IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0540613
(2000-03-31)
|
발명자
/ 주소 |
- Ellison,Carl M.
- Golliver,Roger A.
- Herbert,Howard C.
- Lin,Derrick C.
- McKeen,Francis X.
- Neiger,Gilbert
- Reneris,Ken
- Sutton,James A.
- Thakkar,Shreekant S.
- Mittal,Millind
|
출원인 / 주소 |
|
인용정보 |
피인용 횟수 :
32 인용 특허 :
194 |
초록
▼
A chipset is initialized in a secure environment for an isolated execution mode by an initialization storage. The secure environment has a plurality of executive entities and is associated with an isolated memory area accessible by at least one processor. The at least one processor has a plurality o
A chipset is initialized in a secure environment for an isolated execution mode by an initialization storage. The secure environment has a plurality of executive entities and is associated with an isolated memory area accessible by at least one processor. The at least one processor has a plurality of threads and operates in one of a normal execution mode and the isolated execution mode. The executive entities include a processor executive (PE) handler. PE handler data corresponding to the PE handler are stored in a PE handler storage. The PE handler data include a PE handler image to be loaded into the isolated memory area after the chipset is initialized. The loaded PE handler image corresponds to the PE handler.
대표청구항
▼
What is claimed is: 1. A processing system comprising: a processor to support an isolated execution mode, a normal execution mode, a first privilege ring within the normal execution mode for use by an operating system (OS) kernel, and a second privilege ring within the normal execution mode for use
What is claimed is: 1. A processing system comprising: a processor to support an isolated execution mode, a normal execution mode, a first privilege ring within the normal execution mode for use by an operating system (OS) kernel, and a second privilege ring within the normal execution mode for use by a software application; a memory responsive to the processor, the memory to include an isolated memory area, the isolated memory area to be inaccessible to the processor in the normal execution mode; a chipset responsive to the processor, the chipset to support the normal execution mode and the isolated execution mode; processor executive (PE) handler storage in the chipset to store at least part of a PE handler, the PE handler to be loaded into the isolated memory area during a boot process for the processing system after at least a portion of the processing system is initialized, the PE handler to manage, from the isolated execution mode, at least one subsequent operation in the boot process. 2. The processing system of claim 1, wherein the processing system enters the isolated execution mode before loading the PE handler into the isolated memory area. 3. The processing system of claim 1, further comprising: a thread count storage, the processing system to store, in the thread count storage, a thread count indicating a number of threads operating in the isolated execution mode. 4. The processing system of claim 3, further comprising: an initialization storage, the processing system to update the thread count in response to access to the initialization storage. 5. The processing system of claim 3, wherein the processing system provides indication of a failure mode in response to the thread count reaching a thread limit. 6. The processing system of claim 1, further comprising: a log storage to store identifiers of executive entities operating in the isolated execution mode. 7. The processing system of claim 1, further comprising: key storage to store a key to be used to handle one or more executive entities to operate in the isolated execution mode. 8. The processing system of claim 7, wherein the key comprises data based on a substantially random value generated by a manufacture of hardware for the processing system. 9. The processing system of claim 1, further comprising: storage responsive to the processor; and at least one executive entity encoded in the storage, the at least one executive entity selected from the group consisting of a processor executive (PE) and an operating system executive (OSE), the at least one executive entity to operate in the isolated execution mode. 10. The processing system of claim 1, further comprising: configuration storage to store a base value and a mask value, the processing system to establish the isolated memory area in the memory based at least in part on the base value and the mask value. 11. The processing system of claim 1, wherein the PE handler storage comprises substantially non-volatile storage. 12. A method comprising: initializing a processing system during a boot process for the processing system, wherein the processing system comprises a processor and a memory, the processing system to support an isolated execution mode, a normal execution mode, a first privilege ring within the normal execution mode for use by an operating system (OS) kernel, and a second privilege ring within the normal execution mode for use by a software application; during the boot process, establishing an isolated memory area in the memory, the isolated memory area to be inaccessible from the normal execution mode; and after at least a portion of the processing system is initialized, loading a processor executive (PE) handler into the isolated memory area, the PE handler to manage, from the isolated execution mode, at least one subsequent operation in the boot process. 13. The method of claim 12, wherein the processing system further comprises a chipset with a PE handler storage, the method further comprising: obtaining at least part of the PE handler from the PE handler storage of the chipset. 14. The method of claim 13, wherein the PE handler storage comprises substantially non-volatile storage. 15. The method of claim 12, further comprising: entering the isolated execution mode before loading the PE handler into the isolated memory area. 16. The method of claim 12, wherein the processing system further comprises a thread count storage, the method further comprising: storing a thread count in the thread count storage, the thread count indicating a number of threads operating in the isolated execution mode. 17. The method of claim 16, further comprising: providing indication of a failure mode in response to the thread count reaching a thread limit. 18. The method of claim 16, wherein the processing system further comprises an initialization storage, the method further comprising: updating the thread count in response to access to the initialization storage. 19. The method of claim 12, further comprising: operating one or more executive entities in the isolated execution mode; and storing identifiers of the executive entities operating in the isolated execution mode. 20. The method of claim 12, wherein the processing system comprises key storage to store a key, the method further comprising: using the key to handle one or more executive entities to operate in the isolated execution mode. 21. The method of claim 20, wherein the key comprises data based on a substantially random value generated by a manufacture of hardware for the processing system. 22. The method of claim 12, further comprising operating one or more executive entities in the isolated execution mode, wherein the executive entities comprise at least one entity selected from the group consisting of a processor executive (PE) and an operating system executive (OSE). 23. The method of claim 12, wherein the processing system comprises configuration storage to store a base value and a mask value, and the operation of establishing an isolated memory area in the memory comprises: using the base value and the mask value to establish the isolated memory area. 24. An apparatus comprising: a machine accessible medium; and instructions encoded in the machine accessible medium, wherein the instructions, when executed by a processor of a processing system, perform operations comprising: initializing at least part of the processing system during a boot process for the processing system, the processing system to support an isolated execution mode, a normal execution mode, a first privilege ring within the normal execution mode for use by an operating system (OS) kernel, and a second privilege ring within the normal execution mode for use by a software application; during the boot process, establishing an isolated memory area in a memory of the processing system, the isolated memory area to be inaccessible from the normal execution mode; and after at least a portion of the processing system is initialized, loading a processor executive (PE) handler into the isolated memory area, the PE handler to manage, from the isolated execution mode, at least one subsequent operation in the boot process. 25. The apparatus of claim 24, wherein the processing system further comprises a chipset with a PE handler storage, and the instructions perform operations comprising: obtaining at least part of the PE handler from the PE handler storage of the chipset. 26. The apparatus of claim 24, wherein the instructions perform operations comprising: causing the processor to enter the isolated execution mode before loading the PE handler into the isolated memory area. 27. The apparatus of claim 24, wherein the processing system further comprises a thread count storage, and the instructions perform operations comprising: storing a thread count in the thread count storage, the thread count indicating a number of threads operating in the isolated execution mode. 28. The apparatus of claim 27, wherein the instructions perform operations comprising: providing indication of a failure mode in response to the thread count reaching a thread limit. 29. The apparatus of claim 27, wherein the processing system further comprises an initialization storage, and the instructions perform operations comprising: updating the thread count in response to access to the initialization storage. 30. The apparatus of claim 24, wherein the instructions perform operations comprising: causing one or more executive entities to operate in the isolated execution mode; and storing identifiers of the executive entities operating in the isolated execution mode. 31. The apparatus of claim 24, wherein the processing system comprises key storage to store a key, and the instructions perform operations comprising: using the key to handle one or more executive entities to operate in the isolated execution mode. 32. The apparatus of claim 31, wherein the key comprises data based on a substantially random value generated by a manufacture of hardware for the processing system. 33. The apparatus of claim 24, wherein the instructions perform operations comprising: causing one or more executive entities to operate in the isolated execution mode, wherein the executive entities comprise at least one entity selected from the group consisting of a processor executive (PE) and an operating system executive (OSE). 34. The apparatus of claim 24, wherein the processing system comprises configuration storage to store a base value and a mask value, and the operation of establishing an isolated memory area in the memory comprises: using the base value and the mask value to establish the isolated memory area.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.