Computer systems are formed with a collection of hardware elements including one or more processors, memory, input/output devices and so forth. In addition, different types of software may be present in a system, including system software such as an operating system (OS), a virtual machine monitor (VMM) or so forth. In addition, application software can be provided to perform specific tasks desired by a user such as word processing, email, games and so forth. To enable communication between software and underlying processor hardware, instructions of the software can be converted into smaller instructions such as micro-instructions (uops) that can be implemented using microcode stored in the processor.
In general, a full range of memory is visible to system software such as an OS or VMM. However, to provide for secure operations and so forth, a hidden partition may be provided in memory that includes code that can run using a resource manager, which can be implemented in processor microcode and which can be hidden from the OS/VMM. However, various security and attestation issues arise in providing such hidden resources, raising complexity.
As one example, when a system is placed in certain low power states, such as a so-called suspended (S3) state in accordance with the Advanced Configuration and Power Interface (ACPI), Rev. 2.0 Standard, Apr. 25, 2003, the system memory is in self-refresh state. However, the processor is powered off and thus there are no protections active on the memory. Hence an adversary may be able to modify the contents of memory when the system is in the S3 state and if the memory is not verified on resume (S0 state), this may lead to code injection attacks on a hidden memory partition of the system memory. While hashing the memory prior to entering S3 and verifying the contents on resuming from S3 into S0 may avoid such code injection attacks, this has drawbacks, including extending the amount of time needed to transition between S0 and S3 due to the additional work to be done to hash and later verify the memory contents.