US 12,267,423 B2
Seamless access to trusted domain protected memory by virtual machine manager using transformer key identifier
David M. Durham, Beaverton, OR (US); and Siddhartha Chhabra, Portland, OR (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Sep. 24, 2021, as Appl. No. 17/485,146.
Prior Publication US 2022/0014356 A1, Jan. 13, 2022
Int. Cl. H04L 29/06 (2006.01); G06F 9/455 (2018.01); H04L 9/08 (2006.01)
CPC H04L 9/088 (2013.01) [G06F 9/45558 (2013.01); G06F 2009/45587 (2013.01)] 22 Claims
OG exemplary drawing
 
1. An apparatus comprising:
a processor comprising:
at least one core to execute instructions of a plurality of virtual machines (VMs) and a virtual machine monitor (VMM); and
a cryptographic engine comprising circuitry to protect data associated with the plurality of VMs through use of a plurality of private keys and a trusted transformer key, wherein each of the plurality of private keys are to protect program instructions and data of a respective VM and the trusted transformer key is to protect management structure data for the plurality of VMs;
wherein the processor is to provide, to the VMM, read and write access to the management structure data through an untrusted transformer key and, upon detecting that VMM-written management structure data is protected using the untrusted transformer key, cause the VMM-written management structure data to be decrypted by using the untrusted transformer key and encrypted using the trusted transformer key.