Search

US-12621141-B2 - Computer system, and system memory encryption and decryption method

US12621141B2US 12621141 B2US12621141 B2US 12621141B2US-12621141-B2

Abstract

A computer system with a processor having an encryption and decryption engine is shown. The encryption and decryption engine includes a key table, which is provided for encryption and decryption of the system memory. In response to a platform setting instruction, the processor reads a key identification code from a key identification code register, and reads control parameters from a control parameter register. Based on the control parameters, the processor manages a key, associated with the key identification code, in the key table.

Inventors

  • Yingbing Guan
  • Weilin Wang

Assignees

  • SHANGHAI ZHAOXIN SEMICONDUCTOR CO., LTD.

Dates

Publication Date
20260505
Application Date
20240910
Priority Date
20231024

Claims (18)

  1. 1 . A computer system, comprising: a processor, including an encryption and decryption engine that encrypts and decrypts a system memory that is coupled to the processor, wherein the encryption and decryption engine includes a key table; wherein the processor is configured to: in response to a platform setting instruction, read a key identification code from a key identification code register, and reads control parameters from a control parameter register; and based on the control parameters, manage a key, associated with the key identification code, in the key table, wherein: the processor allocates a first memory-mapped input and output (MMIO) space within an address space of the system memory to provide secure access to the key table of the encryption and decryption engine; access to the first MMIO space is restricted to be performed only by a plurality of secure micro-operations; the secure micro-operations are different from general micro-operations used to access a data space of the system memory; and execution of the platform setting instruction invokes the plurality of secure micro-operations to access the first MMIO space.
  2. 2 . The computer system as claimed in claim 1 , wherein: the processor further includes a model-specific register configured to define a location of the first memory-mapped input and output space; and the processor fills in the model-specific register when running a basic input and output system.
  3. 3 . The computer system as claimed in claim 1 , wherein: according to the key as well an encryption and decryption mode obtained from the key table based on the key identification code, the encryption and decryption engine encrypts and decrypts target data of the system memory.
  4. 4 . The computer system as claimed in claim 1 , wherein: the processor executes the platform setting instruction by running a basic input and output system, to manage the key, associated with the key identification code, in the key table.
  5. 5 . The computer system as claimed in claim 1 , wherein: the key, associated with the key identification code, in the key table is set or cleared according to the control parameters.
  6. 6 . The computer system as claimed in claim 1 , wherein: according to the control parameters, encryption and decryption according to the key associated with the key identification code are enabled or disabled, or encryption and decryption according to a unified key are enabled.
  7. 7 . The computer system as claimed in claim 1 , wherein: according to the control parameters, encryption and decryption of the system memory is based on a block message cipher algorithm in an XTS mode; and corresponding to the block message cipher algorithm in the XTS mode, each key is further divided into a first partial key and a second partial key.
  8. 8 . The computer system as claimed in claim 1 , wherein: according to the control parameters, the key is generated by software or by a random number generator of hardware.
  9. 9 . The computer system as claimed in claim 1 , wherein: the platform setting instruction uses a first setting of a secure function register to realize management of the key table, and uses a second setting of the secure function register to realize secure access to a second memory-mapped input and output space of the system memory; and the second memory-mapped input and output space is allocated to another high security function engine.
  10. 10 . A method for system memory encryption and decryption, comprising: allocating a first memory-mapped input and output (MMIO) space within an address space of a system memory to provide secure access to a key table, wherein the key table is built within an encryption and decryption engine that operates to encrypt and decrypt the system memory; in response to a platform setting instruction, executing a plurality of secure micro-operations to access the first MMIO space, wherein the secure micro-operations are different from general micro-operations used to access a data space of the system memory; and performing, by the plurality of secure micro-operations invoked by the platform setting instruction: reading a key identification code from a key identification code register; reading control parameters from a control parameter register; and based on the control parameters, managing a key, associated with the key identification code, in the key table.
  11. 11 . The method as claimed in claim 10 , further comprising: through a basic input and output system run by a processor equipped with the encryption and decryption engine, filling in a model-specific register to define a location of the first memory-mapped input and output space.
  12. 12 . The method as claimed in claim 10 , wherein: according to the key as well an encryption and decryption mode obtained from the key table based on the key identification code, the encryption and decryption engine encrypts and decrypts target data of the system memory.
  13. 13 . The method as claimed in claim 10 , wherein: a processor equipped with the encryption and decryption engine executes the platform setting instruction by running a basic input and output system, to manage the key, associated with the key identification code, in the key table.
  14. 14 . The method as claimed in claim 10 , wherein: the key, associated with the key identification code, in the key table is set or cleared according to the control parameters.
  15. 15 . The method as claimed in claim 10 , wherein: according to the control parameters, encryption and decryption according to the key associated with the key identification code are enabled or disabled, or encryption and decryption according to a unified key are enabled.
  16. 16 . The method as claimed in claim 10 , wherein: according to the control parameters, encryption and decryption of the system memory is based on a block message cipher algorithm in an XTS mode; and corresponding to the block message cipher algorithm in the XTS mode, each key is further divided into a first partial key and a second partial key.
  17. 17 . The method as claimed in claim 10 , wherein: according to the control parameters, the key is generated by software or by a random number generator of hardware.
  18. 18 . The method as claimed in claim 10 , wherein: the platform setting instruction uses a first setting of a secure function register to realize management of the key table, and uses a second setting of the secure function register to realize secure access to a second memory-mapped input and output space of the system memory; and the second memory-mapped input and output space is allocated to another high security function engine.

Description

CROSS REFERENCE TO RELATED APPLICATIONS This application claims priority of China Patent Application No. 202311388104.X, filed on Oct. 24, 2023, the entirety of which is incorporated by reference herein. BACKGROUND OF THE DISCLOSURE Field of the Disclosure The present disclosure relates to computer systems, and in particular to computer systems with system memory encryption and decryption. Description of the Related Art Common system memories in computer systems include dynamic random-access memory (DRAM), non-volatile random access memory (NVRAM), and others. Hackers may attack the system memory and obtain data from it. In particular, NVRAM retains data even if its power is interrupted. Serious security issues may occur if plaintext is stored in the system memory. How to improve the security of data stored in the system memory of a computer system is an important issue in this technical field. BRIEF SUMMARY OF THE DISCLOSURE This disclosure proposes a multi-key memory encryption technology (abbreviated as MKMET) achieved by a key table. The different keys are identified by key identification codes (KeyID). In particular, the encryption and decryption engine of the disclosure operates in a high security manner. A computer system in accordance with an exemplary embodiment of the disclosure includes a processor. The processor has an encryption and decryption engine that encrypts and decrypts the system memory that is coupled to the processor. The encryption and decryption engine includes a key table. In response to a platform setting instruction, the processor reads a key identification code from a key identification code register (EDX), and reads control parameters from a control parameter register (ECX). Based on the control parameters, the processor manages a key, associated with the key identification code, in the key table. Based on the aforementioned concept, the system memory encryption and decryption method is shown. In response to a platform setting instruction, the method includes reading a key identification code from a key identification code register (EDX), and reading control parameters from a control parameter register (ECX). Based on the control parameters, the method includes managing a key, associated with the key identification code, in a key table. The key table is built within an encryption and decryption engine that operates to encrypt and decrypt the system memory. A detailed description is given in the following embodiments with reference to the accompanying drawings. BRIEF DESCRIPTION OF THE DRAWINGS The present disclosure can be more fully understood by reading the subsequent detailed description and examples with references made to the accompanying drawings, wherein: FIG. 1 illustrates a processor 100 that is coupled to a system memory 102 to implement a computer system in accordance with an exemplary embodiment of the disclosure; FIG. 2A illustrates the implementation details of the core Core0, . . . , or CoreN of the CCD 104 in accordance with an exemplary embodiment of the disclosure; FIG. 2B illustrates the implementation details of the GCID conversion table 206 of FIG. 2A in accordance with an exemplary embodiment of the disclosure; FIG. 3 illustrates the other details of the CCD 104 in accordance with an exemplary embodiment of the disclosure; FIG. 4A illustrates implementation details of IOD 106 in accordance with an exemplary embodiment of the disclosure; FIG. 4B illustrates the implementation details of the key table 119 of FIG. 4A in accordance with an exemplary embodiment of the disclosure; FIG. 5 illustrates the generation process of the key table 119 in accordance with an exemplary embodiment of the disclosure; FIG. 6 illustrates the process of establishing the GCID conversion table 206 in accordance with an exemplary embodiment of the disclosure; FIG. 7 illustrates the simplified key identification code KeyID_R (={RGCID, iID}) acquisition procedure which is performed in response to a read/write instruction in accordance with an exemplary embodiment of the disclosure; FIG. 8 illustrates the flow of a reading operation in accordance with an exemplary embodiment of the disclosure; FIG. 9 illustrates the flow of data writing operations in accordance with an exemplary embodiment of the disclosure; FIG. 10 illustrates the encryption and decryption modes 1000 corresponding to the different values of the page granular identification code iID; and FIG. 11 shows a flow chart illustrating a protection method of the key table 119 in accordance with an exemplary embodiment of the disclosure. DETAILED DESCRIPTION OF THE DISCLOSURE The following description lists various embodiments of the present disclosure, but is not intended to limit thereto. The actual scope of the disclosure should be defined according to the scope of the application. The various units, modules, or functional blocks mentioned below may be implemented by a combination of hardware, software, and firmware, and may