Microprocessor providing isolated timers and counters for execution of secure code

US 8,762,687 B2
Filed: 10/31/2008
Issued: 06/24/2014
Est. Priority Date: 05/24/2008
Status: Active Grant

First Claim

Patent Images

1. An apparatus providing for a secure execution environment, comprising:

an x86-compatible microprocessor, capable of executing all of the instructions in the x86 instruction set, and configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein said x86-compatible microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions are allowed to execute in order to allow for user input and the display of messages, but the execution of more complicated software such as an operating system is not allowed, said x86-compatible microprocessor comprising;

a cryptographic unit, configured to encrypt said secure application program according to a symmetric key algorithm using a processor unique cryptographic key, wherein said processor unique cryptographic key can only be read by said cryptographic unit; and

a plurality of timers which are visible and accessible only by said secure application program when executing in a secure execution mode; and

a secure non-volatile memory, coupled to said x86-compatible microprocessor via a private bus, configured to store said secure application program in encrypted form, wherein transactions over said private bus between said x86-compatible microprocessor and said secure non-volatile memory are isolated from said system bus, said system memory, and corresponding system bus resources within said x86-compatible microprocessor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus providing for a secure execution environment is presented. The apparatus includes a microprocessor and a secure non-volatile memory. The a microprocessor is configured to execute non-secure application programs and a secure application program, where the non-secure application programs are accessed from a system memory via a system bus. The microprocessor has a plurality of timers which are visible and accessible only by the secure application program when executing in a secure execution mode. The secure non-volatile memory is coupled to the microprocessor via a private bus and is configured to store the secure application program in encrypted form. Transactions over the private bus between the microprocessor and the secure non-volatile memory are isolated from the system bus, the system memory, and corresponding system bus resources within the microprocessor.

134 Citations

23 Claims

1. An apparatus providing for a secure execution environment, comprising:
- an x86-compatible microprocessor, capable of executing all of the instructions in the x86 instruction set, and configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein said x86-compatible microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions are allowed to execute in order to allow for user input and the display of messages, but the execution of more complicated software such as an operating system is not allowed, said x86-compatible microprocessor comprising;
  
  a cryptographic unit, configured to encrypt said secure application program according to a symmetric key algorithm using a processor unique cryptographic key, wherein said processor unique cryptographic key can only be read by said cryptographic unit; and
  
  a plurality of timers which are visible and accessible only by said secure application program when executing in a secure execution mode; and
  
  a secure non-volatile memory, coupled to said x86-compatible microprocessor via a private bus, configured to store said secure application program in encrypted form, wherein transactions over said private bus between said x86-compatible microprocessor and said secure non-volatile memory are isolated from said system bus, said system memory, and corresponding system bus resources within said x86-compatible microprocessor.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus as recited in claim 1, wherein said x86-compatible microprocessor further comprises:
    - a plurality of machine specific registers which are visible and accessible only by said secure application program when executing in said secure execution mode, wherein selected ones of said plurality of machine specific registers are employed to enable load/store access to said plurality of timers.
  - 3. The apparatus as recited in claim 1, wherein said x86-compatible microprocessor further comprises:
    - a secure time stamp counter, coupled to a core clock signal, configured to count the number of cycles of said core dock signal when said secure application program is executing.
  - 4. The apparatus as recited in claim 3, wherein said secure time stamp counter is also coupled to a normal time stamp counter that is configured to count the number of cycles of said core clock signal when said secure application program is executing and when said secure application program is not executing.
  - 5. The apparatus as recited in claim 4, wherein said secure time stamp counter is also coupled to a ratio machine specific register that is visible and accessible only by said secure application program when executing in said secure execution mode, wherein said ratio machine specific register is written by said secure application program to establish a maximum ratio between the values of said normal time stamp counter and said secure time stamp counter.
  - 6. The apparatus as recited in claim 5, wherein said ratio is indicative of the number of times said secure application program has been called.
  - 7. The apparatus as recited in claim 6, wherein, said secure time stamp counter reports when said ratio is exceeded to a watchdog manager.

8. A microprocessor apparatus, for executing secure code within a secure execution environment, the microprocessor apparatus comprising:
- a secure non-volatile memory, configured to store a secure application program; and
  
  an x86-compatible microprocessor, capable of executing all of the instructions in the x86 instruction set, and configured to execute non-secure application programs and said secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein a cryptography unit in said x86-compatible microprocessor is employed to encrypt said secure application program according to a symmetric key algorithm using a processor unique cryptographic key, and wherein said processor unique cryptographic key can only be read by said cryptography unit, and wherein said secure application program in encrypted form is accessed from said secure non-volatile memory via a private bus, and wherein transactions over said private bus between said x86-compatible microprocessor and said secure non-volatile memory are isolated from said system bus and said system memory, and wherein said x86-compatible microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions are allowed to execute in order to allow for user input and the display of messages, but the execution of more complicated software such as an operating system is not allowed, said x86-compatible microprocessor comprising;
  
  a plurality of timers which are visible and accessible only by said secure application program when executing in a secure execution mode.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The microprocessor apparatus as recited in claim 8, wherein transactions over said private bus between said x86-compatible microprocessor and said secure non-volatile memory are isolated from said system bus and corresponding system bus resources within said x86-compatible microprocessor.
  - 10. The microprocessor apparatus as recited in claim 8, wherein said x86-compatible microprocessor further comprises:
    - a plurality of machine specific registers which are visible and accessible only by said secure application program when executing in said secure execution mode, wherein selected ones of said plurality of machine specific registers are employed to enable load/store access to said plurality of timers.
  - 11. The microprocessor apparatus as recited in claim 8, wherein said x86-compatible microprocessor further comprises:
    - a secure time stamp counter, coupled to a core clock signal, configured to count the number of cycles of said core dock signal when said secure application program is executing.
  - 12. The microprocessor apparatus as recited in claim 11, wherein said secure time stamp counter is also coupled to a normal time stamp counter that is configured to count the number of cycles of said core clock signal when said secure application program is executing and when said secure application program is not executing.
  - 13. The microprocessor apparatus as recited in claim 12, wherein said secure time stamp counter is also coupled to a ratio machine specific register that is visible and accessible only by said secure application program when executing in said secure execution mode, wherein said ratio machine specific register is written by said secure application program to establish a maximum ratio between the values of said normal time stamp counter and said secure time stamp counter.
  - 14. The microprocessor apparatus as recited in claim 13, wherein said ratio is indicative of the number of times said secure application program has been called.
  - 15. The microprocessor apparatus as recited in claim 14, wherein, said secure time stamp counter reports when said ratio is exceeded to a watchdog manager.

16. A method for executing secure code within a secure execution environment, the method comprising:
- employing a cryptographic unit within an x86-compatible microprocessor to encrypt the secure code according to a symmetric key algorithm using a processor unique cryptographic key, wherein the processor unique cryptographic key can only be read by the cryptographic unit, and storing the secure code in encrypted form in a secure non-volatile memory, and wherein the x86-compatible microprocessor is capable of executing all of the instructions in the x86 instruction set, and wherein the x86-compatible microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions are allowed to execute in order to allow for user input and the display of messages, but the execution of more complicated software such as an operating system is not allowed;
  
  fetching the secure code in encrypted form from the secure non-volatile memory over a private bus for execution by the x86-compatible microprocessor that is coupled to the secure non-volatile memory, wherein the private bus is isolated from a system memory that is employed to store and access non-secure code for execution by the x86-compatible microprocessor, and from all system bus resources within the x86-compatible microprocessor and external to the microprocessor, and wherein the private bus is observable and accessible exclusively by secure execution logic within the x86-compatible microprocessor; and
  
  first providing a plurality of timers within the x86-compatible microprocessor for access by the secure code executing in a secure execution mode, wherein the plurality of timers are only visible to the secure code when executing in the secure execution mode.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The method as recited in claim 16, wherein said fetching comprises:
    - isolating transactions over the private bus between the x86-compatible microprocessor and the secure non-volatile memory from the system bus and corresponding system bus resources within the x86-compatible microprocessor.
  - 18. The method as recited in claim 16, further comprising:
    - second providing a plurality of machine specific registers for access only by the secure application program when executing in the secure execution mode, wherein the plurality of machine specific registers is visible only by the secure application program when executing in the secure execution mode, and wherein selected ones of the plurality of machine specific registers are employed to enable load/store access to said plurality of timers.
  - 19. The method as recited in claim 16, further comprising:
    - via a secure time stamp counter that is coupled to a core clock signal, first counting the number of cycles of the core clock signal when the secure application program is executing.
  - 20. The method as recited in claim 19, further comprising:
    - via a normal time stamp counter, second counting the number of cycles of the core clock signal when the secure application program is executing and when the secure application program is not executing.
  - 21. The method as recited in claim 20, further comprising:
    - via a ratio machine specific register that is visible and accessible only by the secure application program when executing in a secure execution mode, loading a value into the ratio machine specific register to establish a maximum ratio between the values of the normal time stamp counter and the secure time stamp counter.
  - 22. The method as recited in claim 21, wherein the ratio is indicative of the number of times the secure application program has been called.
  - 23. The method as recited in claim 22, wherein, the secure time stamp counter reports when the ratio is exceeded to a watchdog manager.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
VIA Technologies Incorporated (VIA Technologies)
Original Assignee
VIA Technologies Incorporated (VIA Technologies)
Inventors
Henry, G. Glenn, Parks, Terry
Primary Examiner(s)
Fennema, Robert
Assistant Examiner(s)
LINDLOF, JOHN M

Application Number

US12/263,206
Publication Number

US 20090292903A1
Time in Patent Office

2,062 Days
Field of Search

None
US Class Current

712/200
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/12   Protecting executable software

G06F 21/14   against software analysis o...

G06F 21/554   involving event detection a...

G06F 21/70   Protecting specific interna...

G06F 21/71   to assure secure computing ...

G06F 21/72   in cryptographic circuits

G06F 21/73   by creating or determining ...

G06F 21/74   operating in dual or compar...

G06F 21/82   Protecting input, output or...

Microprocessor providing isolated timers and counters for execution of secure code

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

134 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Microprocessor providing isolated timers and counters for execution of secure code

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

134 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links