JP2024541488A - 処理ユニットのプロセッサ・コア上のセキュア・コード・セグメントの動作 - Google Patents

処理ユニットのプロセッサ・コア上のセキュア・コード・セグメントの動作 Download PDF

Info

Publication number
JP2024541488A
JP2024541488A JP2024531100A JP2024531100A JP2024541488A JP 2024541488 A JP2024541488 A JP 2024541488A JP 2024531100 A JP2024531100 A JP 2024531100A JP 2024531100 A JP2024531100 A JP 2024531100A JP 2024541488 A JP2024541488 A JP 2024541488A
Authority
JP
Japan
Prior art keywords
processor core
secure
execution
code segment
computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2024531100A
Other languages
English (en)
Japanese (ja)
Other versions
JP2024541488A5 (https=
Inventor
リヒテナウ、セドリック
ラング、ヤコブ
パッシュ、エベルハルト
ボーントレーガー、クリスチャン
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of JP2024541488A publication Critical patent/JP2024541488A/ja
Publication of JP2024541488A5 publication Critical patent/JP2024541488A5/ja
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4812Task transfer initiation or dispatching by interrupt, e.g. masked
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • G06F9/4881Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Physics (AREA)
  • Executing Machine-Instructions (AREA)
  • Advance Control (AREA)
  • Hardware Redundancy (AREA)
  • Multi Processors (AREA)
JP2024531100A 2021-12-03 2022-11-09 処理ユニットのプロセッサ・コア上のセキュア・コード・セグメントの動作 Pending JP2024541488A (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US17/457,446 US12602466B2 (en) 2021-12-03 2021-12-03 Operating a secure code segment on a processor core of a processing unit
US17/457,446 2021-12-03
PCT/EP2022/081213 WO2023099137A1 (en) 2021-12-03 2022-11-09 Operating a secure code segment on a processor core of a processing unit

Publications (2)

Publication Number Publication Date
JP2024541488A true JP2024541488A (ja) 2024-11-08
JP2024541488A5 JP2024541488A5 (https=) 2024-11-15

Family

ID=84363637

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2024531100A Pending JP2024541488A (ja) 2021-12-03 2022-11-09 処理ユニットのプロセッサ・コア上のセキュア・コード・セグメントの動作

Country Status (5)

Country Link
US (1) US12602466B2 (https=)
EP (1) EP4441601A1 (https=)
JP (1) JP2024541488A (https=)
TW (1) TWI804388B (https=)
WO (1) WO2023099137A1 (https=)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12602466B2 (en) 2021-12-03 2026-04-14 International Business Machines Corporation Operating a secure code segment on a processor core of a processing unit
US12045181B2 (en) * 2022-01-27 2024-07-23 Cypress Semiconductor Corporation System and method for blocking non-secure interrupts
TWI867608B (zh) * 2023-07-04 2024-12-21 新唐科技股份有限公司 處理裝置、韌體更新裝置及其韌體更新方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190102538A1 (en) * 2017-09-29 2019-04-04 Stmicroelectronics, Inc. Secure environment in a non-secure microcontroller
JP2019185092A (ja) * 2018-04-02 2019-10-24 大日本印刷株式会社 デバイス、プログラム、インジケータ情報送信方法、及びインジケータ情報表示方法
JP2020528608A (ja) * 2017-07-25 2020-09-24 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation セキュリティ・モジュールを備えた、コンピュータ・システム・ソフトウェア/ファームウェアおよび処理装置

Family Cites Families (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7225333B2 (en) * 1999-03-27 2007-05-29 Microsoft Corporation Secure processor architecture for use with a digital rights management (DRM) system on a computing device
US7003676B1 (en) * 2001-05-10 2006-02-21 Advanced Micro Devices, Inc. Locking mechanism override and disable for personal computer ROM access protection
EP1870814B1 (en) 2006-06-19 2014-08-13 Texas Instruments France Method and apparatus for secure demand paging for processor devices
US7707578B1 (en) 2004-12-16 2010-04-27 Vmware, Inc. Mechanism for scheduling execution of threads for fair resource allocation in a multi-threaded and/or multi-core processing system
US20080271027A1 (en) 2007-04-27 2008-10-30 Norton Scott J Fair share scheduling with hardware multithreading
US8219996B1 (en) 2007-05-09 2012-07-10 Hewlett-Packard Development Company, L.P. Computer processor with fairness monitor
US20090031314A1 (en) 2007-07-25 2009-01-29 Microsoft Corporation Fairness in memory systems
US7996663B2 (en) 2007-12-27 2011-08-09 Intel Corporation Saving and restoring architectural state for processor cores
US8522354B2 (en) * 2008-05-24 2013-08-27 Via Technologies, Inc. Microprocessor apparatus for secure on-die real-time clock
JP4778035B2 (ja) 2008-11-07 2011-09-21 インターナショナル・ビジネス・マシーンズ・コーポレーション 外部資源を排他使用しながら実行される命令の実行時間の遅延を防ぐためのコンピュータ・システム、並びにその方法及びコンピュータ・プログラム
JP2013152636A (ja) 2012-01-25 2013-08-08 Toyota Motor Corp 情報処理装置、タスクスケジューリング方法
WO2014108743A1 (en) * 2013-01-09 2014-07-17 Freescale Semiconductor, Inc. A method and apparatus for using a cpu cache memory for non-cpu related tasks
US9183399B2 (en) 2013-02-14 2015-11-10 International Business Machines Corporation Instruction set architecture with secure clear instructions for protecting processing unit architected state information
CA2915620C (en) 2013-06-18 2022-12-13 Ciambella Ltd. Method and apparatus for code virtualization and remote process call generation
JP2015014966A (ja) 2013-07-05 2015-01-22 日本電気株式会社 情報処理装置、情報処理方法、および、情報処理プログラム
US9594927B2 (en) 2014-09-10 2017-03-14 Intel Corporation Providing a trusted execution environment using a processor
WO2016094840A2 (en) 2014-12-11 2016-06-16 Ghosh Sudeep System, method & computer readable medium for software protection via composable process-level virtual machines
US10719420B2 (en) 2015-02-10 2020-07-21 International Business Machines Corporation System level testing of multi-threading functionality including building independent instruction streams while honoring architecturally imposed common fields and constraints
US11354128B2 (en) * 2015-03-04 2022-06-07 Intel Corporation Optimized mode transitions through predicting target state
DE102015213263A1 (de) * 2015-07-15 2017-01-19 Siemens Aktiengesellschaft Prozessor mit wahlweise einschaltbaren Sicherheitsfunktionen
US9864879B2 (en) 2015-10-06 2018-01-09 Micron Technology, Inc. Secure subsystem
CN109858288B (zh) 2018-12-26 2021-04-13 中国科学院信息工程研究所 实现虚拟机安全隔离的方法与装置
US11307857B2 (en) 2019-12-05 2022-04-19 Marvell Asia Pte, Ltd. Dynamic designation of instructions as sensitive for constraining multithreaded execution
US11372647B2 (en) 2019-12-05 2022-06-28 Marvell Asia Pte, Ltd. Pipelines for secure multithread execution
CN111753311B (zh) 2020-08-28 2020-12-15 支付宝(杭州)信息技术有限公司 超线程场景下安全进入可信执行环境的方法及装置
US12602466B2 (en) 2021-12-03 2026-04-14 International Business Machines Corporation Operating a secure code segment on a processor core of a processing unit
US12314755B2 (en) 2021-12-03 2025-05-27 International Business Machines Corporation Scheduling a secure code segment on a processor core of a processing unit
US12185029B2 (en) * 2021-12-13 2024-12-31 Hanwha Vision Co., Ltd. Apparatus and method for transmitting images and apparatus and method for receiving images
US12368908B2 (en) * 2022-04-19 2025-07-22 Nvidia Corporation Video streaming scaling using virtual resolution adjustment

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2020528608A (ja) * 2017-07-25 2020-09-24 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation セキュリティ・モジュールを備えた、コンピュータ・システム・ソフトウェア/ファームウェアおよび処理装置
US20190102538A1 (en) * 2017-09-29 2019-04-04 Stmicroelectronics, Inc. Secure environment in a non-secure microcontroller
JP2019185092A (ja) * 2018-04-02 2019-10-24 大日本印刷株式会社 デバイス、プログラム、インジケータ情報送信方法、及びインジケータ情報表示方法

Also Published As

Publication number Publication date
EP4441601A1 (en) 2024-10-09
TWI804388B (zh) 2023-06-01
WO2023099137A1 (en) 2023-06-08
TW202324078A (zh) 2023-06-16
US12602466B2 (en) 2026-04-14
US20230177143A1 (en) 2023-06-08

Similar Documents

Publication Publication Date Title
JP2024541488A (ja) 処理ユニットのプロセッサ・コア上のセキュア・コード・セグメントの動作
US20180032338A1 (en) Clearing specified blocks of main storage
RU2678513C2 (ru) Эффективная маршрутизация прерываний для многопоточного процесса
US9626281B2 (en) Call stack display with program flow indication
US10552812B2 (en) Scenario based logging
US20210073379A1 (en) Mitigating threats to container-based workloads
US11157281B2 (en) Prefetching data based on register-activity patterns
JP2024541487A (ja) 処理ユニットのプロセッサ・コア上のセキュア・コード・セグメントのスケジューリング
US10831493B2 (en) Hardware apparatus to measure memory locality
US10002022B2 (en) Processing interrupt requests
US20170371732A1 (en) Method for debugging static memory corruption
US20170123800A1 (en) Selective resource activation based on privilege level
US20230185903A1 (en) Protection of call stack
US20180300269A1 (en) Configurable processor interrupts for allowing an application to independently handle interrupts
US10223013B2 (en) Processing input/output operations in a channel using a control block
US9857979B2 (en) Optimizing page boundary crossing in system memory using a reference bit and a change bit
US9575666B2 (en) Efficient register preservation on processors
US10289420B2 (en) Lightweight interrupts for floating point exceptions using enable bit in branch event status and control register (BESCR)
US9628323B1 (en) Selective routing of asynchronous event notifications
JP2023552560A (ja) 制御シーケンス内の依存関係の識別方法、システム、プログラム
US20180225430A1 (en) Execution control of computer software instructions

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20241105

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20250415

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20260130

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20260203

RD12 Notification of acceptance of power of sub attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7432

Effective date: 20260306

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20260309

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A821

Effective date: 20260306