System and Method for Securely Saving a Program Context to a Shared Memory
First Claim
1. A computer implemented method for securely saving a program'"'"'s context, the method comprising:
- interrupting a secured program running on a special purpose processor core included in a heterogeneous processor that includes a plurality of heterogeneous processor cores including the special purpose processor core that is running in an isolation mode, wherein the isolated special purpose processor core includes a local memory that is inaccessible from other processor cores included in the heterogeneous processor while the special purpose processor core is running in the isolation mode, wherein each of the heterogeneous processor'"'"'s cores can access a shared memory;
in response to the interrupting, securely saving the secured program'"'"'s context to the shared memory, wherein the context comprises code lines and data values, the saving including;
generating a random persistent security data;
reading the code lines from the isolated special purpose processor core'"'"'s local memory;
reading the data values from the isolated special purpose processor core'"'"'s local memory;
encrypting the code lines and the data values using the generated persistent security data; and
storing the encrypted code lines and data values in the shared memory.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, method and program product for securely saving a program context to a shared memory is presented. A secured program running on an special purpose processor core running in isolation mode is interrupted. The isolated special purpose processor core is included in a heterogeneous processing environment, that includes purpose processors and general purpose processor cores that each access a shared memory. In isolation mode, the special purpose processor core'"'"'s local memory is inaccessible from the other heterogeneous processors. The secured program'"'"'s context is securely saved to the shared memory using a random persistent security data. The lines of code stored in the isolated special purpose processor core'"'"'s local memory are read along with data values, such as register settings, set by the secured program. The lines of code and data values are encrypted using the persistent security data, and the encrypted code lines and data values are stored in the shared memory.
-
Citations
23 Claims
-
1. A computer implemented method for securely saving a program'"'"'s context, the method comprising:
-
interrupting a secured program running on a special purpose processor core included in a heterogeneous processor that includes a plurality of heterogeneous processor cores including the special purpose processor core that is running in an isolation mode, wherein the isolated special purpose processor core includes a local memory that is inaccessible from other processor cores included in the heterogeneous processor while the special purpose processor core is running in the isolation mode, wherein each of the heterogeneous processor'"'"'s cores can access a shared memory; in response to the interrupting, securely saving the secured program'"'"'s context to the shared memory, wherein the context comprises code lines and data values, the saving including; generating a random persistent security data; reading the code lines from the isolated special purpose processor core'"'"'s local memory; reading the data values from the isolated special purpose processor core'"'"'s local memory; encrypting the code lines and the data values using the generated persistent security data; and storing the encrypted code lines and data values in the shared memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An information handling system comprising:
-
a heterogeneous processor having one or more special purpose processor cores and one or more general purpose processor cores, wherein one of the special purpose processor cores is running in an isolation mode; a shared memory accessible by the special purpose processor cores and the general purpose processor cores; a local memory corresponding to each of the plurality of heterogeneous processors, wherein the local memory corresponding to the isolated special purpose processor core is inaccessible by the other heterogeneous processors; a set of instructions stored in one of the local memories, wherein one or more of the heterogeneous processors executes the set of instructions in order to perform actions of; interrupting a secured program running on one of the special purpose processor cores that is running in an isolation mode wherein the isolated special purpose processor core includes a local memory that is inaccessible from the other heterogeneous processor cores; in response to the interrupting, securely saving the secured program'"'"'s context to the shared memory, wherein the context comprises code lines and data values, the saving including; generating a random persistent security data; reading the code lines from the isolated special purpose processor core'"'"'s local memory; reading the data values from the isolated special purpose processor core'"'"'s local memory; encrypting the code lines and the data values using the generated persistent security data; and storing the encrypted code lines and data values in the shared memory. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer program product stored in a computer readable medium, comprising functional descriptive material that, when executed by a information handling system, causes the information handling system to perform actions that include:
securely saving a program'"'"'s context to a shared memory in a heterogeneous processor having one or more special purpose processor cores and one or more general purpose processor cores, wherein each of the heterogeneous processor cores can access the shared memory, the secure saving including functional descriptive material that, when executed by the information handling system, causes the information handling system to perform additional actions that include; interrupting a secured program running on one of the special purpose processor cores that is running in an isolation mode wherein the isolated special purpose processor core includes a local memory that is inaccessible from the other heterogeneous processor cores; in response to the interrupting, securely saving the secured program'"'"'s context to the shared memory, wherein the context comprises code lines and data values, the saving including; generating a random persistent security data; reading the code lines from the isolated special purpose processor core'"'"'s local memory; reading the data values from the isolated special purpose processor core'"'"'s local memory; encrypting the code lines and the data values using the generated persistent security data; and storing the encrypted code lines and data values in the shared memory. - View Dependent Claims (18, 19, 20, 21, 22, 23)
Specification