&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=11941131.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 11,941,131 B1</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Isolation of secrets from an operating system</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Sudhir Satpathy,  Redmond, WA (US);  Wojciech Stefan Powiertowski,  Kirkland, WA (US);  Nagendra Gupta Modadugu,  San Francisco, CA (US); and  Neeraj Upasani,  Sammamish, WA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Meta Platforms Technologies, LLC,  Menlo Park, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Meta Platforms Technologies, LLC,  Menlo Park, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Feb.  11, 2021, as Appl. No. 17/248,883.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Claims priority of provisional application 63/132,962, filed on Dec.  31, 2020.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 21/60</b></i> (2013.01); <i><b>G06F 1/16</b></i> (2006.01); <i><b>G06F 3/01</b></i> (2006.01); <i><b>G06F 15/78</b></i> (2006.01); <i><b>G06F 21/10</b></i> (2013.01); <i><b>G06F 21/64</b></i> (2013.01); <i><b>G06F 21/79</b></i> (2013.01); <i><b>G06T 19/00</b></i> (2011.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 21/602</b></i> (2013.01)&#xa0;[<i><b>G06F 1/163</b></i> (2013.01); <i><b>G06F 3/012</b></i> (2013.01); <i><b>G06F 15/7807</b></i> (2013.01); <i><b>G06F 21/64</b></i> (2013.01); <i><b>G06F 21/79</b></i> (2013.01); <i><b>G06T 19/006</b></i> (2013.01); <i>G06F 21/107</i> (2023.08)]</td>
            <td class="table_data" align="right"><b>18 Claims</b></td>
          </tr>
        </table>
        <center><img src="US11941131-20240326-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method for execution on a system on a chip (SoC) having a plurality of subsystems, the method comprising:<div class="claim_text">configuring a storage controller to operate in a direct memory access mode;</div>
                <div class="claim_text">receiving, by the storage controller of the SoC and from a subsystem of the plurality of subsystems, a command to fetch, from a local memory, task descriptor data comprising access parameters for accessing a storage device, the access parameters including a storage device address;</div>
                <div class="claim_text">obtaining, by an encryption engine of the SoC, the command to fetch the task descriptor data, wherein obtaining the command includes snooping for the command on a read address channel of the storage controller;</div>
                <div class="claim_text">determining, by the encryption engine and based on an access rule, whether the subsystem has sufficient privilege to access the storage device address;</div>
                <div class="claim_text">in response to determining that the subsystem has sufficient privilege to access the storage device, encrypting, by the encryption engine, data in the local memory using an encryption key associated with the subsystem; and</div>
                <div class="claim_text">outputting, by the encryption engine, the encrypted data to the storage controller for writing to the storage device at the storage device address.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>