System and method for execution of a secured environment initialization instruction
First Claim
Patent Images
1. A secure computing system having logic for initiating a secure processing environment comprising:
- a processor to execute a first secure module to initialize the secure processing environment by establishing a root of trust usable to ensure that subsequent operations can be trusted;
a chipset having bus message security logic to monitor secure bus transactions associated with the first secure module and thereby verify that the first secure module and root of trust are secure; and
a secure virtual machine monitor (SVMM) module loaded in response to the first secure module after the root of trust has been established, the SVMM module preventing direct access to hardware resources from one or more untrusted operating systems, kernels, or applications.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for initiating secure operations in a microprocessor system is described. In one embodiment, one initiating logical processor initiates the process by halting the execution of the other logical processors, and then loading initialization and secure virtual machine monitor software into memory. The initiating processor then loads the initialization software into secure memory for authentication and execution. The initialization software then authenticates and registers the secure virtual machine monitor software prior to secure system operations.
239 Citations
9 Claims
-
1. A secure computing system having logic for initiating a secure processing environment comprising:
-
a processor to execute a first secure module to initialize the secure processing environment by establishing a root of trust usable to ensure that subsequent operations can be trusted; a chipset having bus message security logic to monitor secure bus transactions associated with the first secure module and thereby verify that the first secure module and root of trust are secure; and a secure virtual machine monitor (SVMM) module loaded in response to the first secure module after the root of trust has been established, the SVMM module preventing direct access to hardware resources from one or more untrusted operating systems, kernels, or applications. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification