< Back
Sign In to Follow Application
View All Documents & Correspondence
Login

Seamless Access To Trusted Domain Protected Memory By Virtual Machine Manager Using Transformer Key Identifier

Abstract: In one embodiment, an apparatus includes a processor comprising at least one core to execute instructions of a plurality of virtual machines (VMs) and a virtual machine monitor (VMM), and a cryptographic engine to protect data associated with the plurality of VMs through use of a plurality of private keys and a trusted transformer key, where each of the plurality of private keys are to protect program instructions and data of a respective VM and the trusted transformer key is to protect management structure data for the plurality of VMs. The processor is further to provide, to the VMM, read and write access to the management structure data through an untrusted transformer key

Get Free WhatsApp Updates!
Notices, Deadlines & Correspondence

Patent Information

Application #
Filing Date
24 August 2022
Publication Number
13/2023
Publication Type
INA
Invention Field
COMPUTER SCIENCE
Status
Email
Parent Application

Applicants

Intel Corporation
2200 Mission College Boulevard, Santa Clara, California 95054, United States of America

Inventors

1. David M. Durham
20431 SW Tremont Way Beaverton Oregon USA 97007
2. Siddhartha Chhabra
5584 NW 131st Ave. Portland Oregon USA 97229

Specification

Description:[0001] This The present application claims priority to U.S. Non-Provisional Patent Application No. 17/485,146 filed on 24 September 2021 and titled “SEAMLESS ACCESS TO TRUSTED DOMAIN PROTECTED MEMORY BY VIRTUAL MACHINE MANAGER USING TRANSFORMER KEY IDENTIFIER” the entire disclosure of which is hereby incorporated by reference.

TECHNICAL FIELD
[0002] This disclosure relates in general to the field of computing systems and, more particularly, to data access and protection.

BACKGROUND
[0003] Protecting memory in computer systems from software bugs and security vulnerabilities is a significant concern. A malicious actor may attempt to access data which it is not authorized to access. Integrity protection and encryption are common ways to protect data stored in memory.

BRIEF DESCRIPTION OF THE DRAWINGS
[0004] FIG. 1 illustrates a computing system in accordance with certain embodiments.
[0005] FIGS. 2A-2B illustrate example architectures in which private trusted domain (TD) code and data are protected
[0006] FIG. 3 depicts a flow for servicing an access request specifying the transformer KeyID in accordance with certain embodiments.
[0007] FIG. 4 illustrates a flow for writing data using a KeyID in accordance with certain embodiments.
[0008] FIG. 5 illustrates a flow for reading data using a KeyID in accordance with certain embodiments.
[0009] FIG. 6 illustrates a flow for handling a fault raised in response to reading data written with an untrusted transformer KeyID.
[0010] FIG. 7 is a block diagram illustrating an example processor core and memory according to at least one embodiment.
[0011] FIG. 8A is a block diagram illustrating both an exemplary in-order pipeline and an exemplary register renaming, out-of-order issue/execution pipeline in accordance with certain embodiments.
[0012] FIG. 8B is a block diagram illustrating both an exemplary embodiment of an in-order architecture core and an exemplary register renaming, out-of-order issue/execution architecture core to be included in a processor in accordance with certain embodiments.
[0013] FIG. 9 is a block diagram of an example computer architecture according to at least one embodiment.
[0014] FIG. 10 is a block diagram contrasting the use of a software instruction converter to convert binary instructions in a source instruction set to binary instructions in a target instruction set according to embodiments of the present disclosure.
[0015] Like reference numbers and designations in the various drawings indicate like elements.
, Claims:1.An apparatus comprising:
a processor comprising:
at least one core to execute instructions of a plurality of virtual machines (VMs) and a virtual machine monitor (VMM); and
a cryptographic engine comprising circuitry to protect data associated with the plurality of VMs through use of a plurality of private keys and a trusted transformer key, wherein each of the plurality of private keys are to protect program instructions and data of a respective VM and the trusted transformer key is to protect management structure data for the plurality of VMs;
wherein the processor is to provide, to the VMM, read and write access to the management structure data through an untrusted transformer key.

2. The apparatus of claim 1, wherein the processor is to, upon detecting that management structure data is protected using the untrusted transformer key, cause the VMM-written data to be decrypted by using the untrusted transformer key and encrypted using the trusted transformer key.

3. The apparatus of claim 2, wherein the processor is further to validate the management structure data prior to encrypting the management structure data using the trusted transformer key.

4. The apparatus of claim 1 or 2, wherein the cryptographic engine is to:
set a trusted domain (TD) bit for writes to the management structure data using a private key of the plurality of private keys or the trusted transformer key; and
unset the TD bit for writes to the management structure data using the untrusted transformer key.


5. The apparatus of any one of claims 1-4, wherein the cryptographic engine is to:
access management structure data in response to a read;
return the accessed data to the core for reads using a private key of the plurality of private keys, the trusted transformer key, or the untrusted transformer key; and
return poisoned and zeroed data to the core for reads using other keys.

6. The apparatus of claim 5, wherein the cryptographic engine is, before returning the accessed data to the core, to perform an integrity check on the accessed data based on the key used to access the data.

7. The apparatus of any one of claims 1-6, wherein the management structure data comprises page tables mapping guest physical addresses to physical addresses of a memory.

8. The apparatus of any one of claims 1-6, further comprising a memory to store program instructions and data of the plurality of VMs encrypted using the private keys.

9. The apparatus of any one of claims 1-6, wherein the cryptographic engine is to encrypt the management structure data using one of the trusted transformer key or the untrusted transformer key.

10. The apparatus of any one of claims 1-6, wherein the cryptographic engine is to integrity protect the management structure data using one of the trusted transformer key or the untrusted transformer key.

11. A method comprising:
executing instructions of a plurality of virtual machines (VMs) and a virtual machine monitor (VMM);
protecting data associated with the plurality of VMs through use of a plurality of private keys and a trusted transformer key, wherein each of the plurality of private keys are to protect program instructions and data of a respective VM and the trusted transformer key is to protect management structure data for the plurality of VMs; and
providing, to the VMM, read and write access to the management structure data through an untrusted transformer key.

12. The method of claim 11, further comprising, in response to a request to read management structure data:
detecting that the management structure data is protected using the untrusted transformer key;
accessing the management structure data protected with the untrusted transformer key;
decrypting the management structure data using the untrusted transformer key; and
encrypting the management structure data using the trusted transformer key.

13. The method of claim 12, wherein detecting that the management structure data is protected using the untrusted transformer key is based on a trusted domain (TD) bit corresponding to the management structure data not being set.

14. The method of claim 13, further comprising setting the TD bit for the management structure data based on encrypting the management structure data using the trusted transformer key.

15. The method of claim 12, further comprising generating a message authentication code (MAC) for the management structure data based on the trusted transformer key.

16. The method of any one of claims 11-15, wherein the management structure data comprises page tables mapping guest physical addresses to physical addresses of a memory.

17. The method of any one of claims 11-15, wherein protecting the management structure data using the trusted transformer key comprises encrypting the management structure data based on the trusted transformer key.

18. The method of any one of claims 11-15, wherein protecting the management structure data using the trusted transformer key comprises integrity protecting the management structure data based on the trusted transformer key.

Documents

Application Documents

# Name Date
1 202244048229-FORM 1 [24-08-2022(online)].pdf 2022-08-24
2 202244048229-DRAWINGS [24-08-2022(online)].pdf 2022-08-24
3 202244048229-DECLARATION OF INVENTORSHIP (FORM 5) [24-08-2022(online)].pdf 2022-08-24
4 202244048229-COMPLETE SPECIFICATION [24-08-2022(online)].pdf 2022-08-24
5 202244048229-FORM-26 [24-11-2022(online)].pdf 2022-11-24
6 202244048229-FORM 3 [21-02-2023(online)].pdf 2023-02-21
7 202244048229-FORM 3 [21-08-2023(online)].pdf 2023-08-21
8 202244048229-Proof of Right [10-10-2023(online)].pdf 2023-10-10
9 202244048229-FORM 3 [21-02-2024(online)].pdf 2024-02-21
10 202244048229-FORM 18 [17-09-2025(online)].pdf 2025-09-17