-09-27
申请人： Michael A. Rothman , Robert P. Hale , John P. Lambino , Mahesh S. Natu , Vincent J. Zimmer , Mohan J. Kumar
发明人： Michael A. Rothman , Robert P. Hale , John P. Lambino , Mahesh S. Natu , Vincent J. Zimmer , Mohan J. Kumar
IPC分类号： G06F15/177
CPC分类号： G06F9/4451 , Y10S707/99943
摘要： An embodiment of the present invention relates generally to computer configuration and, more specifically, to a system and method to seamlessly determine the component configurations of a series of heterogeneous platforms and enable their respective component configurations to be intelligently migrated from one platform to another. In some embodiments, the invention involves generating configuration binaries for a plurality of target platforms. The configuration binaries are used with tools to create configuration directives for the target machines. In at least one embodiment, the configuration directives are sent to the target platforms in a scripting language. In some embodiments, the scripts are automatically generated by a tool using the configuration binaries for various platforms and policy guidance to determine which settings should be set on or off. Other embodiments are described and claimed.
摘要翻译：本发明的实施例一般涉及计算机配置，更具体地，涉及无缝地确定一系列异构平台的组件配置并且使得它们各自的组件配置能够从一个平台被智能迁移到另一个平台的系统和方法。在一些实施例中，本发明涉及为多个目标平台生成配置二进制文件。配置二进制文件与工具一起使用，以创建目标计算机的配置指令。在至少一个实施例中，配置指令以脚本语言发送到目标平台。在一些实施例中，脚本由工具自动生成，使用各种平台的配置二进制文件和策略指导来确定哪些设置应被设置为开或关。描述和要求保护其他实施例。

10. 发明申请

US20150381368A1 TECHNOLOGIES FOR SECURE OFFLINE ACTIVATION OF HARDWARE FEATURES 审中-公开
标题翻译：硬件特性的离线激活技术
公开(公告)号：US20150381368A1
公开(公告)日：2015-12-31
申请号：US14318278
申请日：2014-06-27
申请人： William A. Stevens, JR. , Alberto J. Martinez , Mukesh Kataria , Purushottam Goel , Tim Abels , Mahesh S. Natu
发明人： William A. Stevens, JR. , Alberto J. Martinez , Mukesh Kataria , Purushottam Goel , Tim Abels , Mahesh S. Natu
IPC分类号： H04L9/32 , G06Q30/04 , G06F9/44
CPC分类号： G06Q30/04 , G06F21/44 , G06F21/629 , G06F21/82 , H04L63/0876 , H04L63/126
摘要： Technologies for secure offline activation of hardware features include a target computing device having a platform controller hub (PCH) including a converged security and manageability engine (CSME) and a number of in-field programmable fuses (IFPs). During assembly of the target computing device by an original equipment manufacturer (OEM), the CSME is provided a list of hardware features to be activated. The CSME configures the IFPs to enable the requested features, generates a digital receipt including the activated features and a unique device ID, and signs the receipt using a unique device key. Signed receipts may be periodically submitted to a vendor computing device, which verifies the signed receipts, extracts the active feature list, and bills the OEM for activated features of the PCHs. The vendor computing device may bill the OEM a maximum price for PCHs for which there is no associated signed receipt. Other embodiments are described and claimed.
摘要翻译：用于硬件特征的安全离线激活的技术包括具有包括融合安全性和可管理性引擎（CSME）的平台控制器集线器（PCH）以及多个现场可编程保险丝（IFP））的目标计算设备。在由原始设备制造商（OEM）组装目标计算设备的过程中，CSME提供要激活的硬件功能的列表。 CSME配置IFP以启用所请求的功能，生成包含激活的功能和唯一设备ID的数字收据，并使用唯一的设备密钥对收据进行签名。签署的收据可以定期地提交给供应商计算设备，该设备验证签署的收据，提取活动的特征列表，并为OEM的PCH的激活特征收费。供应商计算设备可以向OEM收取没有相关签名收据的PCH的最高价格。描述和要求保护其他实施例。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式