Abstract: A processor, including: a core; system test circuitry, the system test circuitry to be locked during operational processor operation; reset circuitry including a kick-off test (KOT) input, the reset circuitry to detect a reset with the KOT input asserted, and to initiate an in-field system test (IFST) mode; a test interface controller to receive in IFST mode an encrypted test packet having a signature, verify the signature of the test packet, and decrypt the test packet; and IFST control circuitry to cause the system test circuitry to perform an IFST test according to the decrypted test packet and to log or report results.

Abstract: A processor, including: a core; system test circuitry, the system test circuitry configured to be locked except during an in-field system test (IFST) mode; IFST control circuitry; and a test interface controller, including: a data interface to receive a test packet; a parser to parse the test packet into a key, a signature, and a stored hash-of-hashes; a decryption circuit to decrypt the signature according to the key and to generate a computed hash-of-hashes; a hash circuit to verify the stored hash-of-hashes against the computed hash-of-hashes; and an IFST interface, wherein the test interface controller is to signal the IFST control circuitry to place the system test circuitry in IFST mode.

Abstract: A processor implementing techniques for supporting configurable security levels for memory address ranges is disclosed. In one embodiment, the processor includes a processing core a memory controller, operatively coupled to the processing core, to access data in an off-chip memory and a memory encryption engine (MEE) operatively coupled to the memory controller. The MEE is to responsive to detecting a memory access operation with respect to a memory location identified by a memory address within a memory address range associated with the off-chip memory, identify a security level indicator associated with the memory location based on a value stored on a security range register. The MEE is further to access at least a portion of a data item associated with the memory address range of the off-chip memory in view of the security level indicator.

Abstract: A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

Abstract: A processor implementing techniques for supporting configurable security levels for memory address ranges is disclosed. In one embodiment, the processor includes a processing core a memory controller, operatively coupled to the processing core, to access data in an off-chip memory and a memory encryption engine (MEE) operatively coupled to the memory controller. The MEE is to responsive to detecting a memory access operation with respect to a memory location identified by a memory address within a memory address range associated with the off-chip memory, identify a security level indicator associated with the memory location based on a value stored on a security range register. The MEE is further to access at least a portion of a data item associated with the memory address range of the off-chip memory in view of the security level indicator.

Abstract: A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

Abstract: Secure memory repartitioning technologies are described. A processor includes a processor core and a memory controller coupled between the processor core and main memory. The main memory includes a memory range including a section of convertible pages that are convertible to secure pages or non-secure pages. The processor core, in response to a page conversion instruction, is to determine from the instruction a convertible page in the memory range to be converted and convert the convertible page to be at least one of a secure page or a non-secure page. The memory range may also include a hardware reserved section that is convertible in response to a section conversion instruction.

Abstract: In an embodiment, a processor includes at least one core, a power management unit having a first test register including a first field to store a test patch identifier associated with a test patch and a second field to store a test mode indicator to request a core functionality test, and a microcode storage to store microcode to be executed by the at least one core. Responsive to the test patch identifier, the microcode may access a firmware interface table and obtain the test patch from a non-volatile storage according to an address obtained from the firmware interface table. Other embodiments are described and claimed.

Abstract: A processor implementing techniques for supporting configurable security levels for memory address ranges is disclosed. In one embodiment, the processor includes a processing core a memory controller, operatively coupled to the processing core, to access data in an off-chip memory and a memory encryption engine (MEE) operatively coupled to the memory controller. The MEE is to responsive to detecting a memory access operation with respect to a memory location identified by a memory address within a memory address range associated with the off-chip memory, identify a security level indicator associated with the memory location based on a value stored on a security range register. The MEE is further to access at least a portion of a data item associated with the memory address range of the off-chip memory in view of the security level indicator.

Abstract: In an embodiment, a processor includes at least one core, a power management unit having a first test register including a first field to store a test patch identifier associated with a test patch and a second field to store a test mode indicator to request a core functionality test, and a microcode storage to store microcode to be executed by the at least one core. Responsive to the test patch identifier, the microcode may access a firmware interface table and obtain the test patch from a non-volatile storage according to an address obtained from the firmware interface table. Other embodiments are described and claimed.

Abstract: A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

Abstract: Systems and methods for memory protection for implementing trusted execution environment. An example processing system comprises: an on-package memory; a memory encryption engine (MEE) comprising a MEE cache, the MEE to: responsive to failing to locate, within the MEE cache, an encryption metadata associated with a data item loaded from an external memory, retrieve at least part of the encryption metadata from the OPM, and validate the data item using the encryption metadata.

Abstract: Systems and methods for secure delivery of output surface bitmaps to a display engine. An example processing system comprises: an architecturally protected memory; and a plurality of processing devices communicatively coupled to the architecturally protected memory, each processing device comprising a first processing logic to implement an architecturally-protected execution environment by performing at least one of: executing instructions residing in the architecturally protected memory, or preventing an unauthorized access to the architecturally protected memory; wherein each processing device further comprises a second processing logic to establish a secure communication channel with a second processing device of the processing system, employ the secure communication channel to synchronize a platform identity key representing the processing system, and transmit a platform manifest comprising the platform identity key to a certification system.

Abstract: Systems and methods for secure delivery of output surface bitmaps to a display engine. An example processing system comprises: an architecturally protected memory; and a plurality of processing devices communicatively coupled to the architecturally protected memory, each processing device comprising a first processing logic to implement an architecturally-protected execution environment by performing at least one of: executing instructions residing in the architecturally protected memory, or preventing an unauthorized access to the architecturally protected memory; wherein each processing device further comprises a second processing logic to establish a secure communication channel with a second processing device of the processing system, employ the secure communication channel to synchronize a platform identity key representing the processing system, and transmit a platform manifest comprising the platform identity key to a certification system.

Abstract: Secure memory repartitioning technologies are described. A processor includes a processor core and a memory controller coupled between the processor core and main memory. The main memory includes a memory range including a section of convertible pages are convertible to secure pages or non-secure pages. The processor core, in response to a page conversion instruction, is to determine from the instruction a convertible page in the memory range to be converted and convert the convertible page to be at least one of a secure page or a non-secure page. The memory range may also include a hardware reserved section are convertible in response to a section conversion instruction.

Abstract: Embodiments of apparatuses and methods for improving performance in a virtualization architecture are disclosed. In one embodiment, an apparatus includes a processor and a processor abstraction layer. The processor abstraction layer includes instructions that, when executed by the processor, support techniques to improve the performance of the apparatus in a virtualization architecture.

Abstract: Embodiments of apparatuses and methods for improving performance in a virtualization architecture are disclosed. In one embodiment, an apparatus includes a processor and a processor abstraction layer. The processor abstraction layer includes instructions that, when executed by the processor, support techniques to improve the performance of the apparatus in a virtualization architecture.

Abstract: A technique to improve the performance of virtualized input/output (I/O) resources of a microprocessor within a virtual machine environment. More specifically, embodiments of the invention enable accesses of virtualized I/O resources to be made by guest software without necessarily invoking host software. Furthermore, embodiments of the invention enable more efficient delivery of interrupts to guest software by alleviating the need for host software to be invoked in the delivery process.