Examples are disclosed for establishing a secure destination address range responsive to initiation of a direct memory access (DMA) operation. The examples also include allowing decrypted content obtained as encrypted content from a source memory to be placed at a destination memory based on whether
Examples are disclosed for establishing a secure destination address range responsive to initiation of a direct memory access (DMA) operation. The examples also include allowing decrypted content obtained as encrypted content from a source memory to be placed at a destination memory based on whether destination memory addresses for the destination memory fall within the secure destination address range.
대표청구항▼
1. An apparatus, comprising: logic, at least a portion of the logic implemented in hardware, the logic to: identify a destination address in a shared memory, the destination address associated with a memory operation;validate the destination address based on a secured destination address range;decry
1. An apparatus, comprising: logic, at least a portion of the logic implemented in hardware, the logic to: identify a destination address in a shared memory, the destination address associated with a memory operation;validate the destination address based on a secured destination address range;decrypt content associated with the memory operation based on validation of the destination address; andstore the decrypted content associated with the memory operation to the destination address based on validation of the destination address. 2. The apparatus of claim 1, the secured destination address range comprising a valid destination start address and a valid destination end address. 3. The apparatus of claim 2, the logic to set the secured destination address range by storing the valid destination start address in a valid destination start address register and storing the valid destination end address in a valid destination end address register. 4. The apparatus of claim 1, the memory operation comprising a cryptographic direct memory access operation. 5. The apparatus of claim 1, the destination address comprised in a direct memory access (DMA) table. 6. The apparatus of claim 5, the logic to store the DMA table in the shared memory. 7. The apparatus of claim 1, the logic to: identify a second destination address in the shared memory, the second destination address associated with the memory operation;invalidate the second destination address based on the secured destination address range; andhalt the memory operation based on invalidation of the second destination address. 8. The apparatus of claim 7, the logic to generate an error indication based on invalidation of the second destination address. 9. A computer-implemented method, comprising: identifying a destination address in a shared memory, the destination address associated with a memory operation;validating the destination address based on a secured destination address range;decrypting content associated with the memory operation based on validation of the destination address; andstoring the decrypted content associated with the memory operation to the destination address based on validation of the destination address. 10. The computer-implemented method of claim 9, the secured destination address range comprising a valid destination start address and a valid destination end address. 11. The computer-implemented method of claim 10, comprising setting the secured destination address range by storing the valid destination start address in a valid destination start address register and storing the valid destination end address in a valid destination end address register. 12. The computer-implemented method of claim 9, the memory operation comprising a cryptographic direct memory access operation. 13. The computer-implemented method of claim 9, the destination address comprised in a direct memory access (DMA) table. 14. The computer-implemented method of claim 13, comprising storing the DMA table in the shared memory. 15. The computer-implemented method of claim 9, comprising: identifying a second destination address in the shared memory, the second destination address associated with the memory operation;invalidating the second destination address based on the secured destination address range; andhalting the memory operation based on invalidation of the second destination address. 16. The computer-implemented method of claim 15, comprising generating an error indication based on invalidation of the second destination address. 17. An apparatus, comprising: logic, at least a portion of the logic implemented in hardware, the logic to: set a valid destination range register, a source address register, and a destination address register based on initiation of a direct memory access (DMA) operation, the valid destination range register to establish a secure destination range at a secure destination memory to place decrypted content;determine the DMA operation has concluded; andclear the valid destination range register based on conclusion of the DMA operation. 18. The apparatus of claim 17, the logic to set the valid destination range register in response to initiation of a cryptographic DMA operation. 19. The apparatus of claim 17, the logic to set the source and destination address registers based on a scatter-gather list. 20. The apparatus of claim 19, the scatter-gather list located in a shared memory. 21. A computer-implemented method, comprising: setting a valid destination range register, a source address register, and a destination address register based on initiation of a direct memory access (DMA) operation, the valid destination range register to establish a secure destination range at a secure destination memory to place decrypted content;determining the DMA operation has concluded; andclearing the valid destination range register based on conclusion of the DMA operation. 22. The computer-implemented method of claim 21, comprising setting the valid destination range register in response to initiation of a cryptographic DMA operation. 23. The computer-implemented method of claim 21, comprising setting the source and destination address registers based on a scatter-gather list. 24. The computer-implemented method of claim 23, the scatter-gather list located in a shared memory.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (39)
Poisner, David I., Apparatus and method for content protection using one-way buffers.
Nakai, Yoshiyuki; Sumida, Koichi; Yamanouchi, Takao; Shimazawa, Yohichi, Data processing apparatus for selecting either a PIO data transfer method or a DMA data transfer method.
Kurauchi, Nobukazu, Data processing device, data processing method, data processing program, recording medium containing the data processing program and integrated circuit.
Crosmer, Julianne R.; Bendickson, John G., Mechanism to enhance and enforce multiple independent levels of security in a microprocessor memory and I/O bus controller.
Blumrich Matthias Augustin (208 E. Stanworth Dr. Princeton NJ 08540) Dubnicki Cezary (110 Prospect St. ; Apt. E2 Princeton NJ 08540) Felten Edward William (20 Lake La. Princeton NJ 08540) Li Kai (73 , Method and system for initiating and loading DMA controller registers by using user-level programs.
Goss, Steven C.; Conti, Gregory R.; Shankar, Narendar; Akkar, Mehdi-Laurent; Vial, Aymeric, Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices.
Goss, Steven C.; Conti, Gregory R.; Shankar, Narendar; Akkar, Mehdi-Laurent; Vial, Aymeric, Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices.
Goss, Steven; Conti, Gregory Remy Philippe; Shankar, Narendar M.; Akkar, Mehdi-Laurent; Vial, Aymeric, Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices.
Goss, Steven; Conti, Gregory Remy Philippe; Shankar, Narendar M.; Akkar, Mehdi-Laurent; Vial, Aymeric, Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices.
Goss, Steven; Conti, Gregory Remy Philippe; Shankar, Narendar M.; Akkar, Mehdi-Laurent; Vial, Aymeric, Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.