Search

US-12626025-B2 - Computing system and trusted computing method

US12626025B2US 12626025 B2US12626025 B2US 12626025B2US-12626025-B2

Abstract

A trusted computing technology is shown. An isolated memory stores a security interrupt descriptor table (SIDT) to correspond to security interrupts triggered by security peripherals. A first register of the trusted core stores a first address pointing to the SIDT. A local advanced programmable interrupt controller in the trusted core provides an interrupt arbiter that arbitrates between peripheral interrupts received from the chipset. When producing an arbitration result showing that a target interrupt is a security interrupt, the interrupt arbiter outputs a security interrupt request and a security interrupt vector to trigger the trusted core to search the SIDT indicated by the first register, to get a target security interrupt descriptor for execution of the corresponding interrupt program.

Inventors

  • Zhenhua Huang
  • Yingbing Guan
  • Yanting Li

Assignees

  • SHANGHAI ZHAOXIN SEMICONDUCTOR CO., LTD.

Dates

Publication Date
20260512
Application Date
20230324
Priority Date
20221102

Claims (20)

  1. 1 . A computing system, comprising: a processor, including a normal core, and a trusted core for trusted computing; a system memory, providing a normal memory, and an isolated memory for the trusted computing; and a chipset, coupled to the processor, the system memory, and a plurality of peripherals for communication among the processor, the system memory, and the plurality of peripherals, wherein: the isolated memory stores a security interrupt descriptor table to correspond to security interrupts triggered by security peripherals; a first register of the trusted core stores a first address pointing to the security interrupt descriptor table; a local advanced programmable interrupt controller of the trusted core includes an interrupt arbiter that arbitrates between peripheral interrupts received from the chipset, to separate processing of the security interrupts triggered by the security peripherals from processing of normal interrupts triggered by normal peripherals; when producing an arbitration result showing that a target interrupt is a security interrupt, the interrupt arbiter outputs a security interrupt request and a security interrupt vector to trigger the trusted core to search the security interrupt descriptor table indicated by the first register, to get a target security interrupt descriptor for execution of a corresponding interrupt program.
  2. 2 . The computing system as claimed in claim 1 , wherein: the normal memory stores a normal interrupt descriptor table to correspond to the normal interrupts triggered by the normal peripherals; a second register of the trusted core stores a second address pointing to the normal interrupt descriptor table; when producing an arbitration result showing that a target interrupt is a normal interrupt, the interrupt arbiter outputs a normal interrupt request and a normal interrupt vector to trigger the trusted core to search the normal interrupt descriptor table indicated by the second register, to get a target normal interrupt descriptor for execution of a corresponding interrupt program.
  3. 3 . The computing system as claimed in claim 1 , wherein: the chipset transfers a message signaled interrupt received from a security peripheral to the processor, to inform the interrupt arbiter of the local advanced programmable interrupt controller of the trusted core that a security interrupt is issued by the security peripheral.
  4. 4 . The computing system as claimed in claim 3 , wherein: the message signaled interrupt issued by the security peripheral is marked by the chipset for a host interface advanced programmable interrupt controller on the processor to recognize that the message signaled interrupt is issued by the security peripheral and, accordingly, the host interface advanced programmable interrupt controller transfers the message signaled interrupt to the interrupt arbiter of the local advanced programmable interrupt controller of the trusted core.
  5. 5 . The computing system as claimed in claim 4 , wherein: the chipset changes base address information carried in the message signaled interrupt to a specific value to show that the message signaled interrupt is issued by the security peripheral.
  6. 6 . The computing system as claimed in claim 1 , wherein: the chipset includes a security interrupt controller; each security peripheral has a peripheral-chipset pin coupled to the security interrupt controller to transfer a security interrupt from the security peripheral to the security interrupt controller; and the security interrupt controller is further coupled to the processor and, in response to a security interrupt received from a security peripheral, the security interrupt controller informs the interrupt arbiter of the local advanced programmable interrupt controller of the trusted core that the security interrupt is issued.
  7. 7 . The computing system as claimed in claim 6 , wherein the security interrupt controller comprises: a programmable interrupt controller, arbitrating between security interrupts received from the security peripherals connected to the security interrupt controller and, according to an arbitration result, generating a security interrupt request and a security interrupt vector; and a security interrupt processing unit, coupled between the programmable interrupt controller and the processor, wherein the security interrupt processing unit is coupled to the processor via chipset-processor pins corresponding to the different security peripherals and, according to the security interrupt vector received from the programmable interrupt controller, the security interrupt processing unit asserts a corresponding chipset-processor pin.
  8. 8 . The computing system as claimed in claim 7 , wherein: the chipset-processor pins are coupled to the local advanced programmable interrupt controller of the trusted core.
  9. 9 . The computing system as claimed in claim 6 , wherein the security interrupt controller comprises: a programmable interrupt controller, arbitrating between security interrupts received from the security peripherals connected to the security interrupt controller and, according to an arbitration result, generating a security interrupt request and a security interrupt vector; and a security interrupt processing unit, coupled between the programmable interrupt controller and the processor, wherein the security interrupt processing unit transfers the security interrupt vector received from the programmable interrupt controller to the processor.
  10. 10 . The computing system as claimed in claim 9 , wherein: the security interrupt vector that the security interrupt processing unit transfers to the processor is received by the local advanced programmable interrupt controller of the trusted core.
  11. 11 . A trusted computing method, comprising: operating an interrupt arbiter provided by a trusted core of a processor to arbitrate between peripheral interrupts received from a chipset, to separate processing of the security interrupts triggered by security peripherals from processing of normal interrupts triggered by normal peripherals; and when the interrupt arbiter produces an arbitration result showing that a target interrupt is a security interrupt, operating the interrupt arbiter to output a security interrupt request and a security interrupt vector to trigger the trusted core to search a security interrupt descriptor table indicated by a first register, to get a target security interrupt descriptor for execution of a corresponding interrupt program.
  12. 12 . The trusted computing method as claimed in claim 11 , further comprising: when the interrupt arbiter produces an arbitration result showing that a target interrupt is a normal interrupt, operating the interrupt arbiter to output a normal interrupt request and a normal interrupt vector to trigger the trusted core to search a normal interrupt descriptor table indicated by a second register, to get a target normal interrupt descriptor for execution of a corresponding interrupt program.
  13. 13 . The trusted computing method as claimed in claim 11 , further comprising: operating the chipset to transfer a message signaled interrupt received from a security peripheral to the processor, to inform the interrupt arbiter of the trusted core that a security interrupt is issued by the security peripheral.
  14. 14 . The trusted computing method as claimed in claim 13 , wherein: the message signaled interrupt issued by the security peripheral is marked by the chipset for a host interface advanced programmable interrupt controller on the processor to recognize that the message signaled interrupt is issued by the security peripheral and, accordingly, the host interface advanced programmable interrupt controller transfers the message signaled interrupt to the interrupt arbiter of the trusted core.
  15. 15 . The trusted computing method as claimed in claim 14 , wherein: the chipset changes base address information carried in the message signaled interrupt to a specific value to show that the message signaled interrupt is issued by the security peripheral.
  16. 16 . The trusted computing method as claimed in claim 11 , wherein: the chipset includes a security interrupt controller; each security peripheral has a peripheral-chipset pin coupled to the security interrupt controller to transfer a security interrupt from the security peripheral to the security interrupt controller; and the security interrupt controller is further coupled to the processor and, in response to a security interrupt received from a security peripheral, the security interrupt controller informs the interrupt arbiter of the trusted core that the security interrupt is issued.
  17. 17 . The trusted computing method as claimed in claim 16 , wherein the security interrupt controller comprises: a programmable interrupt controller, arbitrating between security interrupts received from the security peripherals connected to the security interrupt controller and, according to an arbitration result, generating a security interrupt request and a security interrupt vector; and a security interrupt processing unit, coupled between the programmable interrupt controller and the processor, wherein the security interrupt processing unit is coupled to the processor via chipset-processor pins corresponding to the different security peripherals and, according to the security interrupt vector received from the programmable interrupt controller, the security interrupt processing unit asserts a corresponding chipset-processor pin.
  18. 18 . The trusted computing method as claimed in claim 17 , wherein: the chipset-processor pins are coupled to a local advanced programmable interrupt controller of the trusted core.
  19. 19 . The trusted computing method as claimed in claim 16 , wherein the security interrupt controller comprises: a programmable interrupt controller, arbitrating between security interrupts received from the security peripherals connected to the security interrupt controller and, according to an arbitration result, generating a security interrupt request and a security interrupt vector; and a security interrupt processing unit, coupled between the programmable interrupt controller and the processor, wherein the security interrupt processing unit transfers the security interrupt vector received from the programmable interrupt controller to the processor.
  20. 20 . The trusted computing method as claimed in claim 19 , wherein: the security interrupt vector that the security interrupt processing unit transfers to the processor is received by a local advanced programmable interrupt controller of the trusted core.

Description

CROSS REFERENCE TO RELATED APPLICATIONS This application claims priority of China Patent Application No. 202211364597.9, filed on Nov. 2, 2022, the entirety of which is incorporated by reference herein. BACKGROUND Technical Field The application relates to trusted computing, in particular to security peripherals for trusted computing. Description of the Related Art Trusted computing can improve computer system security by means of hardware division. For example, the system memory of a computing system can be partitioned to provide an isolated memory for trusted computing only. How to design security peripherals for trusted computing is a major issue in this technical field. BRIEF SUMMARY A computing system in accordance with an exemplary embodiment of the present application includes a processor, a system memory, and a chipset. The processor includes a normal core, and a trusted core for trusted computing. The system memory provides a normal memory, and an isolated memory for the trusted computing. The chipset is coupled to the processor, the system memory, and a plurality of peripherals for communication among the processor, the system memory, and the plurality of peripherals. The isolated memory stores a security interrupt descriptor table to correspond to security interrupts triggered by security peripherals. A first register of the trusted core stores a first address pointing to the security interrupt descriptor table. A local advanced programmable interrupt controller of the trusted core includes an interrupt arbiter that arbitrates between peripheral interrupts received from the chipset. When producing an arbitration result showing that a target interrupt is a security interrupt, the interrupt arbiter outputs a security interrupt request and a security interrupt vector to trigger the trusted core to search the security interrupt descriptor table indicated by the first register, to get a target security interrupt descriptor for execution of a corresponding interrupt program. Based on the aforementioned concept, a trusted computing method is also introduced. To isolate the processing of security interrupts from the processing of normal interrupts, a particular security interrupt controller may be provided in the chipset (this is different from a normal interrupt controller), or a message signaled interrupt technique may be used. Furthermore, a security interrupt descriptor table (SIDT) and a related security interrupt mechanism are introduced. The trusted core may use a register to point to the SIDT. A detailed description is given in the following embodiments with reference to the accompanying drawings. BRIEF DESCRIPTION OF THE DRAWINGS The application can be more fully understood by reading the subsequent detailed description and examples with references made to the accompanying drawings, wherein: FIG. 1 depicts a computing system 100 in accordance with an exemplary embodiment of the application; FIG. 2 shows a table 200 contained in memory protection configuration information 124 mentioned in FIG. 1; FIG. 3 shows a table 300 that lists the base address and size of each section of the isolated memory 116; FIG. 4 illustrates how the processor 102 handles the interrupts in accordance with an exemplary embodiment of the application; FIG. 5 illustrates details of the security interrupt controller 128 in accordance with an exemplary embodiment of the application; FIG. 6 illustrates details of the security interrupt controller 128 in accordance with another exemplary embodiment of the application; FIG. 7 illustrates a format of a message signaled interrupt (MSI) 702 in accordance with an exemplary embodiment of the application; FIG. 8 illustrates how the processor 102 communicates with the peripherals; and FIG. 9 illustrates how a peripheral communicates with the processor 102. DETAILED DESCRIPTION The following description is made for the purpose of illustrating the general principles of the application and should not be taken in a limiting sense. The scope of the application is best determined by reference to the appended claims. For trusted computing, at least of section of a system memory is isolated for security use. The storage space different from the general use space is named a security memory. The non-trusted cores (normal cores for general use) and non-secure input and output devices (normal peripherals for general use) are not allowed to access the isolated memory. Only a trusted core dedicated to trusted computing (such as the core of TPCM technology), and security input and output devices (security peripherals) can access the isolated memory. In this case, memory protection configuration information is defined and stored in the chipset, which includes isolation information (such as a base address and size of each section of the isolated memory), and peripheral information (such as showing that a peripheral of a particular peripheral identification code is a normal peripheral or a security peri