Safe peripheral device commications
US-2021133140-A1 · May 6, 2021 · US
System and method for implementing trusted execution environment on PCI device
US11513825B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11513825-B2 |
| Application number | US-201916671086-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 31, 2019 |
| Priority date | Oct 31, 2019 |
| Publication date | Nov 29, 2022 |
| Grant date | Nov 29, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
System and method for providing trusted execution environments uses a peripheral component interconnect (PCI) device of a computer system to receive and process commands to create and manage a trusted execution environment for a software process running in the computer system. The trusted execution environment created in the PCI device is then used to execute operations for the software process.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method for providing trusted execution environments in a peripheral component interconnect (PCI) device of a computer system, the method comprising: receiving commands to create and manage a trusted execution environment for a software process running in the computer system at the PCI device of the computer system; processing the commands at the PCI device to create and manage the trusted execution environment in memory of the PCI device, wherein the trusted execution environment is a secure memory enclave created in the memory of the PCI device; and using the trusted execution environment in the PCI device to execute operations for the software process. 2. The method of claim 1 , wherein receiving command includes receiving a particular command to create the trusted execution environment for the software process at a command queue in the PCI device that is used to store the commands at the PCI device for processing. 3. The method of claim 2 , further comprising, after the particular command is received at the command queue, using a first pointing mechanism to point to the particular command in the command queue as the most recent command added to the command queue. 4. The method of claim 3 , wherein the first pointing mechanism includes a register in the PCI device that contains an offset from a command queue base physical address to point to the particular command in the command queue as the most recent command that has been added to the command queue. 5. The method of claim 4 , wherein the command queue base physical address is stored in a command queue base address register. 6. The method of claim 2 , further comprising, after the particular command is processed, using a pointing mechanism to point to the particular command in the command queue as the most recent processed command in the command queue. 7. The method of claim 6 , wherein the pointing mechanism includes a register in the PCI device that contains an offset from a command queue base physical address to point to the particular command in the command queue as the most recent processed command in the command queue. 8. The method of claim 1 , wherein the PCI device is a virtual PCI device that emulates a physical PCI device. 9. A non-transitory computer-readable storage medium containing program instructions for providing trusted execution environments in a peripheral component interconnect (PCI) device of a computer system, wherein execution of the program instructions by one or more processors of the computer system causes the one or more processors to perform steps comprising: receiving commands to create and manage a trusted execution environment for a software process running in the computer system at the PCI device of the computer system; processing the commands at the PCI device to create and manage the trusted execution environment in memory of the PCI device, wherein the trusted execution environment is a secure memory enclave created in the memory of the PCI device; and using the trusted execution environment in the PCI device to execute operations for the software process. 10. The computer-readable storage medium of claim 9 , wherein receiving command includes receiving a particular command to create the trusted execution environment for the software process at a command queue in the PCI device that is used to store the commands at the PCI device for processing. 11. The computer-readable storage medium of claim 10 , wherein the steps further comprise, after the particular command is received at the command queue, using a pointing mechanism to point to the particular command in the command queue as the most recent command added to the command queue. 12. The computer-readable storage medium of claim 11 , wherein the pointing mechanism includes a register in the PCI device that includes an offset from a command queue base physical address to point to the particular command in the command queue as the most recent command that has been added to the command queue. 13. The computer-readable storage medium of claim 12 , wherein the command queue base physical address is stored in a command queue base address register. 14. The computer-readable storage medium of claim 10 , wherein the steps further comprise, after the particular command is processed, using a pointing mechanism to point to the particular command in the command queue as the most recent processed command in the command queue. 15. The computer-readable storage medium of claim 14 , wherein the pointing mechanism includes a register in the PCI device that includes an offset from a command queue base physical address to point to the particular command in the command queue as the most recent processed command in the command queue. 16. The computer-readable storage medium of claim 9 , wherein the PCI device is a virtual PCI device that emulates a physical PCI device. 17. A computer system comprising: memory; at least one processor; and a peripheral component interconnect (PCI) device, the PCI device being configured to: receive commands to create and manage a trusted execution environment for a software process running in the computer system; process the commands at the PCI device to create and manage the trusted execution environment in memory of the PCI device, wherein the trusted execution environment is a secure memory enclave created in the memory of the PCI device; and use the trusted execution environment in the PCI device to execute operations for the software process. 18. The computer system of claim 17 , wherein the PCI device includes a command queue that is used to store the commands at the PCI device for processing. 19. The computer system of claim 18 , wherein the command queue uses a first pointing mechanism to point to the most recent command added to the command queue and a second pointing mechanism to point to the most recent processed command in the command queue. 20. The computer system of claim 19 , wherein the first pointing mechanism includes a first register in the PCI device that contains a first offset from a command queue base physical address to point to the most recent command added to the command queue and the second pointing mechanism includes a second register in the PCI device that contains a second offset from the command queue base physical address to point to the most recent processed command in the command queue.
Assignees
Inventors
Classifications
Configuring for operating with peripheral devices; Loading of device drivers · CPC title
- G06F13/4221Primary
being an input/output bus, e.g. ISA bus, EISA bus, PCI bus, SCSI bus · CPC title
Queue · CPC title
- G06F9/455Primary
Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines · CPC title
Logical partitioning of resources; Management or configuration of virtualized resources (specific details on emulation or internal functioning of virtual machines G06F9/455) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11513825B2 cover?
- System and method for providing trusted execution environments uses a peripheral component interconnect (PCI) device of a computer system to receive and process commands to create and manage a trusted execution environment for a software process running in the computer system. The trusted execution environment created in the PCI device is then used to execute operations for the software process.
- Who is the assignee on this patent?
- Vmware Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F13/4221. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 29 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).