CN1252597C - Control access to multiple independent memories in one independent execution environment - Google Patents

Abstract

The present invention provides a method, apparatus and system for controlling memory access to multiple independent memory regions in independent execution environments. The page manager is used to distribute a plurality of pages to a plurality of different areas of the memory, respectively. The memory is divided into a non-independent area and an independent area. The page manager is located in a separate area of memory. In addition, the memory ownership page table describes the attributes of each page in memory and is located in a separate region of memory. The page manager assigns a separate attribute to a page if it is distributed to a separate area of memory. On the other hand, if a page is distributed to a non-independent area of memory, the page manager assigns it a non-independent attribute. The memory ownership page table records the attributes of each page. In one embodiment, a processor having a normal execution mode and a stand-alone execution mode generates an access transaction. The access transaction is configured with a configuration store containing information relating to pages and access information. The access checking circuit coupled to the configuration settings and the access information generates an access grant signal if the access transaction is valid.

Description

Control access to multiple independent memories in one independent execution environment

background

field of invention

This invention relates to microprocessors. Especially related to processor security.

Description of related technologies

Advances in microprocessors and communications technology have opened up many opportunities for applications that go beyond traditional ways of doing business. Electronic commerce (E-commerce) and business-to-business (B2B) transactions are becoming popular and spreading across the global market at an ever-increasing rate. Unfortunately, while modern microprocessor systems provide users with convenient and efficient methods of doing business, communicating and transacting, they are also vulnerable to unscrupulous attacks. Examples of such attacks include viruses, intrusions, security breaches, and tampering, the list goes on. Therefore, computer security is becoming more and more important to protect the integrity of computer systems and enhance the credit value of users.

The threat posed by an attack can take many forms. An invasive attack initiated remotely by a hacker can disrupt the normal operation of a system connected to thousands or even hundreds of users. A virus program can destroy code and/or data on a single-user platform.

Existing techniques for protecting systems from attacks have many flaws. Antivirus programs can only scan and detect known viruses. Security coprocessors or smart cards that use encryption or other security techniques have limitations in speed performance, storage capacity, and adaptability. Furthermore, redesigning the operating system can cause software compatibility issues and require significant development investment.

Figure overview

The characteristics and advantages of the present invention will be clearly seen from the following detailed description of the invention:

Figure 1A is a diagram depicting an operating system according to one embodiment of the present invention.

Figure 1B is a diagram depicting the accessibility of different elements of the operating system and processor and a single contiguous independent memory according to one embodiment of the present invention.

1C is a diagram similar to FIG. 1B depicting the accessibility of different elements of the operating system and processor, particularly multiple independent memory areas and multiple non-independent memory areas, according to one embodiment of the present invention.

Figure 1D is a flowchart illustrating a method of distributing memory pages to individual execution entities in accordance with one embodiment of the present invention.

Figure 1E is a diagram depicting a method for describing memory ownership page tables and converting virtual addresses to physical addresses, according to one embodiment of the present invention.

Figure IF is a diagram depicting a computer system in which one embodiment of the present invention is practiced.

FIG. 2A is a diagram depicting the stand-alone implementation circuit shown in FIG. 1F according to one embodiment of the present invention.

Figure 2B is a diagram illustrating the access manager of Figure 2A, according to one embodiment of the present invention.

Figure 3A is a diagram illustrating access checks according to one embodiment of the present invention.

FIG. 4 is a flowchart illustrating a method for generating an access grant signal for a stand-alone execution, according to one embodiment of the present invention.

Figure 5 is a flow chart depicting a method for managing process and thread operations for independent execution, according to one embodiment of the present invention.

FIG. 6 is a diagram depicting individual region access control in the memory controller hub (MCH) shown in FIG. 1F according to one embodiment of the present invention.

FIG. 7 is a diagram illustrating the MCH access check circuit shown in FIG. 6 according to one embodiment of the present invention.

FIG. 8 is a flowchart illustrating a method of generating an access grant signal for independent execution of the MCH, according to one embodiment of the present invention.

describe

The present invention is a method, device and system for controlling storage access to multiple independent memories in an independent execution environment. A page manager is used to distribute multiple pages to different memory regions respectively. Memory is divided into dependent and independent areas. The page manager resides in a separate area of memory. In addition, a memory ownership page table describes each page of memory and is also located in a separate area of memory. If a page is allocated to a separate area of memory, the page manager assigns the page separate attribute. On the other hand, if a page is allocated to a non-isolated area of memory, the page manager assigns the non-isolated attribute to the page. The memory ownership page table records the attributes of each page.

In one embodiment, a processor having a normal execution mode and an independent execution mode generates an access transaction. Configure access transactions with a configuration store containing configuration settings. An access transaction includes access information like the physical address of storage to be accessed. The configuration settings provide information about the memory pages involved in the access transaction. Configuration settings include page attributes that define whether the page is standalone or non-standalone and establish the execution mode word when the processor is configured in standalone mode. In one embodiment, the execution mode word is a single bit indicating whether the processor is in independent execution mode. Access checking circuitry coupled to the configuration storage area checks access transactions with at least one of configuration settings and access information.

In one embodiment, the access checking circuit includes a TLB access checking circuit. If the access transaction is valid, the TLB access check circuit generates an access permission signal. Especially when the page attribute is set to independent and the execution mode word signal is established, the TLB access checking circuit generates an access permission signal to the independent area of the memory. Therefore, when a processor requests a physical address in an isolated region of memory, the access transaction will only be allowed if the processor is running in independent execution mode and the attribute of the page associated with the physical address is set to independent.

In the following description, for purposes of explanation, numerous details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that these specific details are not required to practice the invention. In other instances, well-known electronic devices and circuits are described in block diagram form in order not to obscure the present invention.

Architecture overview

One principle of providing security in a computer system or platform is the concept of independent execution architecture. Execution-independent architecture includes the logical and physical definition of hardware and software components interconnected directly or indirectly with the operating system of a computer system or platform. Operating systems and processors can have multi-level structures corresponding to various operating modes, which are called rings. A ring is a division of hardware and software components designed to perform specific tasks in an operating system. Segmentation is usually based on priority or prioritization, the ability to change platforms. For example, Ring-0 is the innermost ring and is at the highest level of the entire hierarchy. Ring-0 includes the most critical and highest priority components. Additionally, modules in ring-0 can also access lower priority data, but not vice versa. Ring-3 is the outermost ring, located at the lowest level of the entire system. Ring-3 typically includes the lowest priority users or applications. Ring-1 and Ring-2 represent intermediate rings with decreasing levels of security and/or protection.

FIG. 1A is a diagram depicting a logic execution architecture 50 in accordance with the present invention. Logical execution structure 50 is an abstraction of operating system components and processors. Logical operating architecture 50 includes ring-0 10, ring-1 20, ring-2 30, ring-3 40 and processor core loader 52. Processor core loader 52 is a processor execution instance (PE) manager. The PE manager is used to process and/or manage processor execution entities, which will be discussed later. The logic operation system 50 has two operation modes: normal execution mode and independent execution mode. Each ring in the logical operating system can operate in two modes. Processor core loader 52 can only run in standalone execution mode.

Ring-0 10 includes two parts: normal execution ring-0 11 and independent execution ring-0 15. Normal execution ring-0 11 includes software modules that are critical to the operating system, often called the kernel. These software modules include a main operating system (eg, kernel) 12 , software drivers 13 and hardware drivers 14 . The independent execution ring-0 15 includes an operating system (OS) core 16 and a processor core 18. OS core 16 and processor core 18 are examples of an OS execution entity (OSE) and a processor execution entity (PE), respectively. OSEs and PEs are part of an execution entity running in a protected environment associated with an independent zone and an independent execution mode. Processor core loader 52 is a protected bootloader built into a chipset in the system and is responsible for loading processor cores 18 from the processor or chipset into a separate area, which will be discussed later.

Likewise, Ring-1 20, Ring-2 30, and Ring-3 40 include normal execution Ring-1 21, Ring-2 31, Ring-3 41 and independent execution Ring-1 25, Ring-2 35, and Ring-3 40, respectively. 3 45. In particular, the normal execution ring-3 includes N application programs 42 _l to 42 _N , and the independent execution ring-3 includes K small application programs (Applets) 46 _l to 46 _K . One concept of the independent execution architecture is the creation of independent sections of system memory, called isolated regions, that are protected by the processor and chipset in the computer system. Separate regions can also be located in cache memory, protected by translation lookaside buffer (TLB) access checks. Likewise, an independent region can be subdivided into independent regions, which are discussed later. Only the processor's front-side bus (FSB) uses special bus (for example, memory read and write) cycles, called independent read and write cycles, to allow access to independent regions. These special bus cycles are also used for listening. Independent read and write cycles are issued by the processor executing in independent execution mode. The standalone execution mode is initiated using privileged instructions in the processor in conjunction with the processor core loader 52 . Processor core loader 52 verifies and loads ring-0 core software modules (eg, processor cores 18) into separate regions. Processor core 18 provides hardware-related services for independent execution.

One of the tasks of the processor core 18 is to verify and load the ring-0 OS 16 into a separate region and generate a key architectural root unique to the combination of platform, processor, and operating system core 16. The processor core 18 provides initial setup and low-level management of the individual areas, including authentication, loading and logging of the operating system core 16, and management of symmetric keys that protect the operating system core's secrets. Processor core 18 may also provide application programming interface (API) abstractions to low-level security services provided by other hardware.

The operating system kernel 16 provides links to services in the main OS (e.g., an unprotected segment of the operating system), provides page management within a separate area, and is responsible for loading Ring-3 application modules 45 (including applets _46L to _46K ) into protected pages allocated in separate regions. The operating system kernel 16 also loads the ring-0 support modules. It will be discussed that the main OS12 manages pages located outside the isolated area.

Operating system kernel 16 can choose between independent regions and normal (eg, non-isolated) memory for paging for data. If so, the operating system kernel 16 is also responsible for encrypting and hashing (Hash) the independent area page before evicting the page to the common memory, and is responsible for checking the page content when restoring the page. Standalone mode applets ₄₆₁ to _46K and their data pairs from other applets as well as from non-standalone space applications (for example, ₄₂₁ to _42N ), dynamic link libraries (DLLs), drivers and even main operating All software attacks of the system 12 are anti-jamming and anti-surveillance. Only the processor core 18 or operating system core 16 can intervene or monitor the execution of applets.

FIG. 1B is a diagram depicting the accessibility of various components of the operating system 10 and processor, according to one embodiment of the present invention. For ease of description, only the components of Ring-0 10 and Ring-3 40 are shown. Different units in the logical runtime 50 access the accessible physical memory 60 according to their ring hierarchy and execution mode.

The accessible physical memory 60 includes an independent area 70 and a non-independent area 80 . Independent area 70 includes Java application pages 72 and core pages 74 . Non-isolated area 80 includes application program pages 80 and operating system pages 84 . The isolated area 70 can only be accessed by the operating system and components of the processor running in an isolated execution mode. Non-isolated area 80 is accessible by all components of the ring-0 operating system and processor.

Normal execution ring-0 11 includes main OS 12 , software driver 13 and hardware driver 14 and can access OS page 84 and application program page 82 . Normal execution ring-3 includes applications ₄₂₁ to _42N and can only access application page 82. But neither ring-0 11 nor ring-3 41 can access the independent area 70 normally.

The independent execution ring-0 15 includes the OS core 16 and the processor core 18, and has access to the independent area 70, which includes the applet page 72 and the core page 74, and the non-isolated area 80, which includes the application program page 82 and OS page 84. The independent execution ring-3 includes applets ₄₆₁ to _46K and can only access application page 82 and applet page 72. Applets ₄₆₁ through _46K reside in separate area 70.

Fig. 1C is a diagram similar to Fig. 1B, describing the accessibility of different units in the operating system and processor according to an embodiment of the present invention, wherein the independent storage area 70 is divided into a plurality of independent storage areas 71, non-independent storage The area 80 is divided into a plurality of non-independent storage areas 83 . For ease of description, only elements of Ring-0 10 and Ring-3 40 are shown. Logical runtimes 50 access accessible physical memory 60 according to their ring hierarchy and execution mode. Accessible physical memory 60 includes a plurality of independent areas 71 and non-independent areas 83 .

A plurality of independent areas 71 includes applet pages 72 and operating system (OS) core pages 74 . One of the plurality of independent regions 71 also includes a processor core 18 (ie, a processor execution entity (PE)) implemented in a processor core page 73 . The plurality of dependent areas 83 includes application program pages 82 and operating system (OS) pages 84 . Multiple independent regions 71 can only be accessed by elements of the operating system and processor running in independent execution mode. The non-isolated area 83 is accessible by all elements of the ring-0 operating system and processor.

In the embodiment shown in Figure 1C, the isolated memory area 70 is partitioned into a set of multiple isolated memory areas 71, as opposed to the single block of isolated memory areas shown in Figure IB, allowing for enhanced platform functionality in the use of isolated memories. To support multiple independent memory areas 71 , OS core 16 (ie, OS Executing Entity (OSE)) implemented in OS core pages 74 includes page manager 75 and memory ownership page table 77 . The OS core controls the page manager 75 . Page manager 75 is responsible for distributing pages to multiple independent storage areas 71 , such as OS core pages 74 and applet pages 72 , and to non-isolated storage areas 83 , such as OS pages 84 and application pages 82 . The page manager 75 also manages and maintains a memory ownership page table 77 . As will be discussed later, the memory ownership page table 77 describes each plane and is used to help configure the processor's access transactions and further verify that the access transactions are valid. By allowing page manager 75 to create multiple independent storage areas 71 and multiple dependent storage areas 83, accessible physical memory 60 can more easily accommodate changes in system storage requirements.

Normal execution ring-0 11 includes main OS 12 , software driver 13 and hardware driver 14 and can access OS page 84 and application program page 82 . Normal execution ring-3 includes applications ₄₂₁ to _42N and can only access application page 82. However, normal execution of ring-0 11 and ring-3 41 cannot access multiple independent storage areas 71 .

The independent execution ring-0 15 includes the OS core 16 and the processor core 18, and can access a plurality of independent storage areas 71 and a plurality of non-independent storage areas 83, and the plurality of independent storage areas 71 include applet pages 72 and OS core pages 74 , a plurality of non-independent storage areas 83 including application program pages 82 and OS pages 84 . The independent execution ring-345 includes applets ₄₆₁ to _46K and can only access application page 82 and applet page 72. Applets ₄₆₁ to _46K reside in a plurality of independent storage areas 71 .

Figure ID is a flowchart depicting a method 86 of distributing memory pages for stand-alone execution, in accordance with one embodiment of the present invention.

From START, method 86 distributes memory pages to different regions of accessible physical memory 60, respectively (block 87). Pages are distributed to the independent area 71 and the non-independent area 83 . In the preferred embodiment the page size is fixed. For example, each page can be 4MB or 4KB. The method 86 then assigns attributes to each page (block 88). If a page is allocated to an independent region of memory, method 86 assigns the page non-isolated attribute, otherwise if a page is allocated to a non-isolated region of memory, method 86 assigns the page non-isolated attribute.

FIG. 1E is a diagram illustrating a memory ownership page table 77 and a method of converting virtual addresses to physical addresses in accordance with the present invention. Page manager 75 manages memory ownership page table 77 as previously described. Memory ownership page table 77 includes a plurality of page table records 93 . Each page table record 93 includes the following components: the base address of the page 95 and the attributes 96 of the page (independent or non-independent). Only the page manager 75 can change the properties 96 assigned to a page. Each page 98 includes a plurality of physical addresses 99 . Page manager 75 flushes memory ownership page table 77 or invalidates page table entries 93 when independent and non-independent storage areas change. The page table manager 75 then reallocates and initializes the independent and non-independent storage areas.

Virtual address 212 includes page table portion 91 and offset 92 . A method of converting virtual address 212 to physical address 99 will be discussed later.

Figure IF is a depiction of a computer system 100 in which one embodiment of the present invention is practiced. Computer system 100 includes processor 110, host bus 120, memory controller hub (MCH) 130, system memory 140, input/output controller hub (ICH) 150, non-volatile memory or system flash memory 160, mass storage devices 170 , input/output devices 175 , token bus 180 , main board (MB) token 182 , reader 184 and token 186 . The MCH 130 can be integrated into chipsets that integrate features like standalone execution mode, host-to-peripheral bus interface and memory control. Likewise, the ICH 150 can be integrated into a chipset either together with or separate from the MCH 130 to perform I/O functions. For clarity, not all peripheral buses are shown. It is contemplated that system 100 may also include peripheral buses, such as Peripheral Component Interconnect (PCI), Accelerated Graphics Port (AGP), Industry Standard Architecture (ISA) bus, Universal Serial Bus (USB), and the like.

Processor 110 represents a central processing unit of any type of architecture, such as Complex Instruction Set Computer (CISC), Reduced Instruction Set Computer (RISC), Very Long Instruction Word (VLIW), and hybrid architectures. In one embodiment, processor 110 is compatible with Intel Architecture (IA) processors, such as the Pentium( ^TM) series, IA-32 ^(TM) , and IA-64 ^(TM) . Processor 110 includes normal execution mode 112 and independent execution circuitry 115 . Normal execution mode 112 is a mode in which the processor operates in a non-protected environment or a normal environment without the security features provided by the independent execution mode. Independent execution circuitry 115 provides a mechanism to allow processor 110 to operate in an independent execution mode. The standalone execution circuit 115 provides hardware and software support for the standalone execution mode. This support includes configuration of independent execution, definition of one or more independent regions, definition of independent pointers (eg, decode and execute), generation of independent access bus cycles, and generation of independent mode interrupts.

In one embodiment, computer system 100 may be a single processor system, such as a desktop computer, that has only one main central processing unit, such as processor 110 . In other embodiments, computer system 100 may include multiple processors, such as processors 110, 110a, 110b, etc., as shown in Figure ID. Thus, computer system 100 may be a multi-processor computer system having multiple processors. For example, multiprocessor computer system 100 can operate as part of a server or workstation environment. The basic description and operation of processor 110 will be discussed in detail below. Those skilled in the art will recognize that the basic description and operation of processor 110 according to one embodiment of the present invention can be applied to other processors 110a and 110b shown in FIG. 1 and possibly in multiprocessor computer system 100. any number of processors.

Processor 110 may also include multiple logical processors. Logical processors are sometimes called threads. A logical processor is a functional unit of a physical processor that has architectural state and physical resources allocated according to some partitioning policy. In the context of the present invention, the terms "thread" and "logical processor" are used to refer to the same thing. A multi-threaded processor is a processor that has multiple threads or multiple logical processors. A multiprocessor system (eg, a system including processors 110, 110a, and 110b) may have multiple multithreaded processors.

Host bus 120 provides interface signals to allow processor 110 or processors 110, 110a and 110b to communicate with other processors or devices (eg, MCH 130). In addition to the normal mode, host bus 120 provides an independent access bus mode with corresponding interface signals for memory reads and writes when processor 110 is configured in an independent execution mode. The independent access bus mode is maintained when the memory access is initiated when the processor 110 is in the independent execution mode. The independent access bus mode is also established for instruction prefetch and cache write-back cycles if the address is within the independent region address range and processor 110 is configured for independent execution mode. If an independent access bus cycle is established and processor 110 is initialized to an independent execution mode, processor 110 responds to a snoop cycle to an address cached within the independent region address range.

MCH 130 provides control and configuration of memory and input/output devices such as system memory 140 and ICH 150. The MCH 130 provides interface circuitry to identify and service individual access requests on memory access bus cycles, including individual memory read and write cycles. In addition, MCH 130 has memory range registers (eg, base address and length registers) to represent one or more separate regions in system memory 140. Once configured, the MCH 130 relinquishes any access to independent regions for which no independent access buses have been established.

System memory 140 stores system code and data. System memory 140 is typically implemented with dynamic random access memory (DRAM) or static random access memory (SRAM). System memory 140 includes accessible physical memory 60 (shown in FIGS. 1B and 1C ). Accessible physical memory includes a loaded operating system 142 , a separate area 70 ( FIG. 1B ) or multiple separate areas 71 ( FIG. 1C ), and a separate control and state space 148 . Loaded operating system 142 is the portion of the operating system that is loaded into system memory 140 . The loaded OS 142 is typically loaded from a mass storage device via boot code in a boot device such as a boot read-only memory (ROM). Isolated region 70 (FIG. IB) or isolated region 71 (FIG. 1C) is a region of memory defined by the processor when operating in an isolated execution mode. Access to the independent area is constrained and performed by the processor 110 and/or the MCH 130 or other chipset integrating the independent area functionality. Independent control and state space 148 is an independent address space similar to input/output (I/O) defined by processor 110 and/or MCH 130. Independent control and state space 148 primarily contains independent execution control and status registers. The independent control and state space 148 does not overlap with any existing address space and can only be accessed with independent bus cycles. System memory 140 may also include other programs or data not shown.

ICH 150 represents a known single point in a system with independently performing functions. For clarity, only ICH 150 is shown. System 100 may also have multiple ICHs similar to ICH 150. When there are multiple ICHs, a designated ICH is selected to control the configuration and status of the independent regions. In one embodiment, this selection is accomplished by external ribbon pins. Those skilled in the art will appreciate that other selection methods are also possible, including the use of programmable configuration registers. The ICH150 has various functions designed to support independent execution mode in addition to traditional I/O functions. In particular, ICH 150 includes independent bus cycle interface 152, processor core loader 52 (shown in FIG. 1A ), digest memory 154, encryption key storage area 155, independent execution logic manager 156, and token bus interface 159 .

Independent bus cycle interface 152 includes circuitry to interface with individual bus cycles to recognize and service individual bus cycles, such as individual read and write bus cycles. Processor core loader 152, shown in FIG. 1A, includes the processor core loader code and its digest (eg, hash) value. The processor core loader 52 is started by executing the appropriate independent instruction (eg, Iso-Init), and then transferred to one of the independent area 70 or the independent area 71 . From the isolated area, the processor core loader 52 copies the processor core from the system flash memory (e.g., the processor core code 18 in the non-volatile memory 160) into the isolated area 70, verifies and records its integrity, and manages A key used to secure the processor core. In one embodiment, processor core loader 52 is implemented in read-only memory (ROM). For security reasons, the processor core loader 52 is invariable, anti-interference and irreplaceable. Digest memory 154, typically implemented in RAM, stores digest (e.g., hash) values for loaded processor cores 18, operating system cores 16, and any other critical modules (e.g., ring-0 modules) loaded into separate spaces .

The encryption key storage area 155 holds symmetric encryption/decryption keys unique to the platform of the system 100 . In one embodiment, encryption key storage area 155 includes an internal fuse that is programmed at the time of manufacture. Alternatively, it can also be created with a random number generator and pin strips. Independent execution logical process manager 156 manages the operation of logical processors operating in independent execution mode. In one embodiment, the independent execution logical process manager 156 includes a logical processor count register which tracks the number of logical processors participating in independent execution mode. The token bus interface 159 is connected to the token bus 180 . The combination of the Processor Core Loader Digest, Processor Core Digest, OS Core Digest, and optional Additional Digest represents the entire independent executive summary, known as the Independent Digest. A standalone digest is a fingerprint identifying the Ring-0 code that controls configuration and operations performed independently. Standalone digests are used to indicate or prove the state of the current stand-alone execution.

The nonvolatile memory 160 stores nonvolatile information. Typically, non-volatile memory 160 is implemented in flash memory. Non-volatile memory 160 includes processor core 18 .

Processor core 18 provides initial setup and low-level management of separate areas (in system memory 140), including authentication, loading and logging of operating system core 16, and management of symmetric keys used to secure the operating system core. Processor core 18 may also provide application programming interface (API) abstractions of low-level security services provided by other hardware. Processor core 18 may also be distributed by an original equipment manufacturer (OEM) or operating system provider on a boot disk.

Mass storage device 170 stores items like code (e.g., processor core 18), programs, files, data, applications (e.g., applications 42 ₁ through 42 _N ), applets (e.g., applets 46 ₁ through 46 _K ), and storage files such as the operating system. Mass storage device 170 may include compact disc (CD) ROM 172, floppy disk 174, and hard disk 176, as well as any other magnetic or optical storage device. Mass storage device 170 provides a mechanism for reading machine-readable media.

I/O device 175 may include any I/O device to perform I/O functions. Examples of I/O devices 175 include input devices (eg, keyboard, mouse, trackball, pointing device), media cards (eg, audio, video, graphics), controllers for network cards, and any other peripheral controllers.

Token bus 180 provides an interface between ICH 150 and multiple tokens in the system. Tokens are devices that perform specific input/output functions with security functions. Tokens have characteristics similar to smart cards, including at least one public/private key pair for retention purposes and the ability to sign data with the private key. Examples of tokens connected to token bus 180 include motherboard tokens 182, token readers 184, and other mobile tokens 186 (eg, smart cards). The token bus interface 159 in the ICH 150 is connected to the ICH 150 through the token bus 180 and ensures that when it is ordered to prove the state of independent execution, the corresponding token (for example, main board token 182, token 186) only marks valid independent summary information. For security, tokens should be connected to digest storage.

When implemented in software, the elements of the invention are the code segments to perform the necessary tasks. Programs or code segments can be stored on a machine-readable medium, such as a processor-readable medium, or can be transmitted by a computer digital signal embodied in a carrier wave. Examples of processor-readable media include electronic circuits, semiconductor memory devices, compact disks CD-ROMs, compact disks, hard disks, fiber optic media, radio frequency (RF) links, and the like. A computer digital signal may include any signal capable of propagating through transmission media like electronic network channels, fiber optics, air, electromagnetic media, RF link transmission media, and the like.

Control access to multiple independent memories in one independent execution environment

The present invention is a method, device and system for controlling access to multiple independent memories 71 (as shown in FIG. 1C ) in an independent execution environment. FIG. 2A is a diagram illustrating the independent execution circuit 115 shown in FIG. 1F according to one embodiment of the present invention. Independent execution circuitry 115 includes core execution circuitry 205 , access manager 220 and cache manager 230 .

Core execution unit 205 includes instruction decoder and execution unit 210 and translation lookaside buffer (TLB) 218 . Instruction decoder and execution unit 210 receives instruction stream 215 from instruction fetch unit. Instruction stream 215 includes a plurality of instructions. The instruction decoder and execution unit 210 decodes instructions and executes the decoded instructions. These instructions may be at the micro-level or macro-level. Instruction decoder and execution unit 210 may be a physical circuit or an abstraction of the process of decoding instruction execution. Additionally, instructions may include independent instructions and dependent instructions. The instruction decoder and execution unit 210 generates a virtual address when there is an access transaction.

TLB 218 translates virtual address 212 into physical address 99 . TLB 218 includes cache 219 of memory ownership page table (MOPT) 77. TLB 218 first looks in cache memory 219 for a physical address matching virtual address 12 and the associated page table entry. If the physical address is not in the cache memory 219 the TBL 218 looks up the MOP 77 itself. The TLB 218 uses the base address of the MOPT 221 to look up the physical address. Referring also to FIG. 1E , starting from the base address of MOPT 221 and page table content 91 of virtual address 212 , TLB 218 finds page table record 93 for virtual address 212 . As previously described, each page table record 93 includes the base address of a page 95 and the page's attributes 96 (independent or dependent). The TLB 218 uses the base address of the page 95 and the offset content 92 of the virtual address to be able to correspond to the physical address 99 of the virtual address. It should be known that using the TLB to translate virtual addresses to physical addresses is a well-known technique. The attribute 96 (independent or non-independent) of the page to be discussed later is very important in configuring independently executed access transactions.

Referring again to FIG. 2A , core execution circuitry 205 communicates with access manager 220 via control/status information 222 , operands 224 and access information 226 . Control/status information 222 includes control bits that manage the various components in individual bus cycle generators 220 as well as status data from access manager 220 . Operands 224 include data to be written to and read from access manager 220 . Access information 226 includes address information (eg, physical address provided by TLB 218), read/write, and access type information.

Access manager 220 receives and provides control/status information 222, receives and provides operand information 224, receives access information 226 from core execution circuitry 205 as a result of instruction execution, receives cache access signals 235 from cache manager 230 (eg, cache hit) and attribute 96 (independent or non-independent). Access manager 220 also receives external independent access signals 278 and front side bus (FSB) address information signals 228 from another processor in the system. External independent access signal 278 is asserted when another processor in the system attempts to access one of the independent memory areas. Access manager 220 generates independent access signal 272 , access permission signal 274 , and processor listen access signal 276 . The independent access signal 272 may be used to generate an independent bus cycle 230 to a device external to the processor (eg, a chipset) to indicate that the processor 110 is executing an independent mode instruction. Processor snoop access signal 276 may be used by other devices or chipsets to determine whether a snoop access is a hit or miss. Independent access signal 272, access grant signal 274, and processor snoop access signal 276 may also be used internally by processor 110 to control and monitor other independent or dependent activities.

Cache storage manager 230 receives access information 226 from core execution unit 205 and generates cache access signal 235 to access manager 220 . Cache storage manager 230 includes high speed memory 232 that stores cache information and other circuitry that manages cache transactions, as is known to those skilled in the art. The cache access signal 235 indicates the result of the cache access. In one embodiment, cache access signal 235 is a cache hit signal that is asserted upon a cache access hit.

Figure 2B is a diagram depicting the access manager shown in Figure 2A, according to one embodiment of the present invention. Access manager 220 includes configuration storage 250 and access checking circuitry 270 . Access manager 220 exchanges operand 224 information with and receives access information 226 from core execution circuitry 205 shown in FIG. 2A . Operand 224 information includes attributes 96 (independent or non-independent) of the page associated with physical address 99 . Access manager 220 also receives cache memory access signal 235 from cache memory manager 230, and external independent access signal 278 and FSB address information 228 from another processor shown in FIG. 2A. Access manager 220 also receives from Cache manager 230 receives attributes 96 (independent or non-independent). Attributes are located on a per cache line basis. Access information 226 includes physical address 99 , read/write (RD/WR#) signal 284 and access type 286 . Access information 226 is generated by processor 110 during an access transaction. Access type 286 indicates the type of access, including memory directed, input/output directed, and logical processor access. Logical processor access includes logical processor records for independent active states and logical processors exiting independent active states.

Configuration store 250 contains configuration parameters that configure access transactions generated by processor 110 . Processor 110 has a normal execution mode and an independent execution mode. Access transactions own access information. Configuration store 250 receives operand 224 information from instruction decoder and execution unit 210 (FIG. 2A). Configuration store 250 includes attribute registers of page 251 and processor control registers 252 . The attribute register 251 contains the attribute 96 of the page associated with the physical address set as independent or non-independent. Processor control register 252 contains execution mode word 253 . Execution mode word 253 is established when processor 110 is configured with standalone execution mode. In one embodiment, the execution mode word 253 is a single bit that indicates whether the processor 110 is in an independent execution mode.

Access checking circuitry 270 checks access transactions with at least one configuration parameter (eg, execution mode word 253 and attributes 96 ) and access information 226 . Access check circuit 270 generates processor independent access signal 272, access permission signal 274, and processor snoop access signal using at least one parameter in configuration memory area 250, access information 226 and FSB address information 228 in transactions generated by processor 110 276. FSB address information 228 is typically provided by another processor and snooped on the FSB. Independent access signal 272 is asserted when processor 110 is configured with independent execution mode. Access permission signal 274 is used to indicate that access has been granted. A processor listens to the access signal 276 to determine that an access from another processor results in a hit or miss.

FIG. 3A is a diagram illustrating an access check circuit 270 according to one embodiment of the present invention. The access check circuit 270 includes a TLB access check circuit 310 and a FSB snoop check circuit 330 .

TLB access check circuit 310 receives attribute 96 and execution mode word 253 to generate access grant signal 274 . Access permission signal 274 is established when attribute 96 is set to independent and execution mode word 253 is established to indicate that independent access is enabled or to allow such configuration. In one embodiment, TLB access check circuit 310 performs a logical "exclusive OR" operation. Thus, when a processor requests a physical address of an isolated region, the access transaction is only allowed if the processor is running in an independent execution mode and the attribute of the page associated with the physical address is also set to independent.

The FSB snoop check circuit 330 performs a similar function to the TLB access check circuit 310 . FSB snoop check circuit 330 generates processor snoop access signal 276 by combining cache access signal 235 , external independent access signal 278 and attribute 96 . The FSB snoop check circuit 330 includes a first combiner 342 and a second combiner 344 . The first combination 342 receives the attribute 96 (independent or non-independent) of the line to snoop from the cache memory manager 230 and receives an external independent access signal 278 from another processor performing the snoop. The attributes are on a per cache line basis. In one embodiment, the first combiner 342 performs a logical "exclusive OR" operation. The second combiner 344 combines the result of the first combiner 342 with the cache access signal 235 (eg, a cache hit). In one embodiment, the second combiner 344 performs a logical AND operation. Thus, a processor can only snoop on a line from another processor in the isolated region when the listening processor is running in independent execution mode, the page attribute is set to independent, and there is a cache hit. The access transaction is only allowed if the condition is met and a processor listen access signal 276 is generated for the individual region.

FSB snoop check circuit 330 ensures correct functionality in a microprocessor system when not all processors are initialized for an individual memory region access. The X-NOR component 342 ensures that snoop hits only occur from processors that have allowed independent access. If a processor is not already participating in an access to an isolated memory region, it will not be allowed to listen to the line output of another processor participating in an independent memory region access. Likewise, a processor that has been activated for independent access does not inadvertently listen to the line output of another processor that is not activated.

The processor that establishes the independent region listens to the access signal 276 when the cache access signal 235 is established indicating a cache hit and the external independent access signal 278 is established and the attribute 96 is set to independent.

FIG. 3B is a diagram depicting access check circuitry 270 that governs logical processor operation, according to one embodiment of the present invention. Access check circuit 270 includes logical processor manager 360 .

A physical processor can have multiple logical processors. Each logical processor can enter or exit the independent processor state, known as logical processor access. A logical processor access is usually generated when the corresponding logical process executes an independent instruction in sequence, such as independent entry (iso_enter) and independent exit (iso_exit). Logical processor 360 manages logical processor operations resulting from logical processor accesses. In effect, logical processor manager 360 keeps track of the number of active logical processors in a processor. Logical processor manager 360 includes logical processor registers 370 , logical processor state activator 382 , logical processor updater 380 , min probe 374 and max probe 376 . Logical processor registers 370 store logical processor registers 372 to indicate the number of currently active logical processors. The logical processor state activator 382 activates the logical processor state when the logical processor access is active. The LP updater 380 updates the LP count 372 according to the LP access. The logical processor updater 380 is activated by the active logical processor state. In one embodiment, LP registers 370 and LP updater 380 are implemented as up/down counters with active signals. The minimum detector determines whether the logical processor count 372 is equal to the logical processor number (eg, 0). Maximum detector 376 determines whether logical processor count 372 exceeds the maximum number of logical processors. The maximum number of logical processors indicates the maximum number of logical processors supported by the independent execution mode in the processor 110 .

The LP updater 380 initializes the LP registers 370 upon system restart. LP updater 380 updates LP count 372 in a first direction (ie, increment) when an access transaction corresponds to a LP entry. The LP updater 380 updates the LP count 372 in a second direction opposite to the first direction (ie, decrements) when the access transaction corresponds to a LP exit or a LP back. When the logical processor count 372 is equal to the minimum number of logical processors, the logical processor manager 360 causes the processor 110 to flush the cache 232 (FIG. 2A) by writing it back to main memory, and makes independent The setup registers (Figure 2A) restore the initial state in these memory segments. Logical processor manager 360 causes processor 110 to fail or miss a condition when logical processor count 372 exceeds the maximum number of logical processors because the total number of logical processors exceeds the maximum number of logical processors that can be supported in the processor.

FIG. 4 depicts a method 400 for generating an access grant signal for a stand-alone execution, in accordance with one embodiment of the present invention.

Beginning at START, method 400 distributes pages to multiple independent storage areas (block 410). The method 400 then sets up the execution mode word in the processor control register to configure the processor in an independent execution mode (block 420). The method 400 then receives access information from the access transaction from the processor (block 425). Access information includes physical address (provided by TLB, page attribute (independent/non-independent) and access type. Next, method 400 determines whether attribute is set to independent and whether an execution mode word is set up (indicating setting to independent) (block 430) If not, method 400 generates a failure or error condition (block 435) and ends. Otherwise, method 400 establishes an access permission signal (block 440). Method 400 then ends.

FIG. 5 is a flowchart depicting a process 500 for managing independently executing logical processor operations in accordance with one embodiment of the present invention.

From START, process 500 initializes logical processor registers when there are no active logical processors (block 510). Process 500 then executes a logical processor access instruction (eg, iso_enter, iso_exit). A logical processor access instruction establishes an execution mode word. Next, process 500 activates the logical processor state (block 525). Process 500 then determines the logical processor access type (block 530).

If the LP access type is a LP entry, process 500 updates the LP count in a first direction (eg, increment) (block 540). Process 500 then determines whether the logical processor count exceeds the maximum number of logical processors (block 550). If not, process 500 flows through block 570. Otherwise, process 500 generates a failure or error condition (block 560) and ends.

If the LP access type is LP exit or LP back, process 500 updates the LP count in a second direction (eg, decrement) opposite the first method (block 545 ). Process 500 then determines whether the logical processor count is equal to a minimum value (eg, 0) (block 555). If not, process 500 flows through block 570 . Otherwise, process 500 initializes the cache and individual setup registers from all individual information. (block 565).

Next, the process 500 judges the next logical register access (block 570). If there is a next logical processor access, process 500 returns to block 520 to execute the logical processor access instruction. If there are no other logical processor accesses, process 500 ends.

Control access to multiple independent memories in one independent execution environment

The above description refers to independent execution processes in the processor 110 . Access to the multiple independent memory areas 71 shown in Figure 1C is further controlled by the MCH 130 (Figure 1F). Referring to FIG. 1F, the processor 110 regards the MCH 130 as an input/output device mapped to an address unit. In order to access the independent storage area 70, especially the plurality of independent storage areas 71 (FIG. 1C), the processor 110 needs to configure the memory configuration storage area in the MCH 130. MCH 130 also includes control functions that allow processor 110 to access memory 140 in multiple independent storage areas 83. MCH 130 receives signals (eg, independent access signals) or bus cycle information from processor 110 via host bus 120.

In FIG. 1F , MCH 130 is depicted as being external to processor 110. However, MCH 130 may also be included in processor 110 . In this case, write cycles to registers in the MCH 130 are materialized to allow any external cache to participate in cache coherency.

Essentially, the access controller in the MCH 130 performs a similar function to the access check circuit 270 shown in FIG. 3A. By maintaining access coherency in processor 110 and MCH 130, access to memory can be more tightly controlled. The access controller in MCH 130 determines whether the access transaction from processor 110 is valid. If valid, the access controller returns an access-grant signal to allow the access transaction to complete. Otherwise, a failure or error condition is generated. In addition, the access controller in the MCH 130 also protects the intentional or unintentional setting of its configuration and control memory areas. Because the MCH 130 is directly interfaced with the memory 140, the access controller also provides initialization of the contents of the separate memory area and its own internal memory area upon restart.

FIG. 6 is a diagram illustrating an individual zone access controller 135 in the memory controller hub (MCH) 130 shown in FIG. 1F according to one embodiment of the present invention. Access controller 135 includes configuration storage 610 , configuration controller 640 and MCH address checking circuit 810 .

Configuration store 610 configures access transactions generated by processor 110 in FIG. 1F . Processor 110 has a normal execution mode and an independent execution mode. The access transaction has access information 660 . Access information 660 is carried by host bus 120 (FIG. IF) and includes address information and individual access status. Address information is represented by a physical address 662 . The independent access state is represented by independent access signal 664 . Independent access signal 664 is effectively equivalent to processor independent access signal 272 shown in FIG. 2A. The independent access signal 664 is asserted when the processor 110 makes a valid reference to one of the plurality of independent storage areas 71 (shown in FIG. 1C ).

Configuration store 610 includes cache memory 660 of memory ownership page table (MOPT) 77 . Configuration store 610 performs a lookup in cache memory 660 for physical address 662 to find the physical address and the associated page table record. If the physical address is not configured in cache memory 219, storage area 610 performs a lookup for physical address 662 in MOPT 77 (FIG. 1E) itself. Configuration store 610 uses the base address of MOPT 221 to look up physical address 662 in MOPT 77. Referring also to FIG. 1E , configuration store 610 performs a lookup of MOPT 77 starting from the base address of MOPT 221 and finds page table entry 93 associated with physical address 662. The configuration store can look up the physical address of the page 98 to locate the page table record 93 associated with that physical address. Each page table record 93 includes an attribute 96 (independent or non-independent) of the page associated with the physical address that is important for the MCH 130 configuration access transaction. It should be understood that performing a lookup in a page table to obtain a physical address and associated page table records is a well-known technique in the art, and other lookup methods can also be used within the knowledge of those skilled in the art.

The configuration storage area 250 also contains configuration parameters that configure the access transactions generated by the MCH 130. The configuration store includes attributes 96 of the pages associated with the physical addresses found by the lookup that are set as independent or non-independent. As mentioned above, only the processor 110 in the independent execution mode can access the independent storage area 71 .

Configuration controller 640 controls access to configuration storage 610 and provides some control functions to memory 140 .

MCH access check circuit 810 uses access information 660 , attributes 96 , individual access signal 664 and individual memory priority 736 to generate access grant signal 652 . Access permission signal 652 indicates whether the access transaction is valid. Access permission signal 652 may be generated by processor 110 or other chipset or other device to determine whether an attempt to access separate storage area 71 is permitted.

FIG. 7 is a diagram illustrating the MCH access check circuit 810 shown in FIG. 6 according to one embodiment of the present invention.

MCH access check circuit 810 generates access grant signal 652 based on attributes 96 and independent access signal 664 . Access permission signal 652 indicates whether the access transaction is valid. MCH access check circuit 810 receives attribute 96 and independent access signal 664 to generate access grant signal 652 . The access permission signal 652 is established when the attribute 96 is set to independent and the independent access signal 664 is asserted indicating that independent access is enabled or that such configuration is allowed. In one embodiment, the MCH access check circuit 810 performs a logical "exclusive OR" operation. Thus, when a processor requests a physical address of an isolated region, the access transaction is granted only if the processor is running in an independent execution mode and the attribute of the page associated with the physical address is set to independent.

FIG. 8 illustrates a process 800 for configuring access transactions for independent execution of the MCH, in accordance with one embodiment of the present invention.

Beginning at START, process 800 configures an access transaction for the MCH (block 810). Process 800 then receives access information from the access transaction (block 820). Access information includes physical addresses, independent access signals, and page attributes (independent/non-independent). Next, the process 800 determines whether the attribute is set to independent and whether the independent access signal is asserted (block 830). If the condition is not met, process 800 generates a failure or error condition (block 835) and ends. Otherwise, the process 800 establishes an access permission signal (block 840). Process 800 then ends.

While the invention has been described with reference to illustrative embodiments, these descriptions are not intended to limit the invention. Various modifications of the illustrative embodiments, as well as other embodiments of the invention, which are apparent to those skilled in the art to which the invention pertains are considered to be within the spirit and scope of the invention.

Claims (30)

1, a kind of equipment comprises:

Distribute the page manager of a plurality of pages to a plurality of zoness of different of storer respectively, storer is divided into isolated area and non-isolated area, and page manager is arranged in an isolated area of storer; With

Be arranged in the storer entitlement page table of an isolated area of storer, storer entitlement page table is described each page or leaf of storer.

2, the equipment of claim 1 is if wherein page isolated area page manager being assigned to storer is just distributed to this page independent attribute.

3, the equipment of claim 2, if wherein page non-isolated area page manager being assigned to storer is just distributed to its non-independent attribute, storer entitlement page table writes down the attribute of each page.

4, the equipment of claim 3 also comprises:

The configuration store district comprises the configuration setting of configuration by the accessing work of the processor generation that normal execution pattern and independent execution pattern are arranged, and accessing work has visit information; With

With the access checking circuit of configuration store district coupling, at least one that be responsible for disposing in setting and the visit information checked accessing work.

5, the equipment of claim 4, wherein configuration setting comprises page properties and execution pattern word.

6, the equipment of claim 5, wherein visit information physical address and access type, access type indication accessing work is memory access, I/O visit or logic processor visit.

7, the equipment of claim 5, wherein the configuration store district also comprises the property store district, the property store district comprises the definition page and is independent or dependent attribute.

8, the equipment of claim 5, wherein the configuration store district also comprises the processor control register to comprise the execution pattern word, the execution pattern word is set up by processor when processor is configured in independent execution pattern.

9, the equipment of claim 5, wherein the access checking circuit comprises whether attribute that TLB access checking circuit detects the page is configured to independent and whether has set up the execution pattern word, and TLB access checking circuit produces the access permission signal.

10, the equipment of claim 5, wherein the access checking circuit comprises that the FSB that is coupled with cache memory monitors check circuit, FSB monitors the check circuit composite attribute, from the outside independent access signal and the cache access signal of another processor, FSB monitors check circuit and produces processor snoop accesses signal.

11, a kind of method comprises:

Use page manager to distribute a plurality of zoness of different of a plurality of pages to storer respectively, storer is divided into isolated area and non-isolated area, and page manager is arranged in an isolated area of storer; With

Each page of storer is described.

12, the method for claim 11, each page of wherein describing storer are included in a page and distribute independent attribute to it when being assigned to isolated area of storer.

13, the method for claim 12, each page of wherein describing storer also comprises:

If the non-isolated area that page is distributed to storer distributes non-independent attribute to it; With

The attribute of each page of record in storer entitlement page table.

14, the method in the claim 13 also comprises:

The accessing work that configuration is produced by the processor that has the configuration store district that comprises the configuration setting, processor has normal execution pattern and independent execution pattern, and accessing work has visit information; With

Use at least a inspection accessing work that disposes in setting and the visit information by the access checking circuit.

15, the method for claim 14, wherein configuration setting comprises page properties and execution pattern word.

16, the method for claim 15, wherein visit information comprises physical address and access type, access type indication accessing work is memory access, I/O visit or logic processor visit.

17, the method for claim 15, wherein configuration access affairs also comprise:

The attribute that the page is set is independent or non-independence; And memory attribute in the property store district in the configuration store district.

18, the method for claim 15, wherein configuration access affairs also comprise sets up the execution pattern word in the processor control store when processor is configured to independent execution pattern.

19, the method for claim 15, check that wherein accessing work comprises:

Whether the attribute of checking the page has been configured to independence;

Detect and whether set up the execution pattern word; With

Produce the access permission signal.

20, the method for claim 15, check that wherein accessing work comprises:

Composite attribute, from the independent access signal and the cache access signal of another processor; With

Produce processor snoop accesses signal.

21, a kind of system comprises:

Chipset;

Be coupled to the storer of chipset;

Be coupled to the processor of chipset and storer, this processor has independent execution pattern and normal execution pattern;

The page manager of operation under processor control, page manager is distributed a plurality of zoness of different of a plurality of pages to storer respectively, storer is divided into the storer of isolated area and non-isolated area, the page manager in the isolated area of page manager storer; With

Be arranged in the storer entitlement page table of an isolated area of storer, storer entitlement page table is described each page of storer.

22, the system of claim 21, wherein page manager is given when a page is distributed to isolated area of storer and is given this page independent attribute.

23, the system of claim 22, wherein page manager gives this page non-independent attribute when a page is distributed to non-isolated area of storer, and storer entitlement page table writes down the attribute of each page.

24, the system of claim 23 also comprises:

Comprise the configuration store district of configuration by the configuration setting of the accessing work of the processor generation that normal manipulation mode and independent manipulation mode are arranged, accessing work has visit information; With

With configuration store coupling and with the access checking circuit of at least a inspection accessing work of configuration setting and visit information.

25, the system of claim 24, wherein configuration setting comprises page properties and execution pattern word.

26, the system of claim 25, wherein visit information comprises physical address and access type, access type indication accessing work is memory access, I/O visit or logic processor visit.

27, the system of claim 25, wherein the configuration store district comprises that also the property store district is independent or dependent page properties to comprise the definition page.

28, the system of claim 25, wherein the configuration store district also comprises the processor control register comprising the execution pattern word, the execution pattern word is set up with independent execution pattern configuration processor the time.

29, the system of claim 25, wherein the access checking circuit comprises whether TLB access checking circuit is set to independently and whether has set up the execution pattern word with the attribute that detects the page, and TLB access checking circuit produces the access permission signal.

30, the system of claim 25, wherein the access checking circuit comprises that also the FSB that is coupled with cache memory monitors check circuit, FSB monitors the check circuit composite attribute, from the outside independent access signal and the cache access signal of another processor, FSB monitors check circuit and produces processor snoop accesses signal.

Images