Controlling access to multiple memory zones in an isolated execution environment

US 6,934,817 B2
Filed: 10/10/2003
Issued: 08/23/2005
Est. Priority Date: 03/31/2000
Status: Expired due to Term

First Claim

Patent Images

1. An apparatus comprising:

a configuration storage to store configuration settings to configure an access transaction generated by a processor having a first execution mode and a second execution mode, the configuration storage to store an execution mode identifier that is asserted as an execution mode signal to indicate the processor is operating in the first execution mode, the configuration settings including subsystem memory range settings, a memory base value, and a memory length value, a combination of at least the base and length values to define a protected memory area in a memory external to the processor that is accessible to the processor in the first execution mode, and the configuration settings to define an un-protected memory area that is accessible to the processor in the second execution mode, wherein the processor in the second execution mode cannot access the protected memory area, the access transaction including access information including a physical address;

a protected memory zone in the protected memory area defined by a subsystem memory range setting;

an un-protected memory zone in the un-protected memory area; and

a memory zone access checking circuit coupled to the configuration storage to check the access transaction using at least one of the configuration settings and the access information to determine if the access transaction is valid and generating an access grant signal if the transaction is valid.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method, apparatus, and system for controlling memory accesses to multiple memory zones in an isolated execution environment. A processor having a normal execution mode and an isolated execution mode generates an access transaction. The access transaction is configured using a configuration storage that stores configuration settings. The configuration settings include a plurality of subsystem memory range settings defining memory zones. The access transaction also includes access information. A multi-memory zone access checking circuit, coupled to the configuration storage, checks the access transaction using at least one of the configuration settings and the access information. The multi-memory zone access checking circuit generates an access grant signal if the access transaction is valid.

Citations

36 Claims

1. An apparatus comprising:
- a configuration storage to store configuration settings to configure an access transaction generated by a processor having a first execution mode and a second execution mode, the configuration storage to store an execution mode identifier that is asserted as an execution mode signal to indicate the processor is operating in the first execution mode, the configuration settings including subsystem memory range settings, a memory base value, and a memory length value, a combination of at least the base and length values to define a protected memory area in a memory external to the processor that is accessible to the processor in the first execution mode, and the configuration settings to define an un-protected memory area that is accessible to the processor in the second execution mode, wherein the processor in the second execution mode cannot access the protected memory area, the access transaction including access information including a physical address;
  
  a protected memory zone in the protected memory area defined by a subsystem memory range setting;
  
  an un-protected memory zone in the un-protected memory area; and
  
  a memory zone access checking circuit coupled to the configuration storage to check the access transaction using at least one of the configuration settings and the access information to determine if the access transaction is valid and generating an access grant signal if the transaction is valid.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The apparatus of claim 1 wherein the protected memory zone in the protected memory area includes at least one protected memory page.
  - 3. The apparatus of claim 2 wherein the at least one protected memory page includes an applet page.
  - 4. The apparatus of claim 2 wherein the at least one protected memory page includes an OS nub page.
  - 5. The apparatus of claim 2 wherein the at least one protected memory page includes a processor nub page.
  - 6. The apparatus of claim 1 further comprising an identifier that identifies a currently active protected memory zone and that the processor is operating in the first execution mode.
  - 7. The apparatus of claim 6 wherein determining if the access transaction is valid further comprises determining if the physical address is within the currently active protected memory zone and if the identifier is asserted.
  - 8. The apparatus of claim 6 wherein the multi-memory zone access checking circuit comprises a memory zone detector to detect if the physical address is within the currently active protected memory zone such that the memory zone detector generates a memory zone matching signal.
  - 9. The apparatus of claim 8 wherein the multi-memory zone access checking circuit further comprises an access grant generator coupled to the memory zone detector, the access grant generator generating an access grant signal if both the memory zone matching signal and identifier are asserted.

10. A method comprising:
- configuring an access transaction generated by a processor having a first execution mode and a second execution mode;
  
  generating configuration settings that are stored in a configuration storage including an execution mode identifier that is asserted as an execution mode signal to indicate the processor is operating in the first execution mode, the configuration settings further including subsystem memory range settings, a memory base value, and a memory length value, a combination of at least the base and length values to define a protected memory area in a memory external to the processor that is accessible to the processor in the first execution modes and the configuration settings to define an un-protected memory area that is accessible to the processor in the second execution mode, wherein the processor in the second execution mode cannot access the protected memory area, the access transaction including access information including a physical address;
  
  defining a protected memory zone in the protected memory area defined by a subsystem memory range setting;
  
  defining an un-protected memory zone in the un-protected memory area; and
  
  checking the access transaction using at least one of the configuration settings and the access information to determine if the access transaction is valid.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10 wherein the protected memory zone in the protected memory area includes at least one protected memory page.
  - 12. The method of claim 11 wherein the at least one protected memory page includes an applet page.
  - 13. The method of claim 11 wherein the at least one protected memory page includes an OS nub page.
  - 14. The method of claim 11 wherein the at least one protected memory page includes a processor nub page.
  - 15. The method of claim 10 wherein an identifier is used to identify a currently active protected memory zone and that the processor is operating in the first execution mode.
  - 16. The method of claim 15 wherein determining if the access transaction is valid further comprises determining if the physical address is within the currently active protected memory zone and if the identifier is asserted.
  - 17. The method of claim 15 further comprising detecting if the physical address is within the currently active protected memory zone such that a memory zone matching signal is generated.
  - 18. The method of claim 17 further comprising generating an access grant signal if both the memory zone matching signal and identifier are asserted.

19. A machine-readable medium having stored thereon instructions, which when executed by a machine, cause the machine to perform the following operations comprising:
- configuring an access transaction generated by a processor having a first execution mode and a second execution mode;
  
  generating configuration settings that are stored in a configuration storage including an execution mode identifier that is asserted as an execution mode signal to indicate the processor is operating in the first execution mode, the configuration settings further including subsystem memory range settings, a memory base value, and a memory length value, a combination of at least the base and length values to define a protected memory area in a memory external to the processor that is accessible to the processor in the first execution mode, and the configuration settings to define an un-protected memory area that is accessible to the processor in the second execution mode, wherein the processor in the second execution mode cannot access the protected memory area, the access transaction including access information including a physical address;
  
  defining a protected memory zone in the protected memory area defined by a subsystem memory range setting;
  
  defining an un-protected memory zone in the un-protected memory area; and
  
  checking the access transaction using at least one of the configuration settings and the access information to determine if the access transaction is valid.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The machine-readable medium of claim 19 wherein the protected memory zone in the protected memory area includes at least one protected memory page.
  - 21. The machine-readable medium of claim 20 wherein the at least one protected memory page includes an applet page.
  - 22. The machine-readable medium of claim 20 wherein the at least one protected memory page includes an OS nub page.
  - 23. The machine-readable medium of claim 20 wherein the at least one protected memory page includes a processor nub page.
  - 24. The machine-readable medium of claim 19 wherein an identifier is used to identify a currently active protected memory zone and that the processor is operating in the first execution mode.
  - 25. The machine-readable medium of claim 24 wherein determining if the access transaction is valid further comprises determining if the physical address is within the currently active protected memory zone and if the identifier is asserted.
  - 26. The machine-readable medium of claim 24 further comprising detecting if the physical address is within the currently active protected memory zone such that a memory zone matching signal is generated.
  - 27. The machine-readable medium of claim 26 further comprising generating an access grant signal if both the memory zone matching signal and identifier are asserted.

28. A system comprising:
- a chipset;
  
  a memory coupled to the chipset;
  
  a processor coupled to the chipset and the memory having an access manager, the processor having a first execution mode and a second execution mode, the processor generating an access transaction having access information, the access manager comprising;
  
  a configuration storage to store configuration settings to configure an access transaction generated by a processor having a first execution mode and a second execution mode, the configuration storage to store an execution mode identifier that is asserted as an execution mode signal to indicate the processor is operating in the first execution mode, the configuration settings including subsystem memory range settings, a memory base value, and a memory length value, a combination of at least the base and length values to define a protected memory area in a memory external to the processor that is accessible to the processor in the first execution model, and the configuration settings to define an un-protected memory area that is accessible to the processor in the second execution mode, wherein the processor in the second execution mode cannot access the protected memory area, the access transaction including access information including a physical address;
  
  a protected memory zone in the protected memory area defined by a subsystem memory range setting;
  
  an un-protected memory zone in the un-protected memory area; and
  
  a memory zone access checking circuit coupled to the configuration storage to check the access transaction using at least one of the configuration settings and the access information to determine if the access transaction is valid and generating an access grant signal if the transaction is valid.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36)
- - 29. The system of claim 28 wherein the protected memory zone in the protected memory area includes at least one protected memory page.
  - 30. The system of claim 29 wherein the at least one protected memory page includes an applet page.
  - 31. The system of claim 29 wherein the at least one protected memory page includes an OS nub page.
  - 32. The system of claim 29 wherein the at least one protected memory page includes a processor nub page.
  - 33. The system of claim 28 further comprising an identifier that identifies a currently active protected memory zone and that the processor is operating in the first execution mode.
  - 34. The system of claim 33 wherein determining if the access transaction is valid further comprises determining if the physical address is within the currently active protected memory zone and if the identifier is asserted.
  - 35. The system of claim 33 wherein the multi-memory zone access checking circuit comprises a memory zone detector to detect if the physical address is within the currently active protected memory zone such that the memory zone detector generates a memory zone matching signal.
  - 36. The system of claim 35 wherein the multi-memory zone access checking circuit further comprises an access grant generator coupled to the memory zone detector, the access grant generator generating an access grant signal if both the memory zone matching signal and identifier are asserted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Thakkar, Shreekant S., Neiger, Gilbert, Ellison, Carl M., Mittal, Millind, Reneris, Ken, Lin, Derrick C., McKeen, Francis X., Sutton, James A., Herbert, Howard C., Golliver, Roger A.
Primary Examiner(s)
PEIKARI, BEHZAD

Application Number

US10/683,542
Publication Number

US 20040078590A1
Time in Patent Office

683 Days
Field of Search

711/1, 711/147, 711/151, 711/152, 711/153, 711/163, 711/164, 711/170, 711/173, 711/220, 709/213
US Class Current

711/153
CPC Class Codes

G06F 12/1441 for a range

G06F 12/1491 in a hierarchical protectio...

Controlling access to multiple memory zones in an isolated execution environment

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Controlling access to multiple memory zones in an isolated execution environment

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links