公开(公告)号：US20220222358A1

公开(公告)日：2022-07-14

申请号：US17710723

申请日：2022-03-31

Applicant: Intel Corporation

Inventor： Ravi Sahita ,  Dror Caspi ,  Vedvyas Shanbhogue ,  Vincent Scarlata ,  Anjo Lucas Vahldiek-Oberwagner ,  Haidong Xia ,  Mona Vij

IPC: G06F21/60 ,  G06F21/53 ,  G06F21/54 ,  G06F9/455

Abstract: Scalable cloning and replication for trusted execution environments is described. An example of a computer-readable storage medium includes instructions for receiving a selection of a point to capture a snapshot of a baseline trust domain (TD) or secure enclave, the TD or secure enclave being associated with a trusted execution environment (TEE) of a processor utilized for processing of a workload; initiating cloning of the TD or secure enclave from a source platform to an escrow platform; generating an escrow key to export the snapshot to the escrow platform; and exporting a state of the TD or secure enclave to the escrow platform, the state being sealed with a sealing key.

公开(公告)号：US20180088976A1

公开(公告)日：2018-03-29

申请号：US15278592

申请日：2016-09-28

Applicant: Intel Corporation

Inventor： Rebekah M. Leslie-Hurd ,  Carlos V. Rozas ,  Dror Caspi

IPC: G06F9/455 ,  G06F12/1045 ,  G06F12/0817

CPC classification number: G06F9/45558 ,  G06F11/34 ,  G06F12/1036 ,  G06F12/1045 ,  G06F12/121 ,  G06F12/1441 ,  G06F12/1491 ,  G06F21/602 ,  G06F21/62 ,  G06F2009/45591 ,  G06F2212/152 ,  G06F2212/502 ,  G06F2212/656 ,  G06F2212/657

Abstract: A processing system includes an execution unit, communicatively coupled to an architecturally-protected memory, the execution unit comprising a logic circuit to execute a virtual machine monitor (VMM) that supports a virtual machine (VM) comprising a guest operating system (OS) and to implement an architecturally-protected execution environment, wherein the logic circuit is to responsive to executing a blocking instruction by the guest OS directed at a first page stored in the architecturally-protected memory during a first time period identified by a value stored in a first counter, copy the value from the first counter to a second counter, responsive to executing a first tracking instruction issued by the VMM, increment the value stored in the first counter, and set a flag to indicate successful execution of the second tracking instruction.

公开(公告)号：US12013954B2

公开(公告)日：2024-06-18

申请号：US17710723

申请日：2022-03-31

Applicant: Intel Corporation

Inventor： Ravi Sahita ,  Dror Caspi ,  Vedvyas Shanbhogue ,  Vincent Scarlata ,  Anjo Lucas Vahldiek-Oberwagner ,  Haidong Xia ,  Mona Vij

IPC: G06F21/60 ,  G06F9/455 ,  G06F21/53 ,  G06F21/54

CPC classification number: G06F21/602 ,  G06F9/45558 ,  G06F21/53 ,  G06F21/54 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: Scalable cloning and replication for trusted execution environments is described. An example of a computer-readable storage medium includes instructions for receiving a selection of a point to capture a snapshot of a baseline trust domain (TD) or secure enclave, the TD or secure enclave being associated with a trusted execution environment (TEE) of a processor utilized for processing of a workload; initiating cloning of the TD or secure enclave from a source platform to an escrow platform; generating an escrow key to export the snapshot to the escrow platform; and exporting a state of the TD or secure enclave to the escrow platform, the state being sealed with a sealing key.

公开(公告)号：US11422811B2

公开(公告)日：2022-08-23

申请号：US17098129

申请日：2020-11-13

Applicant: Intel Corporation

Inventor： Gideon Gerzon ,  Dror Caspi ,  Arie Aharon ,  Ido Ouziel

IPC: G06F12/0804 ,  G06F9/30 ,  G06F9/455

Abstract: A processor includes a global register to store a value of an interrupted block count. A processor core, communicably coupled to the global register, may, upon execution of an instruction to flush blocks of a cache that are associated with a security domain: flush the blocks of the cache sequentially according to a flush loop of the cache; and in response to detection of a system interrupt: store a value of a current cache block count to the global register as the interrupted block count; and stop execution of the instruction to pause the flush of the blocks of the cache. After handling of the interrupt, the instruction may be called again to restart the flush of the cache.

公开(公告)号：US11138320B2

公开(公告)日：2021-10-05

申请号：US16228206

申请日：2018-12-20

Applicant: Intel Corporation

Inventor： Dror Caspi ,  Arie Aharon ,  Gideon Gerzon ,  Hormuzd Khosravi

IPC: G06F21/00 ,  G06F21/60 ,  H04L9/08 ,  H04L9/14

Abstract: Implementations describe providing secure encryption key management in trust domains. In one implementation, a processing device includes a key ownership table (KOT) that is protected against software access. The processing device further includes a processing core to execute a trust domain resource manager (TDRM) to create a trust domain (TD) and a randomly-generated encryption key corresponding to the TD, the randomly-generated encryption key identified by a guest key identifier (GKID) and protected against software access from at least one of the TDRM or other TDs, the TDRM is to reference the KOT to obtain at least one unassigned host key identifier (HKID) utilized to encrypt a TD memory, the TDRM is to assign the HKID to the TD by marking the HKID in the KOT as assigned, and configure the randomly-generated encryption key on the processing device by associating the randomly-generated encryption key with the HKID.

公开(公告)号：US11461244B2

公开(公告)日：2022-10-04

申请号：US16227386

申请日：2018-12-20

Applicant: Intel Corporation

Inventor： Ido Ouziel ,  Arie Aharon ,  Dror Caspi ,  Baruch Chaikin ,  Jacob Doweck ,  Gideon Gerzon ,  Barry E. Huntley ,  Francis X. McKeen ,  Gilbert Neiger ,  Carlos V. Rozas ,  Ravi L. Sahita ,  Vedvyas Shanbhogue ,  Assaf Zaltsman ,  Hormuzd M. Khosravi

IPC: G06F11/30 ,  G06F12/14 ,  G06F9/455 ,  G06F11/07 ,  G06F12/02 ,  G06F12/0817 ,  G06F21/53 ,  G06F21/57 ,  G06F21/60 ,  G06F21/79

Abstract: Implementations described provide hardware support for the co-existence of restricted and non-restricted encryption keys on a computing system. Such hardware support may comprise a processor having a core, a hardware register to store a bit range to identify a number of bits, of physical memory addresses, that define key identifiers (IDs) and a partition key ID identifying a boundary between non-restricted and restricted key IDs. The core may allocate at least one of the non-restricted key IDs to a software program, such as a hypervisor. The core may further allocate a restricted key ID to a trust domain whose trust computing base does not comprise the software program. A memory controller coupled to the core may allocate a physical page of a memory to the trust domain, wherein data of the physical page of the memory is to be encrypted with an encryption key associated with the restricted key ID.

公开(公告)号：US11139967B2

公开(公告)日：2021-10-05

申请号：US16228002

申请日：2018-12-20

Applicant: Intel Corporation

Inventor： Ido Ouziel ,  Arie Aharon ,  Dror Caspi ,  Baruch Chaikin ,  Jacob Doweck ,  Gideon Gerzon ,  Barry E. Huntley ,  Francis X. Mckeen ,  Gilbert Neiger ,  Carlos V. Rozas ,  Ravi L. Sahita ,  Vedvyas Shanbhogue ,  Assaf Zaltsman

IPC: H04L9/08 ,  G06F9/455 ,  G06F12/1009 ,  G06F21/60 ,  G06F21/62

Abstract: A processor includes a processor core. A register of the core is to store: a bit range for a number of address bits of physical memory addresses used for key identifiers (IDs), and a first key ID to identify a boundary between non-restricted key IDs and restricted key IDs of the key identifiers. A memory controller is to: determine, via access to bit range and the first key ID in the register, a key ID range of the restricted key IDs within the physical memory addresses; access a processor state that a first logical processor of the processor core executes in an untrusted domain mode; receive a memory transaction, from the first logical processor, including an address associated with a second key ID; and generate a fault in response to a determination that the second key ID is within a key ID range of the restricted key IDs.

公开(公告)号：US20190147192A1

公开(公告)日：2019-05-16

申请号：US16227858

申请日：2018-12-20

Applicant: INTEL CORPORATION

Inventor： Hormuzd Khosravi ,  Dror Caspi ,  Arie Aharon

IPC: G06F21/72 ,  H04L9/08 ,  G06F9/455 ,  G06F9/50

Abstract: A method of creating a trusted execution domain includes initializing, by a processing device executing a trust domain resource manager (TDRM), a trust domain control structure (TDCS) and a trust domain protected memory (TDPM) associated with a trust domain (TD). The method further includes generating a one-time cryptographic key, assigning the one-time cryptographic key to an available host key id (HKID) in a multi-key total memory encryption (MK-TME) engine, and storing the HKID in the TDCS. The method further includes associating a logical processor to the TD, adding a memory page from an address space of the logical processor to the TDPM, and transferring execution control to the logical processor to execute the TD.

公开(公告)号：US20190042671A1

公开(公告)日：2019-02-07

申请号：US15844529

申请日：2017-12-16

Applicant: Intel Corporation

Inventor： Dror Caspi ,  Ido Ouziel

IPC: G06F17/50 ,  G06F12/1009

Abstract: Technologies are provided in embodiments including a memory element to store a payload indicating an action to be performed associated with a remote action request (RAR) and a remote action handler circuit to identify the action to be performed, where the action includes invalidating one or more entries of a translation lookaside buffer (TLB), determine that the logical processor entered an enclave mode during a prior epoch, perform one or more condition checks on control and state pages of the enclave mode, and based on results of the one or more condition checks, adjust one or more variables associated with the logical processor to simulate the logical processor re-entering the enclave mode. Specific embodiments include the remote action handler circuit to invalidate an entry of the TLB based, at least in part, on the results of the one or more condition checks.

公开(公告)号：US12248807B2

公开(公告)日：2025-03-11

申请号：US17134339

申请日：2020-12-26

Applicant: INTEL CORPORATION

Inventor： Ravi Sahita ,  Dror Caspi ,  Vincent Scarlata ,  Sharon Yaniv ,  Baruch Chaikin ,  Vedvyas Shanbhogue ,  Jun Nakajima ,  Arumugam Thiyagarajah ,  Sean Christopherson ,  Haidong Xia ,  Vinay Awasthi ,  Isaku Yamahata ,  Wei Wang ,  Thomas Adelmeyer

IPC: G06F9/48 ,  G06F9/38 ,  G06F9/455 ,  G06F21/60

Abstract: Techniques for migration of a source protected virtual machine from a source platform to a destination platform are descried. A method of an aspect includes enforcing that bundles of state, of a first protected virtual machine (VM), received at a second platform over a stream, during an in-order phase of a migration of the first protected VM from a first platform to the second platform, are imported to a second protected VM of the second platform, in a same order that they were exported from the first protected VM. Receiving a marker over the stream marking an end of the in-order phase. Determining that all bundles of state exported from the first protected VM prior to export of the marker have been imported to the second protected VM. Starting an out-of-order phase of the migration based on the determination that said all bundles of the state exported have been imported.