Entry/exit architecture for protected device modules
US-9087202-B2 · Jul 21, 2015 · US
Preemptive scheduling of in-enclave threads
US10908952B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10908952-B2 |
| Application number | US-201716474905-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 21, 2017 |
| Priority date | Apr 21, 2017 |
| Publication date | Feb 2, 2021 |
| Grant date | Feb 2, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Preemptive scheduling enclaves as disclosed herein support both cooperative and preemptive scheduling of in-enclave (IE) thread execution. These preemptive scheduling enclaves may include a scheduler configured to be executed as part of normal hardware interrupt processing by enclave threads. The scheduler identifies an IE thread to be scheduled and modifies enclave data structures so that when the enclave thread resumes processing after a hardware interrupt, the identified IE thread is executed, rather than the interrupted IE thread.
First claim
Opening claim text (preview).
The invention claimed is: 1. A computing device comprising: a memory comprising an enclave and a preemption manager distinct from the enclave; and at least one logical processor coupled to the memory and configured to execute an in-enclave thread, receive a hardware interrupt while executing the in-enclave thread, exit the enclave in response to receiving the hardware interrupt, handle the hardware interrupt, execute the preemption manager after handling the hardware interrupt, wherein the preemption manager is configured to determine whether the in-enclave thread should be preempted, in response to a determination by the preemption manager that the in-enclave thread should not be preempted, resume execution of the in-enclave thread, and in response to a determination by the preemption manager that the in-enclave thread should be preempted, execute a scheduler. 2. The computing device of claim 1 , wherein the preemption manager is configured to determine whether the in-enclave thread should be preempted at least in part by determining whether logical processing time allocated to the in-enclave thread has been exhausted. 3. The computing device of claim 1 , wherein the enclave further comprises the scheduler and the preemption manager is configured to re-enter the enclave and execute the scheduler in response to determining that the in-enclave thread should be preempted, wherein the scheduler is configured to identify a next in-enclave thread to execute; replace the in-enclave thread with the next in-enclave thread; and execute a context switch from the in-enclave thread to the next in-enclave thread. 4. The computing device of claim 3 , wherein the scheduler is configured to: execute a context switch at least in part by saving, from a current state save area, a first state of the at least one logical processor associated with the in-enclave thread and restoring, to the current state save area, a second state of the at least one logical processor associated with the next in-enclave thread; determine whether the scheduler was initiated by the preemption manager; and exit the enclave in response to determining that the scheduler was initiated by the preemption manager; wherein the at least one logical processor is configured to resume execution of the next in-enclave thread in response to the scheduler exiting the enclave. 5. A method of implementing preemptive scheduling of in-enclave threads, the method comprising: executing an in-enclave thread; receiving a hardware interrupt while executing the in-enclave thread; exiting an enclave in response to receiving the hardware interrupt; handling the hardware interrupt; executing a preemption manager stored outside the enclave after handling the hardware interrupt; determining, using the preemption manager, whether the in-enclave thread should be preempted; in response to determining that the in-enclave thread should not be preempted, resuming execution of the in-enclave thread; and in response to determining that the in-enclave thread should be preempted, executing a scheduler. 6. The method of claim 5 , further comprising: re-entering, in response to determining that the in-enclave thread should be preempted, the enclave. 7. The method of claim 6 , further comprising: identifying, via the scheduler, a next in-enclave thread to execute; replacing the in-enclave thread with the next in-enclave thread; and executing a context switch from the in-enclave thread to the next in-enclave thread. 8. The method of claim 7 , wherein executing the context switch comprises: saving, from a current state save area, a first state of at least one logical processor associated with the in-enclave thread; and restoring, to the current state save area, a second state of the at least one logical processor associated with the next in-enclave thread. 9. The method of claim 8 , further comprising: determining that the scheduler was initiated by the preemption manager; and exiting the enclave in response to determining that the scheduler was initiated by the preemption manager. 10. The method of claim 9 , further comprising resuming execution of the next in-enclave thread in response to the scheduler exiting the enclave. 11. A computer program product including one or more non-transitory machine-readable medium encoded with instructions that when executed by one or more processors cause a process to be carried out for implementing preemptive scheduling of in-enclave threads, the process comprising: executing an in-enclave thread; receiving a hardware interrupt while executing the in-enclave thread; exiting an enclave in response to receiving the hardware interrupt; handling the hardware interrupt; executing a preemption manager stored outside the enclave after handling the hardware interrupt; determining, using the preemption manager, whether the in-enclave thread should be preempted; in response to determining that the in-enclave thread should not be preempted, resuming execution of the in-enclave thread; and in response to determining that the in-enclave thread should be preempted, executing a scheduler. 12. The computer program product of claim 11 , wherein the process further comprises: re-entering, in response to determining that the in-enclave thread should be preempted, the enclave. 13. The computer program product of claim 12 , wherein the process further comprises: identifying, via the scheduler, a next in-enclave thread to execute; replacing the in-enclave thread with the next in-enclave thread; and executing a context switch from the in-enclave thread to the next in-enclave thread. 14. The computer program product of claim 13 , wherein executing the context switch comprises: saving, from a current state save area, a first state of at least one logical processor associated with the in-enclave thread; and restoring, to the current state save area, a second state of the at least one logical processor associated with the next in-enclave thread. 15. The computer program product of claim 14 , wherein the process further comprises: determining that the scheduler was initiated by the preemption manager; and exiting the enclave in response to determining that the scheduler was initiated by the preemption manager. 16. The computer program product of claim 15 , wherein the process further comprises resuming execution of the next in-enclave thread in response to the scheduler exiting the enclave. 17. The method of claim 5 , wherein determining, using the preemption manager, whether the in-enclave thread should be preempted comprises at least in part determining whether logical processing time allocated to the in-enclave thread has been exhausted. 18. The computer program product of claim 11 , wherein determining, using the preemption manager, whether the in-enclave thread should be preempted comprises at least in part determining whether logical processing time allocated to the in-enclave thread has been exhausted. 19. The method of claim 7 , wherein identifying, via the scheduler, a next in-enclave thread to execute comprises using at least one of a round-robin, multilevel queue, or first-come first-serve scheduling process. 20. The computer program product of claim 13 , wherein identifying, via the scheduler, a next in-enclave thread to execute comprises using at least one of a round-robin, multilevel queue, or first-come first-serve scheduling process.
Assignees
Inventors
Classifications
operating in dual or compartmented mode, i.e. at least one secure mode · CPC title
to assure secure storage of data (address-based protection against unauthorised use of memory G06F12/14; record carriers for use with machines and with at least a part designed to carry digital markings G06K19/00) · CPC title
Instruction issuing, e.g. dynamic instruction scheduling or out of order instruction execution · CPC title
to assure secure computing or processing of information · CPC title
- G06F9/4881Primary
Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10908952B2 cover?
- Preemptive scheduling enclaves as disclosed herein support both cooperative and preemptive scheduling of in-enclave (IE) thread execution. These preemptive scheduling enclaves may include a scheduler configured to be executed as part of normal hardware interrupt processing by enclave threads. The scheduler identifies an IE thread to be scheduled and modifies enclave data structures so that when…
- Who is the assignee on this patent?
- Intel Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F9/4881. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 02 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).