Abstract: A system and method are provided that enables a processor to undergo a functional test of its circuits prior to attachment to a semiconductor package and prior to use in a computing platform. The method of testing chips includes attaching a non-packaged semiconductor circuit to a test bed, loading computer instructions into a memory of the non-packaged semiconductor circuit, and operating the non-packaged semiconductor circuit in a test boot mode and executing the computer instructions in that mode. The operation logs one or more events of the execution of the instructions in the test boot mode and transmits the logs of the one or more events from the non-packaged semiconductor circuit via a joint test action group (JTAG) interface or a universal asynchronous receiver/transmitter (UART) interface.

Abstract: A system and method are provided that enables a processor to undergo a functional test of its circuits prior to attachment to a semiconductor package and prior to use in a computing platform. The method of testing chips includes attaching a non-packaged semiconductor circuit to a test bed, loading computer instructions into a memory of the non-packaged semiconductor circuit, and operating the non-packaged semiconductor circuit in a test boot mode and executing the computer instructions in that mode. The operation logs one or more events of the execution of the instructions in the test boot mode and transmits the logs of the one or more events from the non-packaged semiconductor circuit via a joint test action group (JTAG) interface or a universal asynchronous receiver/transmitter (UART) interface.

Abstract: A method, apparatus, and system for storing memory encryption realm key IDs is disclosed. A method comprises accessing a memory ownership table with a physical address to determine a realm ID associated with the physical address, accessing a key ID association structure with the realm ID to determine a realm key IS associated with the realm ID, and initiating a memory transaction based on the realm key ID. Once retrieved, the realm key ID may be stored in a translation lookaside buffer.

Abstract: Disclosed are techniques for external quiesce of a core in a multi-core system. In some aspects, a method for external quiesce of a core in a multi-core system-on-chip (SoC), comprises, at control circuitry for the multi-core SoC, receiving an indication that a core in a multi-core SoC should be quiesced, determining that the core should be externally quiesced, and asserting an external quiesce request input into the core.

Abstract: Disclosed are techniques for performing a low-impact firmware update to a first microcontroller. In an aspect, a security entity communicatively coupled to the first microcontroller receives an update to firmware of the first microcontroller, authenticates the update to the firmware of the first microcontroller to prevent a security-related rollback, offloads system management tasks and interrupt handling from the first microcontroller to at least a second microcontroller communicatively coupled to the first microcontroller, coordinates installation of the update to the firmware of the first microcontroller without taking processing cycles from host software, and restores, to the first microcontroller, system management states occurring after the system management tasks and interrupt handling are offloaded from the first microcontroller.

Abstract: Disclosed are techniques for management of multiple processor cores in a multi-core system-on-chip (SoC). In an implementation, the SoC may configure each processor core in a first subset of processor cores as a management controller for performing system management functions for processor cores not in the first subset, the first subset comprising at least one processor core from the plurality of processor cores. System management functions are handled by the processor cores in the first subset, while operating system functions are handled by the processor cores not in the first subset. In an implementation, the number of processor cores to be included in the first subset (which may be zero if it is desired that the SoC may operate in legacy mode), may be controlled at boot time according to a boot setting.

Abstract: Disclosed are techniques for external quiesce of a core in a multi-core system. In some aspects, a method for external quiesce of a core in a multi-core system-on-chip (SoC), comprises, at control circuitry for the multi-core SoC, receiving an indication that a core in a multi-core SoC should be quiesced, determining that the core should be externally quiesced, and asserting an external quiesce request input into the core.

Abstract: Disclosed are techniques for performing a low-impact firmware update to a first microcontroller. In an aspect, a security entity communicatively coupled to the first microcontroller receives an update to firmware of the first microcontroller, authenticates the update to the firmware of the first microcontroller to prevent a security-related rollback, offloads system management tasks and interrupt handling from the first microcontroller to at least a second microcontroller communicatively coupled to the first microcontroller, coordinates installation of the update to the firmware of the first microcontroller without taking processing cycles from host software, and restores, to the first microcontroller, system management states occurring after the system management tasks and interrupt handling are offloaded from the first microcontroller.

Abstract: Disclosed are techniques for management of multiple processor cores in a multi-core system-on-chip (SoC). In an implementation, the SoC may configure each processor core in a first subset of processor cores as a management controller for performing system management functions for processor cores not in the first subset, the first subset comprising at least one processor core from the plurality of processor cores. System management functions are handled by the processor cores in the first subset, while operating system functions are handled by the processor cores not in the first subset. In an implementation, the number of processor cores to be included in the first subset (which may be zero if it is desired that the SoC may operate in legacy mode), may be controlled at boot time according to a boot setting.

Abstract: A system and method are provided that enable a processor to have the immutable code and data that it uses for its boot process to be securely patched. A system may include a read only memory (ROM) storing one or more certificates and instructions, an array of one-time programmable (OTP) indicators, a bootstrap controller connected to the ROM and the array of OTP indicators, and a random access memory (RAM) connected to the bootstrap controller. The bootstrap controller is configured to verify integrity of firmware for boot based on certificates stored in ROM, check for a patch in the array of OTP indicators, and write the one or more certificates and the instructions in ROM and the patch into the RAM. The patch may be loaded into RAM by the bootstrap controller and overwrite ROM instructions or certificates in RAM.

Abstract: A system and method are provided that enables a processor to undergo a functional test of its circuits prior to attachment to a semiconductor package and prior to use in a computing platform. The method of testing chips includes attaching a non-packaged semiconductor circuit to a test bed, loading computer instructions into a memory of the non-packaged semiconductor circuit, and operating the non-packaged semiconductor circuit in a test boot mode and executing the computer instructions in that mode. The operation logs one or more events of the execution of the instructions in the test boot mode and transmits the logs of the one or more events from the non-packaged semiconductor circuit via a joint test action group (JTAG) interface or a universal asynchronous receiver/transmitter (UART) interface.

Abstract: A method, apparatus, and system for storing memory encryption realm key IDs is disclosed. A method comprises accessing a memory ownership table with a physical address to determine a realm ID associated with the physical address, accessing a key ID association structure with the realm ID to determine a realm key IS associated with the realm ID, and initiating a memory transaction based on the realm key ID. Once retrieved, the realm key ID may be stored in a translation lookaside buffer.

Abstract: A method, apparatus, and system for storing memory encryption realm key IDs is disclosed. A method comprises accessing a memory ownership table with a physical address to determine a realm ID associated with the physical address, accessing a key ID association structure with the realm ID to determine a realm key IS associated with the realm ID, and initiating a memory transaction based on the realm key ID. Once retrieved, the realm key ID may be stored in a translation lookaside buffer.

Abstract: A system and method is provided that enables a processor to undergo RMA after being in a secured operating state, where the secure state includes hardware disabling of test access ports and debug ports during a boot process. The apparatus providing this computer security at power-on or boot-up may have at least two one-time programmable indicators, a bootstrap controller that controls at least two boot-time switches and reads the one-time programmable indicators, and a read only memory storing at least one instruction. The bootstrap controller calculates an operating state such as a secure state or RMA state based on the at least two one-time programmable indicators. The bootstrap controller then enables or disables an execution of the at least one instruction or enables or disables a hardware port based on the operating state. The bootstrap controller may provide switching between RMA and secure states via sequential one-time programming of indicators.

Abstract: A method, apparatus, and system for storing memory encryption realm key IDs is disclosed. A method comprises accessing a memory ownership table with a physical address to determine a realm ID associated with the physical address, accessing a key ID association structure with the realm ID to determine a realm key IS associated with the realm ID, and initiating a memory transaction based on the realm key ID. Once retrieved, the realm key ID may be stored in a translation lookaside buffer.

Abstract: Embodiments of the disclosure include systems and methods for storage of a first plurality of cryptographic keys associated with a first plurality of corresponding Protected Software Environments (PSEs) supervised by a PSE-management software running on a computer system and configured to supervise a superset of the plurality of PSEs. The computer system stores currently unused keys of the superset in a relatively cheap, large, and slow memory and caches the keys of the first plurality in a relatively fast, small, and expensive memory. In one embodiment, in a computer system having a first processor, a first memory controller, and a first RAM, the first memory controller has a memory cryptography circuit connected between the first processor and the first RAM, the memory cryptography circuit has a keystore and a first cryptographic engine, and the keystore is configured to store a first plurality of cryptographic keys accessible by a cryptographic-key identification.

Abstract: Exemplary features pertain to providing trusted platform module (TPM) support for ARM®-based systems or other Reduced Instruction Set Computing (RISC) systems. In some examples, secure firmware (e.g., TrustZone firmware) operates as a shim between an unsecure high level operating system (HLOS) and a discrete TPM chip or other trusted execution environment component. The secure firmware reserves a portion of non-secure memory for use as a command response buffer (CRB) control block accessible by the HLOS. The secure firmware translates and relays TPM commands/responses between the HLOS and the TPM via the non-secure CRB memory. The system may also include various non-secure firmware components such as Advanced Configuration and Power Interface (ACPI) and Unified Extensible Firmware Interface (UEFI) components. Among other features, the exemplary system can expose the TPM to the HLOS via otherwise standard UEFI protocols and ACPI tables in a manner that is agnostic to the HLOS.

Abstract: Systems and methods are disclosed for providing operating system independent error control in computing devices. One embodiment is a method comprising: defining with a reliability, availability and serviceability (RAS) controller a first memory region for correctable errors and a second memory region for uncorrectable errors; receiving an error indication at the RAS controller; determining with the RAS controller whether the received error indication is a correctable error; and in response to the determination, if the received error indication is a correctable error, writing with the RAS controller information about the correctable error to the first memory region, and if the received error indication is an uncorrectable error, writing with the RAS controller information about the uncorrectable error to the second memory region and sending an interrupt request from the RAS controller to an operating system executing on a processor.

Abstract: Systems and methods are disclosed for providing operating system independent error control in computing devices. One embodiment is a method comprising: defining with a reliability, availability and serviceability (RAS) controller a first memory region for correctable errors and a second memory region for uncorrectable errors; receiving an error indication at the RAS controller; determining with the RAS controller whether the received error indication is a correctable error; and in response to the determination, if the received error indication is a correctable error, writing with the RAS controller information about the correctable error to the first memory region, and if the received error indication is an uncorrectable error, writing with the RAS controller information about the uncorrectable error to the second memory region and sending an interrupt request from the RAS controller to an operating system executing on a processor.