Modern computing systems may utilize multiple sets of processing resources, including perhaps processing cores, hyper-threads, and memory. A set of processing resources may be referred to herein as a “partition.” An operating system (OS) may derive partition information from a basic input-output system (BIOS) in the form of device configuration tables. One such table may be structured as a set of advanced configuration and power interface (ACPI) tables. The BIOS may populate the ACPI table(s) with partition information, including resources discovered at system initialization.
It may be possible to hide one or more partitions from the OS. Random access memory (RAM) may be hidden, perhaps by reporting to the OS a subset of discovered resources excluding the RAM. Peripheral component interconnect (PCI) devices may also be hidden, perhaps by setting a bit-mask in an input-output (IO) controller hub. The resulting execution environment may include a partition invisible to the OS, referred to herein as a “sequestered partition.”