PROVIDING FAST NON-VOLATILE STORAGE IN A SECURE ENVIRONMENT
First Claim
Patent Images
1. An apparatus comprising:
- a processor to execute instructions; and
a peripheral controller coupled to the processor via a first link, the peripheral controller including a storage controller to control a non-volatile storage coupled to the peripheral controller, wherein the storage controller is to enable access to a secure partition of the non-volatile storage in a secure mode and to prevent visibility of the secure partition outside of the secure mode.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a peripheral controller coupled to a processor can include a storage controller. This storage controller can control access to a non-volatile storage coupled to the peripheral controller. The storage may include both secure and open partitions, and the storage controller can enable access to the secure partition only when the processor is in a secure mode. In turn, during unsecure operation such as third party code execution, visibility of the secure partition can be prevented. Other embodiments are described and claimed.
175 Citations
20 Claims
-
1. An apparatus comprising:
-
a processor to execute instructions; and a peripheral controller coupled to the processor via a first link, the peripheral controller including a storage controller to control a non-volatile storage coupled to the peripheral controller, wherein the storage controller is to enable access to a secure partition of the non-volatile storage in a secure mode and to prevent visibility of the secure partition outside of the secure mode. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising:
-
configuring, using trusted code of a trusted mode of a system, a secure partition of a non-volatile storage of the system, the secure partition to be hidden during an untrusted mode of operation, the non-volatile storage separate from a firmware storage of the system; and responsive to an interrupt signal that indicates entry into the trusted mode, enabling access to the secure partition; and accessing the secure partition during the trusted mode and performing at least one operation using information stored in the secure partition. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. An article comprising a non-transitory machine-accessible storage medium including instructions that when executed cause a system to:
-
receive a memory access request to a location in a non-volatile storage coupled to a peripheral controller, the non-volatile storage including a first portion to be accessible to application code and a second portion that is inaccessible and hidden to the application code; determine if the system is in a trusted mode and if so, enable access to the second portion to perform the memory access request; and otherwise, to prevent access to the second portion. - View Dependent Claims (17, 18, 19, 20)
-
Specification