1. Field
The present disclosure pertains to the field of information processing; more specifically, to secure information processing systems.
2. Description of Related Art
Information processing systems, such as those including a processor in the Intel® Pentium® Processor Family from Intel Corporation, may support operation in a secure system environment. A secure system environment may include a trusted partition and an un-trusted partition. The bare platform hardware of the system and trusted software may be included in the trusted partition. Direct access from the un-trusted partition to the resources of the trusted partition may be prevented to protect any secrets that the system may contain from being discovered or altered.
The bare platform hardware of the system may be included in the trusted partition through the execution of a secure system entry protocol. For example, an initiating processor may execute a secure enter instruction, to which all agents in the system must respond appropriately in order for the protocol to succeed. The responding agents may be required to not issue any instructions or process any transactions during the secure entry process, so that the initiating processor may validate a firmware module as authentic and trusted, execute the firmware module to configure the system to support trusted operations, and initiate the execution of a secure virtual machine monitor (“SVMM”). The SVMM may create one or more virtual machine environments in which to run-trusted software, such that un-trusted software does not have direct access to system resources.
Generally, a system may not be reconfigured when operating in a secure system environment.