公开(公告)号：US10311236B2

公开(公告)日：2019-06-04

申请号：US15358640

申请日：2016-11-22

申请人： Advanced Micro Devices, Inc. ,  ATI Technologies ULC

发明人： Kathirkamanathan Nadarajah ,  Oswin Housty ,  Sergey Blotsky ,  Tan Peng ,  Hary Devapriyan Mahesan

IPC分类号： G06F9/00 ,  G06F15/177 ,  G06F21/57 ,  G06F9/4401

摘要： Systems, apparatuses, and methods for performing secure system memory training are disclosed. In one embodiment, a system includes a boot media, a security processor with a first memory, a system memory, and one or more main processors coupled to the system memory. The security processor is configured to retrieve first data from the boot media and store and authenticate the first data in the first memory. The first data includes a first set of instructions which are executable to retrieve, from the boot media, a configuration block with system memory training parameters. The security processor also executes a second set of instructions to initialize and train the system memory using the training parameters. After training the system memory, the security processor retrieves, authenticates, and stores boot code in the system memory and releases the one or more main processors from reset to execute the boot code.

公开(公告)号：US20240330205A1

公开(公告)日：2024-10-03

申请号：US18129305

申请日：2023-03-31

申请人： ADVANCED MICRO DEVICES, INC. ,  ATI TECHNOLOGIES ULC

发明人： William A. Moyes ,  Carlos Javier Moreira ,  Kathirkamanathan Nadarajah ,  Keith Graham Shaw

IPC分类号： G06F12/14 ,  G06F21/72 ,  H04L9/14

CPC分类号： G06F12/1408 ,  G06F21/72 ,  H04L9/14 ,  G06F2212/1052

摘要： A processing system includes one or more storage encryption circuits (SIECs) interconnected with one or more input/output (I/O) devices and a system memory. Each SIEC is configured to encrypt and decrypt data as the data passes between the I/O devices and the system memory. To this end, an SIEC includes slots each associated with respective memory addresses of the system memory. Each slot provides an aperture to the associated memory addresses such that the I/O devices use these apertures to indirectly target the associated memory addresses. As the data targeting the memory addresses associated with an aperture passes through an SIEC, the SIEC encrypts or decrypts the data using cryptographic keys stored on the SIEC.

公开(公告)号：US20180144136A1

公开(公告)日：2018-05-24

申请号：US15358640

申请日：2016-11-22

申请人： Advanced Micro Devices, Inc. ,  ATI Technologies ULC

发明人： Kathirkamanathan Nadarajah ,  Oswin Housty ,  Sergey Blotsky ,  Tan Peng ,  Hary Devapriyan Mahesan

IPC分类号： G06F21/57 ,  G06F9/44 ,  G06F21/44

CPC分类号： G06F21/575 ,  G06F9/4405

摘要： Systems, apparatuses, and methods for performing secure system memory training are disclosed. In one embodiment, a system includes a boot media, a security processor with a first memory, a system memory, and one or more main processors coupled to the system memory. The security processor is configured to retrieve first data from the boot media and store and authenticate the first data in the first memory. The first data includes a first set of instructions which are executable to retrieve, from the boot media, a configuration block with system memory training parameters. The security processor also executes a second set of instructions to initialize and train the system memory using the training parameters. After training the system memory, the security processor retrieves, authenticates, and stores boot code in the system memory and releases the one or more main processors from reset to execute the boot code.

公开(公告)号：US20140143885A1

公开(公告)日：2014-05-22

申请号：US13681861

申请日：2012-11-20

申请人： ATI TECHNOLOGIES ULC

发明人： Sergey BLOTSKY ,  Kathirkamanathan Nadarajah ,  Jianfei Ye ,  Xing Yue Zhang

IPC分类号： G06F21/12

CPC分类号： G06F21/121 ,  G06F21/572 ,  G06F2221/2141 ,  G06F2221/2149 ,  H04L63/10

摘要： A device receives a request to use a software program, determines a comparison indicator based on receiving the request, and determines whether a license for the software program is valid based on a license validity indicator, stored in a secure environment, and the comparison indicator. The device permits execution of secure code stored in the secure environment when the license is determined to be valid, and prevents execution of the secure code stored in the secure environment when the license is determined to be invalid.

摘要翻译： 设备接收使用软件程序的请求，基于接收到请求确定比较指示符，并且基于存储在安全环境中的许可证有效性指示符和比较指示器来确定软件程序的许可证是否有效。 当许可证被确定为有效时，该设备允许执行存储在安全环境中的安全代码，并且当许可证被确定为无效时，防止执行存储在安全环境中的安全代码。

公开(公告)号：US11301566B2

公开(公告)日：2022-04-12

申请号：US16502733

申请日：2019-07-03

申请人： ATI Technologies ULC

发明人： Kathirkamanathan Nadarajah ,  Benedict Chien

IPC分类号： G06F15/177 ,  G06F9/00 ,  G06F21/57 ,  G06F9/4401 ,  G06F9/445 ,  G06F21/71 ,  G06F8/65

摘要： A platform security processor is booted and reads a set of write-once memory bits to obtain a minimum security patch level (SPL). The security processor then verifies that a table SPL for a firmware security table is greater than or equal to the minimum SPL. The firmware security table includes a plurality of firmware identifiers for firmware code modules, and a plurality of check SPL values each associated with respective one of the firmware identifiers. The security processor verifies SPL values in a plurality of firmware code modules by, for each firmware code module, accessing the module to obtain its firmware SPL value and check if the respective firmware SPL value is equal to or greater than a respective check SPL value in the firmware security table.

公开(公告)号：US20240187619A1

公开(公告)日：2024-06-06

申请号：US18073725

申请日：2022-12-02

申请人： ATI TECHNOLOGIES ULC

发明人： Xingyue Zhang ,  Krzysztof Socha ,  Catalin Beju ,  Kathirkamanathan Nadarajah ,  Gia Tung Phan ,  Weimin Chen ,  Tow Wang

IPC分类号： H04N19/42

CPC分类号： H04N19/42

摘要： A compute device implements a technique for facilitating selective access to hardware codec resources. The compute device executes, in a trusted execution environment, firmware for controlling graphics hardware of a device that supports a plurality of video codecs. The compute device obtains codec control data specific to the device from a remote system and then configures the firmware to implement a codec policy for selectively providing access to the plurality of video codecs based on the codec control data.

公开(公告)号：US20180165426A1

公开(公告)日：2018-06-14

申请号：US15373214

申请日：2016-12-08

申请人： ATI Technologies ULC

发明人： Kathirkamanathan Nadarajah ,  Randall Brown ,  Sergey Blotsky ,  Xing Yue Zhang

IPC分类号： G06F21/10 ,  G06F21/62 ,  G06F21/71

CPC分类号： G06F21/10

摘要： Systems, apparatuses, and methods for implementing digital rights management using a GPU are disclosed. In one embodiment, a system includes at least a GPU, a security processor, and a memory. The GPU is configured to execute a first portion of a binary and detect that a second portion of the binary is encrypted. The second portion of the binary includes enhanced content that is available for purchase. If the user purchases the enhanced content, a license server generates a token specific to the security processor of the system and conveys the token to the system. Next, the security processor decrypts the second portion of the binary using the token and stores the decrypted second portion of the binary at a memory location accessible by the first processor. Then, the first processor executes the second portion of the binary.

公开(公告)号：US20210004466A1

公开(公告)日：2021-01-07

申请号：US16502733

申请日：2019-07-03

申请人： ATI Technologies ULC

发明人： Kathirkamanathan Nadarajah ,  Benedict Chien

IPC分类号： G06F21/57 ,  G06F9/4401 ,  G06F8/65 ,  G06F9/445 ,  G06F21/71

摘要： A platform security processor is booted and reads a set of write-once memory bits to obtain a minimum security patch level (SPL). The security processor then verifies that a table SPL for a firmware security table is greater than or equal to the minimum SPL. The firmware security table includes a plurality of firmware identifiers for firmware code modules, and a plurality of check SPL values each associated with respective one of the firmware identifiers. The security processor verifies SPL values in a plurality of firmware code modules by, for each firmware code module, accessing the module to obtain its firmware SPL value and check if the respective firmware SPL value is equal to or greater than a respective check SPL value in the firmware security table.

公开(公告)号：US10534730B1

公开(公告)日：2020-01-14

申请号：US16228360

申请日：2018-12-20

申请人： ATI TECHNOLOGIES ULC

发明人： Kathirkamanathan Nadarajah ,  Anthony Asaro

IPC分类号： G06F13/16 ,  G06F3/06 ,  G06F9/455

摘要： A first processor that has a trusted relationship with a trusted memory region (TMR) that includes a first region for storing microcode used to execute a microcontroller on a second processor and a second region for storing data associated with the microcontroller. The microcontroller supports a virtual function that is executed on the second processor. An access controller is configured by the first processor to selectively provide the microcontroller with access to the TMR based on whether the request is to write in the first region. The access controller grants read requests from the microcontroller to read from the first region and denies write requests from the microcontroller to write to the first region. The access controller grants requests from the microcontroller to read from the second region or write to the second region.