U.S. patent application number 13/842974 was filed with the patent office on 2013-08-15 for method and apparatus for establishing safe processor operating points.
The applicant listed for this patent is Stephen A. Fischer, Varghese George, Stephen H. Gunther, Sanjeev Jahagirdar. Invention is credited to Stephen A. Fischer, Varghese George, Stephen H. Gunther, Sanjeev Jahagirdar.
Application Number | 20130212370 13/842974 |
Document ID | / |
Family ID | 36100581 |
Filed Date | 2013-08-15 |
United States Patent
Application |
20130212370 |
Kind Code |
A1 |
Fischer; Stephen A. ; et
al. |
August 15, 2013 |
METHOD AND APPARATUS FOR ESTABLISHING SAFE PROCESSOR OPERATING
POINTS
Abstract
A system and method is provided for establishing safe processor
operating points. Some embodiments may include a tamper resistant
storage element that stores information regarding one or more
operating points of an adjustable processor operating parameter.
Some embodiments may further include an element to determine what
the current processor operating point is of the operating
parameter, and an element to compare the current operating point of
the operating parameter with the stored information.
Inventors: |
Fischer; Stephen A.; (Gold
River, CA) ; George; Varghese; (Folsom, CA) ;
Jahagirdar; Sanjeev; (Folsom, CA) ; Gunther; Stephen
H.; (Beaverton, OR) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
Fischer; Stephen A.
George; Varghese
Jahagirdar; Sanjeev
Gunther; Stephen H. |
Gold River
Folsom
Folsom
Beaverton |
CA
CA
CA
OR |
US
US
US
US |
|
|
Family ID: |
36100581 |
Appl. No.: |
13/842974 |
Filed: |
March 15, 2013 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
13620119 |
Sep 14, 2012 |
|
|
|
13842974 |
|
|
|
|
13365096 |
Feb 2, 2012 |
|
|
|
13620119 |
|
|
|
|
12081204 |
Apr 11, 2008 |
8131989 |
|
|
13365096 |
|
|
|
|
10953771 |
Sep 30, 2004 |
7370189 |
|
|
12081204 |
|
|
|
|
Current U.S.
Class: |
713/2 |
Current CPC
Class: |
G06F 21/57 20130101;
Y02D 10/126 20180101; G06F 1/324 20130101; Y02D 10/00 20180101;
G06F 1/3296 20130101; G06F 2221/2101 20130101; G06F 21/70 20130101;
G06F 21/81 20130101; G06F 21/575 20130101 |
Class at
Publication: |
713/2 |
International
Class: |
G06F 21/57 20060101
G06F021/57 |
Claims
1. A processor, comprising: i) first logic circuitry to cause
saidprocessor's boot up process to be a secure boot up process; ii)
second logic circuitry having an interface to communicate to a
voltage regulator, said second logic circuitry having an input that
accepts first information, said first information indicative of a
supply voltage applied to said processor during said boot up
process; iii) a first storage element to store second information
indicative of a safe supply voltage operating range of said
processor; v) comparison circuitry that accepts said first
information and accepts said second information, said comparison
circuitry to ensure that said supply voltage does not reside
outside said safe supply voltage operating range during said boot
up process.
Description
CLAIM TO PRIORITY
[0001] This application is a continuation of U.S. patent
application Ser. No. 13/620,119 filed on Sep. 14, 2012, entitled
"Method and Apparatus For Establishing Safe Processor Operating
Points" which is a continuation of U.S. patent application Ser. No.
13/365,096 filed on Feb. 2, 2012, entitled "Method And Apparatus
For Establishing Safe Processor Operating Points" which is a
continuation of U.S. patent application Ser. No. 12/081,204, filed
on Apr. 11, 2008, entitled "Method And Apparatus For Establishing
Safe Processor Operating Points" now U.S. Pat. No. 8,131,989 Issued
on Mar. 6, 2012, which is a continuation of U.S. patent application
Ser. No. 10/953,771, filed on Sep. 30, 2004, entitled "Method And
Apparatus For Establishing Safe Processor Operating Points In
Connection With A Secure Boot" now U.S. Pat. No. 7,370,189, Issued
on May 6, 2008, all of which are hereby incorporated by reference
in their entirety into this application.
TECHNICAL FIELD
[0002] Embodiments of the present invention generally relate to
control of adjustable processor operating parameters and to
computer processor security.
BACKGROUND OF THE INVENTION
[0003] Computer processors sometimes have adjustable operating
parameters, such as the processor's operating voltage or the
processor's clock frequency. In some laptop computer systems, for
example, it may be desirable to reduce the processor's operating
voltage and/or the processor's clock frequency in order to save
power. The operating point (i.e., the level at which the processor
operates) for such adjustable parameters may be changed during
processor operation or at processor boot-up time, such as at a cold
start or a reset. Adjustable operating parameters may be programmed
to settings that are referenced by, for example, a set of operating
points provided by the processor manufacturer. Such a processor
operating parameters may be said to be adjustable or dynamic even
though there may only be limited levels of adjustment, limited
times when adjustments are made, and/or limits on the devices and
mechanisms that cause the adjustment.
[0004] As noted above, one example of an adjustable operating
parameter may be a processor's operating voltage. In some
processors the processor's operating voltage is governed by an
external voltage regulator, in which case the voltage regulator may
accept a voltage select input that defines a desired voltage to be
provided to the processor. The voltage regulator's voltage select
input may be provided by the processor itself or a chipset and may
be programmable by external software. Another example of an
adjustable operating parameter may be processor clock frequency.
Adjustable processor clock frequency may be supported, for example,
by programmability of a divider between an external input source
clock (e.g., an external bus clock) and an internal processor core
clock. The processor core clock may represent some integer of a
fractional multiple of the external clock, such as generated by a
phase-lock-loop (PLL) or equivalent function. In this case, the
internal processor clock operating frequency may be changed by
reprogramming the value of the external-bus-to-core-clock
divider.
[0005] Computer security involves techniques and mechanisms for
protecting a computer or computer system from compromise through
unauthorized access. Such security techniques may involve software
and/or hardware security mechanisms and may include techniques
directed to the security of the processor.
BRIEF DESCRIPTION OF THE DRAWINGS
[0006] FIG. 1 is a simplified block diagram of a processor with
elements for establishing safe processor operating points in
accordance with an embodiment of the present invention.
[0007] FIG. 2 is a simplified block diagram that illustrates a
system with processors configured to establish the existence of
safe processor operating points in accordance with an embodiment of
the present invention.
[0008] FIG. 3 is a simplified flow diagram for a method of
establishing safe processor operating points for a secure boot in
accordance with an embodiment of the present invention.
DETAILED DESCRIPTION
[0009] The devices and methods described below may be used to
establish that a processor's operating parameter is at an
established acceptable operating point, such as an operating point
that falls within known limits for proper processor operation. Some
embodiments of a system as described below may be used, for
example, in a high security software environment to establish that
a processor participating in a secure boot-up process has a known
safe operating voltage and/or clock frequency, resulting in a
higher confidence in the integrity of the boot-up process. A
"secure boot" may occur dynamically during system operation, such
as in the process of dynamically securing the system in order to
execute a secure application, and may only require a boot of a
secure kernal (i.e., without a reboot of the entire operating
system). Confirmation of safe operating points may be part of an
initial phase of the instruction(s) that perform the secure boot.
Some embodiments may address intentional or accidental incorrect
programming of a processor operating parameter outside of tested or
supported operating points, which might otherwise lead to
unreliable processor operation and a potentially exploitable
security hole. In some embodiments, a processor may be considered
to have been securely booted only if it is operating with its
adjustable operating parameters at safe operating points, and a
system may be considered to have securely booted only if all the
processors in the system are operating with adjustable operating
parameters at safe operating points. It will be appreciated that
modifications and variations of the examples described herein are
covered by the teachings provided below and are within the purview
of the appended claims.
[0010] FIG. 1 is a simplified block diagram of a processor with
elements for establishing safe processor operating points in
accordance with an embodiment of the present invention. FIG. 1
shows a processor 101 which has an adjustable operating voltage and
core clock frequency. In other embodiments, the processor may only
have one adjustable operating parameter, may have different
adjustable operating parameters, or may have additional adjustable
operating parameters (such as output buffer drive strength or a
processor throttling point based on temperature, processor
performance, power consumption, etc.). Processor 101 may be a
system that is embodied on a chip or as multiple separate
components.
[0011] As shown in FIG. 1, processor 101 has a voltage select input
125 and a clock source input 135 which at processor boot-up (also
referred to herein as boot) may be used in determining the
operating voltage and core clock frequency of processor 101. As
discussed above, the voltage select input 125 may also be input to
an external voltage regulator (not shown) which specifies the
voltage that is input to processor 101. Processor 101 may determine
what the current voltage is that is being driven to processor 101
by reading the voltage select input 125. In other embodiments,
instead of a voltage select input 125, processor 101 may determine
the current voltage by feedback from a voltage adjustment output,
from a logic structure that feeds back, or some other arrangement.
In some embodiments, clock source input 135 may accept input from
an external input source clock, such as an external bus clock, and
may be used to define the internal core clock frequency of
processor 101.
[0012] As shown in FIG. 1, processor 101 contains a voltage
operating point controller 120, a clock operating point controller
130, a reference information storage element 140, and secure boot
logic 150. In the embodiment shown, voltage operating point
controller 120 is coupled to voltage select input 125, is coupled
to voltage adjustment output 128, and is coupled by lines 126, 127
and 129 to secure boot logic 150. Voltage operating point
controller 120 may use voltage select input 125 to determine what
the current voltage operating point is for processor 101. In some
embodiments, voltage operating point controller 120 may adjust the
current voltage operating point by sending a signal over voltage
adjustment output 128 to a device that specifies the external
voltage (such as an external voltage regulator). Thus, by sending a
signal over voltage adjustment output 128, voltage operating point
controller 120 may adjust the operating point for the operating
voltage of processor 101. Of course, in other embodiments the
operating voltage of processor 101 may be adjusted using other
mechanisms, such as different internal control elements, different
external control elements, fully internal elements, etc. In some
embodiments, the voltage adjustment output and voltage select input
may be implemented on the same pin, in a wired-or arrangement, or
in arrangements other than shown in FIG. 1.
[0013] In the embodiment shown, clock operating point controller
130 is coupled to a clock input source 135 and is coupled by lines
137-139 to secure boot logic 150. In this embodiment, clock
operating point controller 130 includes a programmable divider 134
which, as discussed above, may divide an external input source
clock from clock source input 135 (e.g., an external bus clock)
into an internal processor core clock, which thus may represent
some integer of a fractional multiple of the external clock. In
this case, the internal processor clock operating frequency may be
changed by reprogramming the value of the
external-bus-to-core-clock divider. In other embodiments, the clock
frequency of processor 101 may be adjusted using other mechanisms,
such as providing control to an external clock generator that
provides the clock source.
[0014] In embodiments, reference information storage element 140
stores reference information regarding one or more acceptable
operating points for one more adjustable processor operating
parameters. Thus, a given processor may have internal storage for
one-to-multiple reference points. For a given operating parameter,
the reference information stored in reference information storage
element 140 may define a single acceptable operating point or may
specify a range of acceptable operating points for that parameter.
As shown in FIG. 1, reference information storage element 140
contains a voltage reference storage element 142 and a clock
reference storage element 143. Voltage reference storage element
142 may store information regarding an acceptable operating
voltage, and clock reference storage element 143 may store
information regarding an acceptable operating clock frequency.
Voltage storage element 142 and clock reference storage element 143
may be, for example, silicon fuses, ROM, EEPROM, flash EPROM, or
some other equivalent tamper resistant function. Although FIG. 1
shows separate voltage reference storage element 142 and clock
reference storage element 143, settings for multiple operating
parameters may also be stored together. Processor 101 may contain
reference storage element 140 on the same chip or as a separate
device that is external to the core processor chip, but may still
be considered part of processor 101 as used herein.
[0015] In embodiments, reference information storage element 140
stores the reference information so that it is tamper resistant. A
tamper resistant storage is one that stores information in such a
way that the information cannot be easily modified by a person of
skill in the art through unauthorized means, if it can be modified
at all. For example, the reference information may constitute
settings fixed in the processor hardware, firmware, microcode,
etc., or settings fixed at manufacturing time. In some embodiments,
the reference information storage element may be a separate device
that is associated with the processor. In embodiments, such
settings may not be changed without significant efforts, if at all,
once installed in a customer system. Such settings may be
established by the processor manufacturer based upon testing or
some other quality assurance methods known to support reliable
processor operation.
[0016] In connection with the boot function for processor 101,
secure boot logic 150 may determine whether the current operating
point of an operating parameter (such an operating voltage or
operating clock frequency) is acceptable based on a comparison of
the current operating point with the reference information. Secure
boot logic 150 may be part of a processor's secure boot logic. In
the embodiment of FIG. 1, secure boot logic 150 is coupled to
reference information storage element 140 by line 146, which may
provide secure boot logic 150 with reference information regarding
one or more acceptable operating points (such as acceptable voltage
and clock frequency) that is stored in reference information
storage element 140. Secure boot logic 150 is also coupled to
secure boot output 155, which as shown in FIG. 1 provides an output
from processor 101, and contains comparator 152 and comparator 153.
In some embodiments, comparator 152 may compare the operating
voltage as indicated by voltage operating point controller 120 over
line 127 with reference information regarding a secure voltage
operating point that is stored in voltage storage element 142 to
determine whether the current operating voltage is within an
acceptable level. Similarly, comparator 153 may compare the
operating clock frequency as indicated by clock frequency point
controller 130 over line 138 with reference information regarding a
secure voltage operating point that is stored in clock frequency
storage element 143 to determine whether the clock frequency
operating voltage is within an acceptable level.
[0017] In some embodiments, if secure boot logic 150 determines
that the current operating point for an operating parameter is not
acceptable, secure boot logic 150 may send a signal to the
appropriate operating parameter controller (such as over line 129
or 139) to cause the controller to readjust the operating parameter
to an acceptable operating point. In some embodiments, if secure
boot logic 150 determines that the current operating point for an
operating parameter is acceptable, secure boot logic 150 may send a
signal over secure boot output 155 indicating that secure boot
operating parameters have been confirmed. In embodiments, such an
indication may be provided indirectly, such as by setting a
register in a chipset or by a special bus cycle. In some
embodiments, secure boot output 155 may indicate that all
initialization has been completed to enable a secure boot, which
may enable the secure boot to proceed. In some embodiments, secure
boot logic 150 may comprise hardware, firmware, software,
microcode, a state machine, or some combination of these
components, or any other equivalent components.
[0018] Because in some embodiments a voltage change may involve
incrementing or decrementing through a sequence of voltage control
input stages in order to ramp to the newly selected operating
target, voltage operating point controller 120 may provide an
indication over voltage transition status line 126 to secure of
whether the operating voltage is in a steady state or a transition
state. Similarly, in embodiments where transition time must be
provided to re-clock and become stable at the new core clock
frequency, clock transition status line 137 may provide an
indication from clock operating point controller 130 to secure boot
logic 150 of whether a core clock frequency transition is
in-progress. During such a transitional period, processor 101 may
be forced into a temporary sleep, suspend, or stall state to avoid
potential timing malfunctions that could result from an unstable
processor core clock. In such embodiments, secure boot logic 150
may wait until the relevant operating parameter is at a steady
state before determining whether that operating parameter is
acceptable.
[0019] FIG. 2 is a simplified block diagram that illustrates a
system with processors configured to establish the existence of
safe processor operating points in accordance with an embodiment of
the present invention. FIG. 2 shows a system 200 that comprises
processor 101, which is shown in more detail in FIG. 1, processors
203-204, and chipset 210, all of which are coupled to bus 255. The
processors and chipset in system 200 may all be on the same
computer platform, such as a motherboard, or may be on the same
piece of silicon. Bus 255 may be a system bus. Processor 101 is
coupled to bus 255 by secure boot output 155 of FIG. 1. In
connection with a system boot, each of processors 101, 203 and 204
may provide an indication to chipset 210 that that processor has
been found to have acceptable, and thus secure, operating points.
In embodiments, the signaling may be accomplished by, for example,
broadcast of a special bus message, inter-processor interrupt
signaling, setting of status bits within the chipset, dedicated pin
signaling between processors, etc. For example, processor 101 may
send a secure boot indication to chipset 210 to indicate that
processor 101 has been found to have acceptable operating points.
As shown in FIG. 2, chipset 210 has registers 212 which may store
the indication as to whether each processor has acceptable
operating points.
[0020] In some embodiments, one of the processors (such as
processor 204) may be the initiator or master of the boot and may
indicate to the other processors in the system that they have all
confirmed secure operating points. For example, once processor 204
has determined that it has secure operating points, it may check
registers 212 to determine whether the other processors in the
system also have secure operating points. If all processors have
indicated that they are at secure operating points, processor 204
may concluded that it is safe to proceed with the secure boot
function and may send such an indication (for example, by a
broadcast over bus 255) to the other processors in system 200. In
some embodiments, instead of chipset 210, another device (such as
processor 204) may store the indication that each processor has
reached a safe operating point.
[0021] FIG. 3 is a simplified flow diagram for a method of
establishing safe processor operating points for a secure boot in
accordance with an embodiment of the present invention. The method
of FIG. 3 is discussed with reference to the embodiments shown in
FIGS. 1-2, but of course may be practiced with other apparatus.
This method may be performed in connection with a boot function for
the processor and may be part of a secure boot process. For
example, this method may be invoked and or controlled by the boot
function and may occur before, during, or after other operations
relating to the processor boot function are taking place. This
method may be performed by hardware, firmware, software, microcode,
a state machine, or some combination of these components, or any
other equivalent components.
[0022] According to the method shown in FIG. 3, a boot function is
initiated (301). This boot function may be controlled, for example,
by a processor Basic Input Output System (BIOS) or some other
element, such as an operating system that may be in the process of
dynamically securing the system in order to execute a secure
application. In connection with this boot function, the first
operating point of an operating parameter may be determined (302).
The first operating point may be based on a signal received from
outside the processor. For example, the processors operating
voltage may be determined by voltage operating point controller 120
based on voltage select input 125 as discussed above. The first
operating point may be compared against reference information
(303). In some embodiments, the reference information may be stored
in the processor in a tamper resistant or trusted storage element.
For example, comparator 152 may compare the voltage operating point
against the reference voltage stored in storage element 142. In
some embodiments, the processor waits for the operating parameter
to reach a stable state before it is compared with the reference
information. If the first operating point is acceptable (304), then
a signal may be sent to another processor or device (for example,
over bus 255) indicating that the operating parameter is safe for
processor boot, and which may enable the secure boot to proceed. In
some embodiments, such as shown in FIG. 1, the processor may only
make an indication that it is safe to proceed with the secure boot
only if all of its adjustable parameters that are critical for
reliable processor operation were determined to be at safe
operating points.
[0023] If it was determined that the first operating point was not
acceptable (304), then a determination may be made as to whether
the processor is able to adjust the operating point (306). In some
embodiments, although the chipset or other external device is able
to adjust the operating point (such as the processor voltage), the
processor may not be able to make such an adjustment through the
secure boot logic, for example if the adjustment may only be made
through the chipset. If the processor is not able to adjust the
operating point, then the processor may abort from the secure
processor boot (307). If the processor is able to adjust the
operating parameter, then an adjustment may be made to the first
operating point based on the stored reference information (308).
For example, voltage operating point controller 120 may send a
signal over voltage adjustment output 128 that modifies (increases
or decreases) the voltage operating point for processor 101. The
new operating point may be tested to determine if it is acceptable,
as discussed above (304). In some embodiments, the secure boot
logic may wait for the transition to the new state to occur (as
shown, for example by clock transition status line 137) before
determining if the new operating point is acceptable. In some
embodiments, each adjustable operating parameter in the system
(e.g., voltage and clock frequency) is considered using the method
discussed above.
[0024] In some embodiments, the processor being booted is one
processor in a system of physical or logical processors (which may
or may not be on the same chip), and one of these processors may be
the master processor or initiator for the purpose of a secure boot.
In such embodiments, each logical processor in the system may each
perform method such as discussed above. In embodiments, each
logical processor may send an indication to a device, such as
chipset 210, as to whether each processor's operating point was
determined to be acceptable. If the master processor determines
that the other processors have acceptable operating points, it may
provide an indication to the other processors that all the
processors in the system have acceptable operating points and are
permitted to proceed with the secure boot.
[0025] According to embodiments as discussed above, forcing
operation of processors participating in the secure boot function
to known acceptable operating parameters closes a potential
security hole that may otherwise lead to unreliable processor
operation in connection with the boot function. It will be
appreciated that modifications and variations of the embodiments
discussed above are covered by the teachings provided and are
within the purview of the appended claims.
* * * * *