Apparatus and method for precluding execution of certain instructions in a secure execution mode microprocessor

US 8,910,276 B2
Filed: 10/31/2008
Issued: 12/09/2014
Est. Priority Date: 05/24/2008
Status: Active Grant

First Claim

Patent Images

1. An apparatus providing for a secure execution environment, comprising:

a microprocessor, comprising;

one or more execution units, configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein said secure application program is executed in a secure execution mode;

a cryptographic unit;

a processor key register, coupled to said cryptographic unit, configured to store a cryptographic key that is unique to said microprocessor, wherein said cryptographic key is employed to encrypt said secure application program for storage, and wherein said processor key register can only be read by said cryptographic unit; and

secure execution mode logic, configured to monitor instructions within said secure application program, and configured to preclude execution of certain instructions; and

a secure non-volatile memory, coupled to said microprocessor via a private bus, configured to store said secure application program, wherein said secure application program is encrypted in said system memory according to an asymmetric cryptographic algorithm, and wherein, upon enablement of said secure execution mode, said microprocessor encrypts said secure application program according to a symmetric key algorithm and transfers said secure application program to said secure non-volatile memory over said private bus;

wherein said microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions, stored in a BIOS memory that is coupled to said microprocessor, are exclusively allowed to execute in order to allow for user input and the display of messages.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus providing for a secure execution environment is presented. The apparatus includes a microprocessor and a secure non-volatile memory. The microprocessor is configured to execute non-secure application programs and a secure application program, where the non-secure application programs are accessed from a system memory via a system bus, and where the secure application program is executed in a secure execution mode. The microprocessor has secure execution mode logic that is configured to monitor instructions within the secure application program, and that is configured to preclude execution of certain instructions. The secure non-volatile memory is coupled to the microprocessor via a private bus, and is configured to store the secure application program, where transactions over the private bus between the microprocessor and the secure non-volatile memory are isolated from the system bus and corresponding system bus resources within the microprocessor.

138 Citations

24 Claims

1. An apparatus providing for a secure execution environment, comprising:
- a microprocessor, comprising;
  
  one or more execution units, configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein said secure application program is executed in a secure execution mode;
  
  a cryptographic unit;
  
  a processor key register, coupled to said cryptographic unit, configured to store a cryptographic key that is unique to said microprocessor, wherein said cryptographic key is employed to encrypt said secure application program for storage, and wherein said processor key register can only be read by said cryptographic unit; and
  
  secure execution mode logic, configured to monitor instructions within said secure application program, and configured to preclude execution of certain instructions; and
  
  a secure non-volatile memory, coupled to said microprocessor via a private bus, configured to store said secure application program, wherein said secure application program is encrypted in said system memory according to an asymmetric cryptographic algorithm, and wherein, upon enablement of said secure execution mode, said microprocessor encrypts said secure application program according to a symmetric key algorithm and transfers said secure application program to said secure non-volatile memory over said private bus;
  
  wherein said microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions, stored in a BIOS memory that is coupled to said microprocessor, are exclusively allowed to execute in order to allow for user input and the display of messages.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus as recited in claim 1, wherein said certain instructions comprise one or more opcodes taken from an instruction set architecture corresponding to said microprocessor.
  - 3. The apparatus as recited in claim 1, wherein said secure execution mode logic comprises:
    - an instruction monitor, coupled to a secure code interface logic via a bus, configured to receive a value on said bus that corresponds to a specific instruction within said secure application program.
  - 4. The apparatus as recited in claim 3, wherein said value associates said specific instruction with a particular opcode within an instruction set architecture corresponding to said microprocessor.
  - 5. The apparatus as recited in claim 3, wherein said value associates said specific instruction with a subset of opcodes within an instruction set architecture corresponding to said microprocessor.
  - 6. The apparatus as recited in claim 3, wherein said secure execution mode logic further comprises:
    - an instruction array, coupled to said instruction monitor, configured to identify a subset of all of the instructions within an instruction set architecture corresponding to said microprocessor, said subset comprising those instructions which are allowed to execute in said secure execution mode.
  - 7. The apparatus as recited in claim 6, wherein said instruction array comprises a machine specific register.
  - 8. The apparatus as recited in claim 6, wherein said instruction array comprises one or more fuses which are programmed during fabrication.

9. A microprocessor apparatus, for executing secure code within a secure execution environment, the microprocessor apparatus comprising:
- a secure non-volatile memory, configured to store a secure application program, wherein said secure application program is encrypted in a system memory according to an asymmetric cryptographic algorithm, and wherein said secure application program is retrieved from said system memory and is encrypted using a cryptographic key, and transferred over a private bus to said secure non-volatile memory; and
  
  a microprocessor, coupled to said secure non-volatile memory via said private bus, said microprocessor comprising;
  
  one or more execution units, configured to execute non-secure application programs and said secure application program;
  
  a cryptographic unit;
  
  a processor key register, coupled to said cryptographic unit, configured to store said cryptographic key, wherein said cryptographic key is unique to said microprocessor, and wherein said cryptographic key is employed to encrypt said secure application program for storage into said secure non-volatile memory, and wherein said processor key register can only be read by said cryptographic unit; and
  
  secure execution mode logic, configured to monitor instructions within said secure application program, and configured to preclude execution of certain instructions;
  
  wherein said microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions, stored in a BIOS memory that is coupled to said microprocessor, are exclusively allowed to execute in order to allow for user input and the display of messages.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The microprocessor apparatus as recited in claim 9, wherein said certain instructions comprise one or more opcodes taken from an instruction set architecture corresponding to said microprocessor.
  - 11. The microprocessor apparatus as recited in claim 9, wherein said secure execution mode logic comprises:
    - an instruction monitor, coupled to a secure code interface logic via a bus, configured to receive a value on said bus that corresponds to a specific instruction within said secure application program.
  - 12. The microprocessor apparatus as recited in claim 11, wherein said value associates said specific instruction with a particular opcode within an instruction set architecture corresponding to said microprocessor.
  - 13. The microprocessor apparatus as recited in claim 11, wherein said value associates said specific instruction with a subset of opcodes within an instruction set architecture corresponding to said microprocessor.
  - 14. The microprocessor apparatus as recited in claim 11, wherein said secure execution mode logic further comprises:
    - an instruction array, coupled to said instruction monitor, configured to identify a subset of all of the instructions within an instruction set architecture corresponding to said microprocessor, said subset comprising those instructions which are allowed to execute in a secure execution mode.
  - 15. The microprocessor apparatus as recited in claim 14, wherein said instruction array comprises a machine specific register.
  - 16. The microprocessor apparatus as recited in claim 14, wherein said instruction array comprises one or more fuses which are programmed during fabrication.

17. A method for executing secure code within a secure execution environment, the method comprising:
- accessing the secure code in a system memory, wherein the secure code is encrypted according to an asymmetric cryptographic algorithm;
  
  via a cryptographic unit disposed within a microprocessor, encrypting the secure code using a cryptographic key, and transferring the secure code over a private bus to a secure non-volatile memory for storage of the secure code, said encrypting comprising;
  
  accessing a processor key register, coupled to the cryptographic unit, configured to store a cryptographic key that is unique to the microprocessor, wherein the cryptographic key is programmed into the processor key register during fabrication of the microprocessor, and wherein the processor key register can only be read by the cryptographic unit;
  
  accessing the secure code within the secure non-volatile memory via private transactions accomplished over a private bus that is coupled between the secure non-volatile memory and the microprocessor, wherein the private bus is isolated from all system bus resources within the microprocessor and external to the microprocessor, and wherein the private bus is observable and accessible exclusively by secure execution logic within the microprocessor;
  
  monitoring within the secure code prior to execution to detect certain instructions which are to be precluded from execution;
  
  if one or more of the certain instructions are detected by said monitoring, precluding execution of the secure code; and
  
  if none of the certain instructions are detected by said monitoring, employing one or more execution units disposed within the microprocessor to execute the secure code;
  
  wherein the microprocessor is also configured to automatically transition to a degraded mode where BIOS instructions, stored in a BIOS memory that is coupled to the microprocessor, are exclusively allowed to execute in order to allow for user input and the display of messages, but the execution of more complicated software such as an operating system is not allowed.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The method as recited in claim 17, wherein said certain instructions comprise one or more opcodes taken from an instruction set architecture corresponding to the microprocessor.
  - 19. The method as recited in claim 17, wherein said monitoring comprises:
    - providing, to an instruction monitor, a value on said bus that corresponds to a specific instruction within the secure code.
  - 20. The method as recited in claim 19, wherein said monitoring further comprises:
    - associating the specific instruction with a particular opcode within an instruction set architecture corresponding to the microprocessor.
  - 21. The method as recited in claim 19, wherein said monitoring further comprises:
    - associating the specific instruction with a subset of opcodes within an instruction set architecture corresponding to the microprocessor.
  - 22. The method as recited in claim 19, wherein said monitoring further comprises:
    - via an instruction array, coupled to the instruction monitor, identifying a subset of all of the instructions within an instruction set architecture corresponding to the microprocessor, the subset comprising those instructions which are allowed to execute in a secure execution mode.
  - 23. The method as recited in claim 22, wherein the instruction array comprises a machine specific register.
  - 24. The method as recited in claim 22, wherein the instruction array comprises one or more fuses which are programmed during fabrication.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
VIA Technologies Incorporated (VIA Technologies)
Original Assignee
VIA Technologies Incorporated (VIA Technologies)
Inventors
Henry, G. Glenn, Parks, Terry
Primary Examiner(s)
Lee, Chau

Application Number

US12/263,263
Publication Number

US 20090292853A1
Time in Patent Office

2,230 Days
Field of Search

726 16- 17, 726 21- 22, 726 26- 27, 710/311
US Class Current

726/22
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/12   Protecting executable software

G06F 21/14   against software analysis o...

G06F 21/554   involving event detection a...

G06F 21/70   Protecting specific interna...

G06F 21/71   to assure secure computing ...

G06F 21/72   in cryptographic circuits

G06F 21/73   by creating or determining ...

G06F 21/74   operating in dual or compar...

G06F 21/82   Protecting input, output or...

Apparatus and method for precluding execution of certain instructions in a secure execution mode microprocessor

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

138 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for precluding execution of certain instructions in a secure execution mode microprocessor

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

138 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links