-
公开(公告)号:SG11202105427YA
公开(公告)日:2021-06-29
申请号:SG11202105427Y
申请日:2020-02-17
Applicant: IBM
Inventor: BUENDGEN REINHARD , BORNTRAEGER CHRISTIAN , BRADBURY JONATHAN , BUSABA FADI , HELLER LISA , MIHAJLOVSKI VIKTOR
Abstract: Secure processing within a computing environment is provided by incrementally decrypting a secure operating system image, including receiving, for a page of the secure operating system image, a page address and a tweak value used during encryption of the page. Processing determines that the tweak value has not previously been used during decryption of another page of the secure operating system image, and decrypts memory page content at the page address using an image encryption key and the tweak value to facilitate obtaining a decrypted secure operating system image. Further, integrity of the secure operating system image is verified, and based on verifying integrity of the secure operating system image, execution of the decrypted secure operating system image is started.
-
12.发明专利
公开(公告)号:AU2020237597A1
公开(公告)日:2021-06-10
申请号:AU2020237597
申请日:2020-02-28
Applicant: IBM
Inventor: BORNTRAEGER CHRISTIAN , IMBRENDA CLAUDIO , BUSABA FADI , BRADBURY JONATHAN , HELLER LISA
Abstract: A method is provided by a secure interface control of a computer that provides a partial instruction interpretation for an instruction which enables an interruption. The secure interface control fetches a program status word or a control register value from a secure guest storage. The secure interface control notifies an untrusted entity of guest interruption mask updates. The untrusted entity is executed on and in communication with hardware of the computer through the secure interface control to support operations of a secure entity executing on the untrusted entity. The secure interface control receives, from the untrusted entity, a request to present a highest priority, enabled guest interruption in response to the notifying of the guest interruption mask updates. The secure interface control moves interruption information into a guest prefix page and injecting the interruption in the secure entity when an injection of the interruption is determined to be valid.
-
公开(公告)号:AU2022287210B2
公开(公告)日:2024-12-12
申请号:AU2022287210
申请日:2022-05-31
Applicant: IBM
Inventor: GIAMEI BRUCE , SLEGEL TIMOTHY , BORNTRAEGER CHRISTIAN , OSISEK DAMIAN , HELLER LISA , GAERTNER UTE , YOST CHRISTINE , TZORTZATOS ELPIDA
IPC: G06F12/1009 , G06F12/1027 , G06F12/14
Abstract: An instruction is provided to perform a reset address translation protection operation when executed. Executing the instruction includes determining, by a processor, that an address translation protection bit in a specified translation table entry associated with a storage block is to be reset. Based on determining that the address translation protection bit is to be reset, executing the instruction includes resetting the address translation protection bit to deactivate write protection for the storage block. The resetting is absent waiting for an action by one or more other processors of the computing environment.
-
公开(公告)号:MX2023013910A
公开(公告)日:2023-12-08
申请号:MX2023013910
申请日:2022-05-31
Applicant: IBM
Inventor: HELLER LISA , SLEGEL TIMOTHY , BORNTRAEGER CHRISTIAN , GIAMEI BRUCE , OSISEK DAMIAN , GAERTNER UTE , YOST CHRISTINE , TZORTZATOS ELPIDA
IPC: G06F12/1009 , G06F12/02 , G06F12/0891 , G06F12/1027 , G06F12/14
Abstract: Se proporciona una instrucción para llevar a cabo una operación de reinicio de protección de traducción de dirección cuando se ejecuta. Ejecutar la instrucción incluye determinar, por medio de un procesador, que se va a reiniciar un bit de protección de traducción de dirección en una entrada de tabla de traducción especificada asociada con un bloque de almacenamiento. Con base en la determinación de que se va a reiniciar el bit de protección de traducción de dirección, ejecutar la instrucción incluye reiniciar el bit de protección de traducción de dirección para desactivar la protección contra escritura para el bloque de almacenamiento. El reinicio no espera una acción por uno o más de otros procesadores del entorno de cómputo.
-
公开(公告)号:SG11202105418YA
公开(公告)日:2021-06-29
申请号:SG11202105418Y
申请日:2020-02-26
Applicant: IBM
Inventor: HELLER LISA , BUSABA FADI , BRADBURY JONATHAN , BORNTRAEGER CHRISTIAN , BACHER UTZ , BUENDGEN REINHARD
Abstract: A method is provided. The method is implemented by a communication interface of a secure interface control executing between the secure interface control of a computer and hardware of the computer/In this regard, the communication interface receives an instruction and determines whether the instruction is a millicoded instruction. Further, the communication interface enters a millimode comprising enabling the secure interface control to engage millicode of the hardware through the communication interface based on the instruction being the millicoded instruction. The millicode, then, executes the instruction
-
Patent Agency Ranking
公开(公告)号:AU2020236629A1
公开(公告)日:2021-06-10
申请号:AU2020236629
申请日:2020-02-17
Applicant: IBM
Inventor: BUENDGEN REINHARD , BORNTRAEGER CHRISTIAN , BRADBURY JONATHAN , BUSABA FADI , HELLER LISA , MIHAJLOVSKI VIKTOR
Abstract: Secure processing within a computing environment is provided by incrementally decrypting a secure operating system image, including receiving, for a page of the secure operating system image, a page address and a tweak value used during encryption of the page. Processing determines that the tweak value has not previously been used during decryption of another page of the secure operating system image, and decrypts memory page content at the page address using an image encryption key and the tweak value to facilitate obtaining a decrypted secure operating system image. Further, integrity of the secure operating system image is verified, and based on verifying integrity of the secure operating system image, execution of the decrypted secure operating system image is started.
-
公开(公告)号:CA3132753A1
公开(公告)日:2020-09-17
申请号:CA3132753
申请日:2020-02-26
Applicant: IBM
Inventor: HELLER LISA , BUSABA FADI , BRADBURY JONATHAN , BORNTRAEGER CHRISTIAN , BACHER UTZ , BUENDGEN REINHARD
Abstract: A method is provided. The method is implemented by a communication interface of a secure interface control executing between the secure interface control of a computer and hardware of the computer/ In this regard, the communication interface receives an instruction and determines whether the instruction is a millicoded instruction. Further, the communication interface enters a millimode comprising enabling the secure interface control to engage millicode of the hardware through the communication interface based on the instruction being the millicoded instruction. The millicode, then, executes the instruction
-
18.发明专利
公开(公告)号:CA3132752A1
公开(公告)日:2020-09-17
申请号:CA3132752
申请日:2020-02-28
Applicant: IBM
Inventor: BORNTRAEGER CHRISTIAN , IMBRENDA CLAUDIO , BUSABA FADI , BRADBURY JONATHAN , HELLER LISA
Abstract: A method is provided by a secure interface control of a computer that provides a partial instruction interpretation for an instruction which enables an interruption. The secure interface control fetches a program status word or a control register value from a secure guest storage. The secure interface control notifies an untrusted entity of guest interruption mask updates. The untrusted entity is executed on and in communication with hardware of the computer through the secure interface control to support operations of a secure entity executing on the untrusted entity. The secure interface control receives, from the untrusted entity, a request to present a highest priority, enabled guest interruption in response to the notifying of the guest interruption mask updates. The secure interface control moves interruption information into a guest prefix page and injecting the interruption in the secure entity when an injection of the interruption is determined to be valid.
-
公开(公告)号:CA3132735A1
公开(公告)日:2020-09-17
申请号:CA3132735
申请日:2020-02-17
Applicant: IBM
Inventor: BUENDGEN REINHARD , BORNTRAEGER CHRISTIAN , BRADBURY JONATHAN , BUSABA FADI , HELLER LISA , MIHAJLOVSKI VIKTOR
Abstract: Secure processing within a computing environment is provided by incrementally decrypting a secure operating system image, including receiving, for a page of the secure operating system image, a page address and a tweak value used during encryption of the page. Processing determines that the tweak value has not previously been used during decryption of another page of the secure operating system image, and decrypts memory page content at the page address using an image encryption key and the tweak value to facilitate obtaining a decrypted secure operating system image. Further, integrity of the secure operating system image is verified, and based on verifying integrity of the secure operating system image, execution of the decrypted secure operating system image is started.
-
公开(公告)号:PL3935532T3
公开(公告)日:2025-03-03
申请号:PL20708469
申请日:2020-02-28
Applicant: IBM
Inventor: BORNTRAEGER CHRISTIAN , IMBRENDA CLAUDIO , BUSABA FADI , BRADBURY JONATHAN , HELLER LISA
-
-
-
-
-
-
-
-
-
Search Results
23
records
(took 0.026 seconds)
