US 12,106,133 B2
Method and apparatus for trusted devices using Trust Domain Extensions
Ravi Sahita, Portland, OR (US); and Vedvyas Shanbhogue, Austin, TX (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Nov. 11, 2020, as Appl. No. 17/095,119.
Prior Publication US 2021/0141658 A1, May 13, 2021
Int. Cl. G06F 9/455 (2018.01); G06F 9/445 (2018.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01)
CPC G06F 9/45558 (2013.01) [G06F 9/445 (2013.01); H04L 9/3263 (2013.01); H04L 63/0428 (2013.01); H04L 63/08 (2013.01); G06F 2009/45583 (2013.01); G06F 2009/45587 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method implemented on a compute platform including one or more devices, a processor, memory, and having a set of hardware, firmware, and software components associated with a trusted computing base (TCB), the software components including a host operating system (OS) and a virtual machine monitor (VMM) that are loaded and executed in a first portion of an address space of the memory employed by the TCB, the method comprising:
implementing a device trust domain (dTD) in a trusted address space comprising a second portion of the memory address space that is separate from the first portion of the memory address space employed by the TCB;
binding a first of the one or more devices to the dTD; and
enabling one or more virtual machines (VMs) or trusted domains (TDs) to access one or more functions provided by the first device bound to the dTD.