Protecting confidential data with transactional processing in execute-only memory

US 9,665,373 B2
Filed: 06/26/2015
Issued: 05/30/2017
Est. Priority Date: 06/26/2015
Status: Active Grant

First Claim

Patent Images

1. A system for protecting confidential data, said system comprising:

a memory module to store an execute-only code page;

a transaction processor to enforce a transaction region associated with at least a portion of said code page; and

a processor to execute a load instruction fetched from said code page, said load instruction to load at least a portion of said confidential data from an immediate operand of said load instruction if a transaction mode of said transaction region is enabled.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Generally, this disclosure provides systems, devices, methods and computer readable media for protecting confidential data with transactional processing in execute-only memory. The system may include a memory module configured to store an execute-only code page. The system may also include a transaction processor configured to enforce a transaction region associated with at least a portion of the code page. The system may further include a processor configured to execute a load instruction fetched from the code page, the load instruction configured to load at least a portion of the confidential data from an immediate operand of the load instruction if a transaction mode of the transaction region is enabled.

12 Citations

View as Search Results

28 Claims

1. A system for protecting confidential data, said system comprising:
- a memory module to store an execute-only code page;
  
  a transaction processor to enforce a transaction region associated with at least a portion of said code page; and
  
  a processor to execute a load instruction fetched from said code page, said load instruction to load at least a portion of said confidential data from an immediate operand of said load instruction if a transaction mode of said transaction region is enabled.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, further comprising a register associated with said processor, wherein said load instruction is to load said confidential data to said register.
  - 3. The system of claim 1, wherein said processor is further to cause said load instruction to generate a fault if said transaction mode of said transaction region is not enabled.
  - 4. The system of claim 1, wherein said processor is further to cause said load instruction to load a pre-determined constant, said constant unassociated with said confidential data, if said transaction mode of said transaction region is not enabled.
  - 5. The system of claim 1, wherein said transaction processor is further to clear said loaded confidential data in response to an abort of said transaction mode.
  - 6. The system of claim 1, wherein said portion of said confidential data is encoded in said immediate operand such that said encoded data represents at least a portion of a no-operation (NOP) instruction sequence of said processor.
  - 7. The system of claim 1, wherein said processor is further to execute a check instruction to verify that execution is from said code page and to abort said transaction mode if said verification fails.

8. A method for protecting confidential data, said method comprising:
- establishing a code page in memory, said code page restricted to execute-only access;
  
  defining a transaction region associated with at least a portion of said code page; and
  
  executing a load instruction located in said code page, said load instruction to load at least a portion of said confidential data from an immediate operand of said load instruction if a transaction mode of said transaction region is enabled.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 9. The method of claim 8, wherein said load instruction is to load said confidential data to a register associated with a processor.
  - 10. The method of claim 8, wherein said load instruction is to generate a fault if said transaction mode of said transaction region is not enabled.
  - 11. The method of claim 8, wherein said load instruction is to load a pre-determined constant, said constant unassociated with said confidential data, if said transaction mode of said transaction region is not enabled.
  - 12. The method of claim 8, further comprising clearing said loaded confidential data in response to an abort of said transaction mode.
  - 13. The method of claim 8, further comprising clearing said loaded confidential data on exit of said transaction mode.
  - 14. The method of claim 8, further comprising encoding said portion of said confidential data in said immediate operand such that said encoded data represents at least a portion of a no-operation (NOP) instruction sequence.
  - 15. The method of claim 8, further comprising:
    - executing a pre-guard code segment before said load instruction, said pre-guard code segment to load a selected constant into a first location; and
      
      executing a post-guard code segment after said load instruction, said post-guard code segment to load said selected constant into a second location and to verify that the content of said first and said second locations match.
  - 16. The method of claim 8, further comprising executing a check instruction to verify that execution is from said code page and aborting said transaction mode if said verification fails.
  - 17. The method of claim 8, wherein said confidential data is an encryption key and said load instruction is dynamically generated based on information received over a secure network connection.
  - 18. The method of claim 8, wherein at least a portion of said code page is encrypted.

19. At least one non-transitory computer-readable storage medium having instructions stored thereon which when executed by a processor result in the following operations for protecting confidential data, said operations comprising:
- establishing a code page in memory, said code page restricted to execute-only access;
  
  defining a transaction region associated with at least a portion of said code page; and
  
  executing a load instruction located in said code page, said load instruction to load at least a portion of said confidential data from an immediate operand of said load instruction if a transaction mode of said transaction region is enabled.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 20. The computer-readable storage medium of claim 19, wherein said load instruction is to load said confidential data to a register associated with a processor.
  - 21. The computer-readable storage medium of claim 19, wherein said load instruction is to generate a fault if said transaction mode of said transaction region is not enabled.
  - 22. The computer-readable storage medium of claim 19, wherein said load instruction is to load a pre-determined constant, said constant unassociated with said confidential data, if said transaction mode of said transaction region is not enabled.
  - 23. The computer-readable storage medium of claim 19, further comprising clearing said loaded confidential data in response to an abort of said transaction mode.
  - 24. The computer-readable storage medium of claim 19, further comprising clearing said loaded confidential data on exit of said transaction mode.
  - 25. The computer-readable storage medium of claim 19, further comprising encoding said portion of said confidential data in said immediate operand such that said encoded data represents at least a portion of a no-operation (NOP) instruction sequence.
  - 26. The computer-readable storage medium of claim 19, further comprising:
    - executing a pre-guard code segment before said load instruction, said pre-guard code segment to load a selected constant into a first location; and
      
      executing a post-guard code segment after said load instruction, said post-guard code segment to load said selected constant into a second location and to verify that the content of said first and said second locations match.
  - 27. The computer-readable storage medium of claim 19, further comprising executing a check instruction to verify that execution is from said code page and aborting said transaction mode if said verification fails.
  - 28. The computer-readable storage medium of claim 19, wherein said confidential data is an encryption key and said load instruction is dynamically generated based on information received over a secure network connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Huntley, Barry E., Lemay, Michael, Durham, David M., Shanbhogue, Vedvyas, Sahita, Ravi L., Rajwar, Ravi
Primary Examiner(s)
Reza, Mohammad W

Application Number

US14/752,079
Publication Number

US 20160378490A1
Time in Patent Office

704 Days
Field of Search

713189
US Class Current
CPC Class Codes

G06F 11/0745   in an input/output transact...

G06F 11/0751   Error or fault detection no...

G06F 9/3004   to perform operations on me...

G06F 9/30076   to perform miscellaneous co...

G06F 9/30145   Instruction analysis, e.g. ...

G06F 9/30167   of immediate specifier, e.g...

G06F 9/30189   according to execution mode...

G06F 9/3802   Instruction prefetching

Protecting confidential data with transactional processing in execute-only memory

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Protecting confidential data with transactional processing in execute-only memory

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links