Processors, methods and systems to allow secure communications between protected container memory and input/output devices
US12141450B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 16, 2022 |
| Grant date | Nov 12, 2024 |
| Priority date | — |
| Expiry date | Dec 16, 2042 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/85
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An integrated circuit includes protected container access control logic to perform a set of access control checks and to determine whether to allow a device protected container module (DPCM) and an input and/or output (I/O) device to communicate securely through one of direct memory access (DMA) and memory-mapped input/output (MMIO). The DPCM and the I/O device are allowed to communicate securely if it is determined that at least the DPCM and the I/O device are mapped to one another, an access address associated with the communication resolves into a protected container memory, and a page of the protected container memory into which the access address resolves allows for the aforementioned one of DMA and MMIO. In some cases, a Security Attributes of Initiator (SAI) or security identifier may be used to obtain a DPCM identifier or attest that access is from a DPCM mapped to the I/O device. In some cases, a determination may be made that a type of access is compatible with one or more allowed access types for the page as represented in a protected container page metadata structure.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.