33 results about "Model-specific register" patented technology

A method of controlling access to a model specific register of a microprocessor. A method of controlling access to a model specific register of a processor having a normal execution mode and a secure execution mode may include storing processor state and mode information in the model specific register. Further, the method may include protection logic allowing a software invoked write access to modify the information within the model specific register during the normal execution mode. The method may further include security logic selectively inhibiting the software invoked write access during the secure execution mode.

Instructions and logic provide base register swap status verification functionality. Embodiments include a processor having a first model specific register (MSR) to store a first base address corresponding to a segment for a first execution context and a second MSR to store a second base address corresponding to a segment for a second context. A third register stores a base register swap status field corresponding to the segment of the first and second contexts. A decode unit decodes a swap instruction and execution logic executes an exchange of the first MSR value and the second MSR value responsive to the swap instruction. The execution logic determines if said exchange of the first MSR value and the second MSR value completed successfully, and changes a value of the base register swap status field responsive to a determination that said exchange completed successfully.

Instructions and logic provide user-level thread synchronization with MONITOR and MWAIT instructions. One or more model specific registers (MSRs) in a processor may be configured in a first execution state to specify support of a user-level thread synchronization architecture. Embodiments include multiple hardware threads or processing cores, corresponding monitored address state storage to store a last monitored address for each of a plurality of execution threads that issues a MONITOR request, cache memory to record MONITOR requests and associated states for addresses of memory storage locations, and responsive to receipt of an MWAIT request for the address, to record an associated wait-to-trigger state of monitored addresses for execution cores associated with an MWAIT request; wherein the execution core is to transition a requesting thread to an optimized sleep state responsive to the receipt of said MWAIT request when said one or more MSRs are configured in the first execution state.

A method includes stalling execution of a model specific register write function to write to a model specific register of a processor having a no-execute processor feature enabled, determining that the model specific register is a no-execute model specific register of the processor, and determining whether a no-execute field in the no-execute model specific register is being altered. Upon a determination that the no-execute field is being altered, the method further includes taking protective action to prevent disabling of the no-execute processor feature.

The invention discloses a method for establishing a virtual machine countermeasure technology based on a hardware virtualization technology. The method comprises the following steps of 1, enabling CPU hardware virtualization characteristic support in a virtual machine; 2, loading a driver program to enter a Host mode; 3, taking over all input output operations and MSR (Model Specific Register) operations, and intercepting all instructions capable of generating VM Exit; 4, performing environment setting for the instructions; 5, running a monitored program; 6, when a VM Exit generation event occurs, in combination with environment information analysis, judging whether an anti-virtual machine behavior exists or not; 7, continuing to monitor a behavior of a sample until the end; and 8, outputting a final analysis result. Through the steps, monitoring of a privileged instruction is finished, an anti-virtual machine technology countermeasure method for malicious codes, which cannot be realized in a conventional method, is realized, the integrity of the sample is not destroyed, and detection is not bypassed by the malicious codes, so that the actual problem of anti-virtual machine technology countermeasure of the malicious codes is solved.

Processing logic and a method to provide single thread access to a specific memory region without suspending processing activity for all other cores and/or threads within or in association with a processor, computer system, or other processing apparatus. Single thread access may be provided through implementation of microcode which may control thread access to model specific registers (“MSRs”) within a processor. One MSR may provide a mutex, which a single thread may claim, and another MSR may provide a range of memory locations, which may be accessed by the thread that has claimed the mutex.

The invention discloses a method for detecting the existence of a virtual machine monitor (VMM) under a Windows platform, aiming at solving the problem that malicious codes use the VMM as a platform for hiding self behaviors and providing malicious services, and providing a method for detecting the existence of the VMM through resource differences. In a technical scheme, the method comprises the steps of: firstly, allocating internal memory spaces for Allocated PTEs (Page Table Entries) and a Special PTE; writing an address A before mapping modification for the Allocated PTEs; writing an address B after mapping modification for the Special PTE; accessing the Allocated PTEs in sequence to ensure that all PTEs pointing to the address A are stored into a page table buffer register; sequentially modifying the pointer contents of the Allocated PTEs into the address B pointed by the Special PTE; executing a privileged instruction RDMSR (Read from Model Specific Register) in a Windows system; and setting a counter, traversing all page table entries in the page table buffer register, and judging whether the VMM exists in the current system by judging whether the numerical value of the counter is consistent with N. The method disclosed by the invention can be used for effectively detecting the VMM so as to improve system security.

The invention discloses a reading-writing method of a model-specific register, wherein, the model-specific register is arranged in a central processing unit, and the central processing unit is provided with a plurality of model-specific registers. The method comprises the following steps: first, acquiring an address of a model-specific register and write-in data; reading storage data stored in the model-specific register; and judging whether the write-in data are null data; and then deciding whether to write the storage data back to the model-specific register according to a judgment result of the write-in data.

A data processing method includes the following steps: a processor receives a symmetric wrapping key, and when an application needs to use a user private key, the processor executes an encryption and decryption instruction in a hardware-acceleration instruction-set. The encryption and decryption instruction is configured to apply the symmetric wrapping key to decrypt a wrapped private key that corresponds to the application to obtain the user private key. In addition, the symmetric wrapping key is stored in a model specific register of the processor.