公开(公告)号：AU2003231237A1

公开(公告)日：2003-12-22

申请号：AU2003231237

申请日：2003-05-01

Applicant: INTEL CORP

Inventor： GRAWROCK DAVID ,  UHLIG RICHARD ,  POISNER DAVID ,  GLEW ANDREW ,  HALL CLIFFORD ,  SMITH LAWRENCE III ,  NEIGER GILBERT ,  KOZUCH MICHAEL ,  GEORGE ROBERT ,  BURGESS BRADLEY ,  SUTTON JAMES II

IPC: G06F1/00 ,  G06F9/46 ,  G06F12/14 ,  G06F21/00 ,  G06F9/40

Abstract: Techniques for handling certain virtualization events occurring within a virtual machine environment. More particularly, at least one embodiment of the invention pertains to handling events related to the sub-operating system mode using a dedicated virtual machine monitor (VMM) called the system management mode VMM (SVMM), which exists in a separate portion of memory from a main virtual machine monitor (MVMM) used to handle virtualization events other than those related to the sub-operating system mode. In at least one embodiment, a technique for initializing and managing transitions to and from the SVMM is disclosed.

公开(公告)号：AU2003223587A1

公开(公告)日：2003-11-03

申请号：AU2003223587

申请日：2003-04-10

Applicant: INTEL CORP

Inventor： GRAWROCK DAVID ,  POISNER DAVID ,  SUTTON JAMES II

IPC: G06F12/14 ,  G06F21/00 ,  G06F1/00

Abstract: Methods, apparatus and computer readable medium are described that attempt to protect secrets from system reset attacks. In some embodiments, the memory is locked after a system reset and secrets removed from the memory before the memory is unlocked.

公开(公告)号：AU2003224803A1

公开(公告)日：2003-10-27

申请号：AU2003224803

申请日：2003-03-28

Applicant: INTEL CORP

Inventor： SUTTON JAMES II

IPC: G06F21/00 ,  G06F1/00

Abstract: Microcode patches are encoded before delivery to a target processor that is to install the microcode patches. The target processor validates the microcode patches before installation. The security of the process may be enhanced by one or more of: 1) performing the validation in a secure memory, 2) using a public/private key pair for encryption and decryption of the microcode patch, 3) using at least one key that is embedded in the target processor and that cannot be read by non-secure software, and 4) using a hash value that is embedded in the target processor to validate at least one non-embedded key.

公开(公告)号：AU2003224737A1

公开(公告)日：2003-10-20

申请号：AU2003224737

申请日：2003-03-20

Applicant: INTEL CORP

Inventor： SUTTON JAMES II ,  GRAWROCK DAVID

IPC: G06F12/14 ,  G06F1/00 ,  G06F21/24

Abstract: A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.

公开(公告)号：AU2003220453A1

公开(公告)日：2003-10-20

申请号：AU2003220453

申请日：2003-03-20

Applicant: INTEL CORP

Inventor： SUTTON JAMES II ,  GRAWROCK DAVID

IPC: G06F1/00 ,  G06F21/00

Abstract: A method and apparatus for resetting and modifying special registers in a security token is described. In one embodiment, a register may be reset when a reset flag is true when a special transmission on a bus demonstrates the mutual locality of the associated processor and chipset. A modify flag may also be used to indicate whether the register contents may be modified. Modifications may also be dependent upon demonstration of mutual locality.