Mechanism to secure computer output from software attack using isolated execution

US 7,389,427 B1
Filed: 09/28/2000
Issued: 06/17/2008
Est. Priority Date: 09/28/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A platform comprising:

a system memory to store output data in an isolated output area and a non-isolated area;

a memory controller hub (MCH) coupled to the system memory; and

a processor coupled to the MCH to generate a signal to the MCH, the signal indicating whether the output data is to be stored in the isolated output area or the non-isolated area, the signal generated by the processor to further cause the MCH, in response to an indication of the signal that the output data is to be stored in the isolated output area of the system memory, to receive a bus transaction indicating an isolated transaction from a graphics device to enable access to the output data stored in the isolated output area, and to transfer the output data to an isolated bit plane on the graphic device, the graphic device having the isolated bit plane for the output data from the isolated output area and a non-isolated bit plane for the output data from the non-isolated output area.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and platform for maintaining the security of output data in an isolated execution environment. A system memory has an isolated output area readable only by secure output controllers having an isolated execution mode. The output controllers may make a request for access to the isolated output area, upon proper authentication if the request access is granted. The output device may either DMA the content of the isolated output area to an output end point, such as a display, or load it into local storage, the security of which is guaranteed by the controller.

205 Citations

19 Claims

1. A platform comprising:
- a system memory to store output data in an isolated output area and a non-isolated area;
  
  a memory controller hub (MCH) coupled to the system memory; and
  
  a processor coupled to the MCH to generate a signal to the MCH, the signal indicating whether the output data is to be stored in the isolated output area or the non-isolated area, the signal generated by the processor to further cause the MCH, in response to an indication of the signal that the output data is to be stored in the isolated output area of the system memory, to receive a bus transaction indicating an isolated transaction from a graphics device to enable access to the output data stored in the isolated output area, and to transfer the output data to an isolated bit plane on the graphic device, the graphic device having the isolated bit plane for the output data from the isolated output area and a non-isolated bit plane for the output data from the non-isolated output area.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The platform of claim 1 wherein the MCH coupled between the system memory, the processor, and the graphics device, the memory control hub to permit the graphics device to access the isolated output area only when the graphics device asserts an isolated access mode.
  - 3. The platform of claim 2 wherein the graphics device comprises:
    - a direct memory access (DMA) controller.
  - 4. The platform of claim 2 wherein only the graphics device is permitted to read the isolated output area.
  - 5. The platform of claim 1 further comprising:
    - an operating system (O/S) nub having a driver to write display data into the isolated output area when the processor is executing in an isolated execution mode.
  - 6. The platform of claim 2 further comprising:
    - a link between the graphics device and the MCH having an isolated transaction type.
  - 7. The platform of claim 2 wherein the MCH only permits the O/S nub to write to the isolated output area.
  - 8. The platform of claim 6 wherein the link is a secure accelerated graphics port bus.
  - 9. The platform of claim 1 wherein the graphics device denies all external access to the isolated bit plane.

10. A method comprising:
- establishing an isolated execution environment having an isolated execution mode by a processor generating a signal indicating whether output data is to be stored in an isolated output area or a non-isolated area of a system memory, the signal generated by the processor further causing a memory controller hub (MCH), in response to an indication of the signal that the output data is to be stored in the isolated output area of the system memory, to receive a bus transaction indicating an isolated transaction from a graphics device to enable access to the output data stored in the isolated output areas and to transfer the output data to an isolated bit plane on the graphic device, the graphic device having the isolated bit plane for the output data from the isolated output area and a non-isolated bit plane for the output data from the non-isolated output area; and
  
  preventing access to the output data in the isolated output area of the system memory by any requester not operating in the isolated execution mode.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10 further comprising:
    - issuing an isolated direct memory access (DMA) request for display data in the isolated output area from the graphics device; and
      
      refreshing the display based on the display data.
  - 12. The method of claim 10 wherein preventing comprises:
    - identifying if an isolated attribute is present in a request for access to the isolated output area; and
      
      denying the request if no isolated attribute is present.
  - 13. The method of claim 10 further comprising:
    - loading data from the isolated output area into the isolated bit plane on the graphics device; and
      
      denying all external access to the isolated bit plane.
  - 14. The method of claim 13 further comprising:
    - defining a first window on an output display to present an image corresponding to the isolated bit plane; and
      
      occluding all windows on the display but the first window.
  - 15. The method of claim 10 further comprising:
    - retrieving data from the isolated output area;
      
      displaying an image corresponding to the data; and
      
      occluding the image prior to a platform transitioning out of the isolated execution mode.

16. An apparatus comprising:
- a processor to generate a signal to a memory controller hub (MCH), the signal indicating whether output data is to be stored in an isolated output area or a non-isolated area of a system memory, the signal generated by the processor to further cause the MCH, in response to an indication of the signal that the output data is to be stored in the isolated output area of the system memory, to receive a bus transaction indicating an isolated transaction from a graphics device to enable access to the output data stored in the isolated output areas and to transfer the output data to an isolated bit plane on the graphic device, the graphic device having the isolated bit plane for the output data from the isolated output area and a non-isolated bit plane for the output data from the non-isolated output area.
- View Dependent Claims (17, 18, 19)
- - 17. The apparatus of claim 16 wherein the bus transaction is issued through a secure accelerated graphics port (AGP).
  - 18. The apparatus of claim 16 wherein the bus transaction is issued by a direct memory access (DMA) controller of the graphics device, the DMA controller to attach an isolated attribute to any isolated output area access request.
  - 19. The apparatus of claim 16 wherein the signal generated by the processor has an isolated attribute to indicate execution in an isolated execution mode.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Reneris, Ken, Grawrock, David W., McKeen, Francis X.
Primary Examiner(s)
Barron; Gilberto
Assistant Examiner(s)
KIM, JUNG W

Application Number

US09/672,367
Time in Patent Office

2,819 Days
Field of Search

712/229, 380/205, 380/207, 711/163, 711/100, 711/154, 710/200, 710/22, 705/51, 705/52, 705/54, 726/7, 713/193
US Class Current

713/193
CPC Class Codes

G06F 12/1433   for a module or a part of a...

G06F 21/78   to assure secure storage of...

G06F 2221/2105   Dual mode as a secondary as...

Mechanism to secure computer output from software attack using isolated execution

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

205 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Mechanism to secure computer output from software attack using isolated execution

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

205 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links