Method and apparatus for loading a trustable operating system
First Claim
Patent Images
1. A method of securing a region in a memory of a computer comprising:
- causing all but one of a plurality of processing elements in a computer to enter into a special halted state as part of a join secure operation;
receiving a region parameter that identifies a region in a memory of the computer for use in trust measurement;
using a signed cryptographic hash of the identified region to verify whether content in the identified region can be trusted;
placing the non-halted processing element into a known privileged state; and
after the non-halted processing element has been placed into the known privileged state, generating a signal that causes the processing elements associated with the special halted state to exit the special halted state and resume activity, wherein each of the plurality of processing elements associated with the special halted state exits the special halted state as part of the join secure operation, in response to a signal from the non-halted processing element indicating that a start secure operation is complete, and wherein the join secure operation is performed atomically.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus is provided for securing a region in a memory of a computer. According to one embodiment, the method comprises halting of all but one of a plurality of processors in a computer. The halted processors entering into a special halted state. Content is loaded into the region only after the halting of all but the one of the plurality of processors and the region is protected from access by the halted processors. The method further comprises placing the non-halted processor into a known privileged state, and causing the halted processors to exit the halted state after the non-halted processor has been placed into the known privileged state.
265 Citations
30 Claims
-
1. A method of securing a region in a memory of a computer comprising:
-
causing all but one of a plurality of processing elements in a computer to enter into a special halted state as part of a join secure operation; receiving a region parameter that identifies a region in a memory of the computer for use in trust measurement; using a signed cryptographic hash of the identified region to verify whether content in the identified region can be trusted; placing the non-halted processing element into a known privileged state; and after the non-halted processing element has been placed into the known privileged state, generating a signal that causes the processing elements associated with the special halted state to exit the special halted state and resume activity, wherein each of the plurality of processing elements associated with the special halted state exits the special halted state as part of the join secure operation, in response to a signal from the non-halted processing element indicating that a start secure operation is complete, and wherein the join secure operation is performed atomically. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus comprising:
-
a plurality of processing elements; and a memory comprising instructions to execute on the plurality of processing elements, wherein the instructions, when executed, cause the plurality of processing elements to perform operations comprising; causing all but one of the plurality of processing elements to enter into a special halted state as part of a join secure operation; receiving a region parameter that identifies a region in the memory for use in trust measurement; using a signed cryptographic hash of the identified region to verify whether content in the identified region can be trusted; placing the non-halted processing element into a known privileged state; and after the non-halted processing element has been placed into the known privileged state, generating a signal that causes the processing elements associated with the special halted state to exit the special halted state and resume activity, wherein each of the plurality of processing elements associated with the special halted state exits the special halted state as part of the join secure operation, in response to a signal from the non-halted processing element indicating that a start secure operation is complete, and wherein the join secure operation is performed atomically. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer program product comprising:
-
a non-transitory computer-readable storage medium; and instructions in the non-transitory computer-readable storage medium, wherein the instructions, when executed in a computer, cause the computer to perform operations comprising; causing all but one of a plurality of processing elements in the computer to enter into a special halted state as part of a join secure operation; receiving a region parameter that identifies a region in a memory of the computer for use in trust measurement; using a signed cryptographic hash of the identified region to verify whether content in the identified region can be trusted; placing the non-halted processing element into a known privileged state; and after the non-halted processing element has been placed into the known privileged state, generating a signal that causes the processing elements associated with the special halted state to exit the special halted state and resume activity, wherein each of the plurality of processing elements associated with the special halted state exits the special halted state as part of the join secure operation, in response to a signal from the non-halted processing element indicating that a start secure operation is complete, and wherein the join secure operation is performed atomically. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification