Trusted processing location within a graphics processing unit
First Claim
Patent Images
1. A method of extending trust from a trusted processor to a graphics processing unit to expand trusted processing in an electronic device, comprising:
- inserting, from a trusted security zone of the electronic device, a trusted kernel into the graphics processing unit of the electronic device, wherein the trusted security zone comprises a secure subsystem that is not accessible to hardware and software components outside the secure subsystem, and wherein the graphics processing unit is outside of the secure subsystem;
monitoring, by the trusted kernel in the graphics processing unit, an activity level of the graphics processing unit;
suspending, via the trusted kernel in the graphics processing unit, graphics processing on at least a portion of the graphics processing unit based on the monitoring;
repurposing, via the trusted kernel, at least the portion of the graphics processing unit to perform trusted processing by bringing at least the portion of the graphics processing unit into the secure subsystem; and
releasing, by the trusted processor of the trusted security zone, at least the portion of the graphics processing unit from trusted processing in the secure subsystem.
6 Assignments
0 Petitions
Accused Products
Abstract
A method of extending trust from a trusted processor to a graphics processing unit to expand trusted processing in an electronic device comprises inserting a trusted kernel into the graphics processing unit, monitoring the activity level of the graphics processing unit, suspending graphics processing on at least a portion of the graphics processing unit, repurposing a portion of the graphics processing unit to perform trusted processing, and releasing the portion of the graphics processing unit from trusted processing.
437 Citations
19 Claims
-
1. A method of extending trust from a trusted processor to a graphics processing unit to expand trusted processing in an electronic device, comprising:
-
inserting, from a trusted security zone of the electronic device, a trusted kernel into the graphics processing unit of the electronic device, wherein the trusted security zone comprises a secure subsystem that is not accessible to hardware and software components outside the secure subsystem, and wherein the graphics processing unit is outside of the secure subsystem; monitoring, by the trusted kernel in the graphics processing unit, an activity level of the graphics processing unit; suspending, via the trusted kernel in the graphics processing unit, graphics processing on at least a portion of the graphics processing unit based on the monitoring; repurposing, via the trusted kernel, at least the portion of the graphics processing unit to perform trusted processing by bringing at least the portion of the graphics processing unit into the secure subsystem; and releasing, by the trusted processor of the trusted security zone, at least the portion of the graphics processing unit from trusted processing in the secure subsystem. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method of increasing a trusted processing capacity of an electronic device, comprising:
-
providing, in a trusted security zone of the electronic device on a trusted processor, a trusted kernel, wherein the trusted security zone comprises a secure subsystem; inserting, from the trusted security zone of the trusted processor, the trusted kernel into a graphics processing unit of the electronic device; determining, by the trusted kernel, that the graphics processing unit has processing resources available based on an activity level of the graphics processing unit; repurposing, via the trusted kernel, a portion of the graphics processing unit from a graphics processing state to a trusted processing state in response to determining that the graphics processing unit has processing resources available, wherein the graphics processing state is outside of the secure subsystem and the trusted processing state is within the secure subsystem; and returning, by the trusted kernel, the portion of the graphics processing unit to the graphics processing state in response to a trigger. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer-implemented method of evaluating a graphics processing unit in an electronic device, comprising:
-
performing, by a trusted security zone of the electronic device, a confidence check on at least one kernel of the graphics processing unit of the electronic device, wherein the graphics processing unit is outside of a secure subsystem of the trusted security zone; comparing a current state of the graphics processing unit with an uncompromised state of the graphics processing unit stored in the trusted security zone of the electronic device; evaluating the integrity of the graphics processing unit based on the comparing; inserting, from the trusted security zone of the electronic device, a trusted kernel into the graphics processing unit of the electronic device responsive to the evaluating; suspending, via the trusted kernel inserted in the graphics processing unit, graphics processing on at least a portion of the graphics processing unit; and repurposing at least the portion of the graphics processing unit to perform non-graphics processing related tasks within the secure subsystem via the graphics processing unit and the trusted kernel in response to the suspending. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
Specification