公开(公告)号：US10192054B2

公开(公告)日：2019-01-29

申请号：US14026372

申请日：2013-09-13

申请人： Intel Corporation

发明人： Shanwei Cen ,  Kirk D. Brannock

IPC分类号： G06F21/57 ,  G06F21/82

摘要： Methods and systems may provide for receiving at a secure element of a system, during a boot process of the system, a first pairing authentication value from a pairing agent. In addition, a pairing key may be received from the pairing agent, wherein the first pairing authentication value and the pairing key may be used to establish a trusted channel between the secure element and an input output (IO) device coupled to the system. In one example, the first pairing authentication value is accepted only if the first pairing authentication value is received prior to a predetermined stage of the boot process.

公开(公告)号：US11783064B2

公开(公告)日：2023-10-10

申请号：US15941992

申请日：2018-03-30

申请人： INTEL CORPORATION

发明人： Kirk D. Brannock ,  Barry E. Huntley

IPC分类号： G06F21/62 ,  G06F21/64 ,  G06F21/74

CPC分类号： G06F21/6218 ,  G06F21/64 ,  G06F21/74

摘要： Various embodiments are generally directed to an apparatus, method and other techniques to detect an access request to access a computing resource while in a system management mode (SMM), determine a bit of a lock register is set to enable access to a bitmap associated with the computing resource, the bitmap to indicate an access policy for the computing resource, and determine whether the access request violate the access policy set in the bitmap. Embodiments may also include performing the access request if the access request does not violate the access policy, and causing a fault if the access request does violate the access policy.

公开(公告)号：US11199980B2

公开(公告)日：2021-12-14

申请号：US16056490

申请日：2018-08-06

申请人： INTEL CORPORATION

发明人： Kirk D. Brannock ,  Barry E. Huntley

IPC分类号： G06F3/06 ,  G06F9/30 ,  G06F21/55 ,  G06F21/57 ,  G06F21/79

摘要： Various embodiments are generally directed to an apparatus, method and other techniques for determining a region of the memory for which to store information, inserting the information into the region of the memory, and applying one or more characteristics to the region of the memory via an instruction set architecture (ISA) operation, the one or more characteristics comprising an immutable characteristic to prevent modification of the information in the region of the memory.

公开(公告)号：US10776283B2

公开(公告)日：2020-09-15

申请号：US15089235

申请日：2016-04-01

申请人： INTEL CORPORATION

发明人： Kirk D. Brannock ,  Barry E. Huntley ,  Vincent J. Zimmer

IPC分类号： G06F12/14 ,  G06F13/24 ,  G06F12/1009

摘要： Various embodiments are generally directed to an apparatus, method and other techniques for allocating a portion of the memory as system management random access memory (SMRAM) including a system management interrupt (SMI) handler for a system management mode (SMM), the SMI handler to handle SMIs for the SMM, generating a page table for the SMM, the page table comprising one or more mapped pages to map virtual addresses to physical addresses for the SMM, and setting one or more page table attributes for the page table to prevent a malicious code attack on the SMM.

公开(公告)号：US09582663B2

公开(公告)日：2017-02-28

申请号：US14960709

申请日：2015-12-07

申请人： Intel Corporation

发明人： Stephen A. Fischer ,  Kevin C. Gotze ,  Yuriy Bulygin ,  Kirk D. Brannock

IPC分类号： G06F21/50 ,  G06F21/55 ,  G06F21/56 ,  G06F9/30

CPC分类号： G06F21/552 ,  G06F9/30145 ,  G06F21/566 ,  G06F2221/034

摘要： In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification.

摘要翻译： 在一个实施例中，处理器包括至少一个执行单元和返回定向编程（ROP）检测逻辑。 ROP检测逻辑可以基于多个控制传送事件来确定ROP度量。 ROP检测逻辑还可以确定ROP度量是否超过阈值。 ROP检测逻辑还可以响应于ROP度量超过阈值的确定，提供ROP攻击通知。

公开(公告)号：US20190050232A1

公开(公告)日：2019-02-14

申请号：US16024781

申请日：2018-06-30

申请人： INTEL CORPORATION

发明人： Kirk D. Brannock

IPC分类号： G06F9/4401 ,  G06F13/24

摘要： Various embodiments are generally directed to an apparatus, method and other techniques for gathering configuration information of a computer system during a system management mode of the computer system and exposing the gathered configuration information to securely attest to the configuration of the system.

公开(公告)号：US09251348B2

公开(公告)日：2016-02-02

申请号：US13799663

申请日：2013-03-13

申请人： Intel Corporation

发明人： Stephen A. Fischer ,  Kevin C. Gotze ,  Yuriy Bulygin ,  Kirk D. Brannock

IPC分类号： G06F21/50 ,  G06F21/56

CPC分类号： G06F21/552 ,  G06F9/30145 ,  G06F21/566 ,  G06F2221/034

摘要： In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification.

公开(公告)号：US10769269B2

公开(公告)日：2020-09-08

申请号：US16024781

申请日：2018-06-30

申请人： INTEL CORPORATION

发明人： Kirk D. Brannock

IPC分类号： G06F21/44 ,  G06F9/4401 ,  G06F13/24 ,  G06F9/455 ,  G06F21/70 ,  G06F21/30

摘要： Various embodiments are generally directed to an apparatus, method and other techniques for gathering configuration information of a computer system during a system management mode of the computer system and exposing the gathered configuration information to securely attest to the configuration of the system.

公开(公告)号：US20170116414A1

公开(公告)日：2017-04-27

申请号：US15398930

申请日：2017-01-05

申请人： Intel Corporation

发明人： Stephen A. Fischer ,  Kevin C. Gotze ,  Yuriy Bulygin ,  Kirk D. Brannock

IPC分类号： G06F21/55 ,  G06F9/30 ,  G06F21/56

CPC分类号： G06F21/552 ,  G06F9/30145 ,  G06F21/566 ,  G06F2221/034

摘要： In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification.

公开(公告)号：US20160085966A1

公开(公告)日：2016-03-24

申请号：US14960709

申请日：2015-12-07

申请人： Intel Corporation

发明人： Stephen A. Fischer ,  Kevin C. Gotze ,  Yuriy Bulygin ,  Kirk D. Brannock

IPC分类号： G06F21/55 ,  G06F9/30

CPC分类号： G06F21/552 ,  G06F9/30145 ,  G06F21/566 ,  G06F2221/034

摘要： In one embodiment, a processor includes at least one execution unit and Return Oriented Programming (ROP) detection logic. The ROP detection logic may determine a ROP metric based on a plurality of control transfer events. The ROP detection logic may also determine whether the ROP metric exceeds a threshold. The ROP detection logic may also, in response to a determination that the ROP metric exceeds the threshold, provide a ROP attack notification.

摘要翻译： 在一个实施例中，处理器包括至少一个执行单元和返回定向编程（ROP）检测逻辑。 ROP检测逻辑可以基于多个控制传送事件来确定ROP度量。 ROP检测逻辑还可以确定ROP度量是否超过阈值。 ROP检测逻辑还可以响应于ROP度量超过阈值的确定，提供ROP攻击通知。