1. Field
The present disclosure pertains to the field of information processing; more specifically, to information processing system security.
2. Description of Related Art
Information processing systems, such as those including a processor in the Intel® Pentium® Processor Family from Intel Corporation, may support operation in a secured system environment. A secured system environment may include a trusted partition and an un-trusted partition. The bare platform hardware of the system and trusted software may be included in the trusted partition. Direct access from the un-trusted partition to the resources of the trusted partition may be prevented to protect any secrets that the system may contain from being discovered or altered. These secrets may include passwords, keys, and private or confidential information generated or stored on the information processing system.
The bare platform hardware of the system may be included in the trusted partition or domain through the execution of a secured system entry protocol. For example, an initiating processor may execute a secured enter (“SENTER”) instruction, to which all agents in the system must respond appropriately in order for the protocol to succeed. The responding agents may be prevented from executing any program instructions or process any external transactions during the secured entry process, so that the initiating processor may validate a signed code module as authentic and trusted, execute the signed code module to configure the system to support trusted operations, measure (cryptographically, using a hash extend function) and then initiate the execution of a measured virtual machine monitor (a “measured VMM” or “MVMM”). The MVMM may create one or more virtual machine environments in which to run un-trusted software, such that un-trusted software does not have direct access to system resources.
Other approaches to system security may be used in connection with or instead of the approach described above. However, many of these approaches may be vulnerable to hardware-based attacks. For example, an attacker having physical access to a system may remove or isolate system memory chips from the rest of the system to circumvent the protections provided by a memory controller, a chipset, software running on a processor, or any other system components, and directly read out their contents to discover keys, protected content, and other secret information stored in them.