公开(公告)号：US11023587B2

公开(公告)日：2021-06-01

申请号：US16147712

申请日：2018-09-29

Applicant: Apple Inc.

Inventor： Julien Oster ,  Eric S. Harmon ,  Mitchell K. Allison ,  Pierre-Olivier J. Martel ,  Damien P. Sorresso ,  Dallas B. De Atley ,  Ryan P. Nielsen

IPC: G06F9/00 ,  G06F15/177 ,  G06F21/57 ,  G06F12/14 ,  G06F12/0875

Abstract: In an embodiment, a system supports an external trust cache. That is, the trust cache is separate from the kernel image on the non-volatile storage in the system. During boot, the boot code may read the trust cache from the storage and write it to the working memory of the system (e.g. the Random Access Memory (RAM) forming the memory system in the system). The boot code may also validate the kernel image and write it to the memory system. The boot code may program a region register in the processor to define a region in the working memory that encompasses the kernel image and the trust cache, to protect the region from modification/tampering.