Intel® Developer Zone:
Sicherheit und Verschlüsselung

AES New Instructions

Digitaler Zufallszahlengenerator

Erweiterungen für die Intel Befehlssatzarchitektur

Libcryptorandom
Von John Mechalas (Intel)Veröffentlicht am 09/26/20130
Downloads Libcryptorandom [PDF 398KB]Libcryptorandom Source Code[ZIP 376KB] Libcryptorandom is a cross-platform library that allows programmers to obtain cryptographically secure random numbers from the best available entropy source on the underlying system. The library frees the programmer from ha…
Intel® Business Client Community Frequently Asked Questions
Von Gael Hofemeier (Intel)Veröffentlicht am 09/18/20130
Download Article Download Intel® Business Client Community Frequently Asked Questions [PDF 380KB] Getting Started GeneralTroubleshooting Other Remote Encryption Management Getting Started This section contains answers for those new to the Intel® Manageability and Security Developer Community (now …
Intel® Xeon® E5-2600 v2
Von BELINDA L. (Intel)Veröffentlicht am 09/12/20130
Based on Intel® Core™ microarchitecture (formerly codenamed Ivy Bridge) and manufactured on 22-nanometer process technology, these processors provide significant performance and power-efficiency improvement over the previous-generation Intel® Xeon® processor E5-2600 product family. This is the fi…
Meshcentral.com - Now with Intel AMT certificate activation
Von ylian-saint-hilaire (Intel)Veröffentlicht am 08/15/20130
I just added certificate based Intel AMT cloud activation support (TLS-PKI) in Meshcentral.com that works behind NAT’s and HTTP proxies, uses a reusable USB key and makes use of Intel AMT one-time-password (OTP) for improved security. Ok, let’s back up a little. Computers with Intel AMT need the…
Intel Developer Zone Beiträge abonnieren
Kein Inhalt gefunden
Intel Developer Zone Blogs abonnieren
Kein Inhalt gefunden
Foren abonnieren
Kein Inhalt gefunden

Intel® Virtualisierungstechnik (Intel® VT)

Intel® Virtualization Technology for Directed I/O (VT-d): Enhancing Intel platforms for efficient virtualization of I/O devices
Von TW BurgerVeröffentlicht am 03/05/201210
Virtualization solutions allow multiple operating systems and applications to run in independent partitions all on a single computer. Using virtualization capabilities, one physical computer system can function as multiple "virtual" systems. Intel® Virtualization Technology (Intel VT) improves the …
Intel® Virtualization Technology: Best Practices for Software Vendors
Von Veröffentlicht am 02/02/20121
Overview As companies continue to strive to meet expanding goals with smaller budgets, they increasingly turn to virtualization as a means to consolidate servers. Successful reduction in server count by these means enables organizations to decrease capital expenditures in the form of equipment and …
To VT-D or Not to VT-D? A guide on whether to Utilize Direct Device Attach in your Virtualized System?
Von Hussam Mousa (Intel)Veröffentlicht am 02/02/20121
Intel VT-D Direct Device Attach allows a Virtual Machine to control an entire PCI-E device (e.g. NIC) while bypassing any VMM interference. The performance benefit will be a dramatic reduction in CPU utilization, but the precise gain will vary.
Intel® Active Management Technology on Virtualized PCs: Expected behavior and Best Known Methods for using Intel® AMT with client virtualization
Von Veröffentlicht am 02/02/20121
Abstract There are several key differences one must consider when using Intel Active Management Technology (Intel® AMT) features on a virtualized client. Those differences, along with Intel’s recommendations, are discussed in this article. It is important to understand those differences in order to…
Intel Developer Zone Beiträge abonnieren
Kein Inhalt gefunden
Intel Developer Zone Blogs abonnieren
Virtualization Environment Utilized the Intel(R) Enterprise Class SSD
Von Thai Le (Intel)0
I recently published a blog on the benefits of Intel(R) Enterprise Class SSD that has the usage examples of the Intel(R) Enterprise Class SSD in the actual customer's environment. I figure that it might be useful for the developers in this forum to learn how other developers are using Intel hardware.  -Thai
The action of Accessed and Dirty bit for EPT
Von Arthur L.1
Hi there, I write a piece of code to test the action of Accessed and Dirty bit of EPT in Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz. Firstly I build a totally new EPT paging structure with A/D logging on, then run some operating system codes and log all the EPT violation (say trap log). At some point I paused the OS, parse the EPT paging structure and log all the entries built in the past period (say A/D log). Here I get some interesting points: Some EPT entries are built without either Accessed or Dirty bit set, does this mean that CPU only construct these entries but doesn't touch them? Some entries only exist in A/D log. Does A/D logging module has some bias or some mistake? These two logs (trap log and A/D log) should be the same according to my understanding, and when I tried in the previous CPU with A/D bit supporting, these two logs are exactly the same, though I cannot distinguish Accessed or Dirty in A/D log.   Thanks ahead, Arthur
[x86] Information request about the Global Descriptor Table (GDT) | Intel® Developer Zone
Von Jean M.2
Hello, I am currently working on a forensics project (32 bits OS), and to reach one of my goals, I need to play a bit with the GDT. From what I understood, an instruction like call dword ptr [gs:0x10] does the following things : GS is used as a segment selector (16 bits) : The lower three bits indicate the privilege level of access and the descriptor table to be used. In my case, we'll consider we use the GDT. The higher 13 bits represent the entry index in the GDT. Let's call A the base address corresponding to GTD[GS>>3]. A is returned, and the processor computes A+0x10 and gathers the value at this address, called B. A simple call B instruction is the executed. This kind of instruction happends when the code wants to perform a syscall : this instruction allows calling the __kernel_vsyscall function without knowing its address. Correct me if I'm wrong, but I understood that : The base address A corresponds to a section of the userland memory called the Thread Control Block …
[x86] Information request about the Global Descriptor Table (GDT)
Von Jean M.1
Hello, I am currently working on a forensics project (32 bits OS), and to reach one of my goals, I need to play a bit with the GDT. From what I understood, an instruction like call dword ptr [gs:0x10] does the following things : GS is used as a segment selector (16 bits) : The lower three bits indicate the privilege level of access and the descriptor table to be used. In my case, we'll consider we use the GDT. The higher 13 bits represent the entry index in the GDT. Let's call A the base address corresponding to GTD[GS>>3]. A is returned, and the processor computes A+0x10 and gathers the value at this address, called B. A simple call B instruction is the executed. This kind of instruction happends when the code wants to perform a syscall : this instruction allows calling the __kernel_vsyscall function without knowing its address. Correct me if I'm wrong, but I understood that : The base address A corresponds to a section of the userland memory called the Thread Control Block …
Task Switch and Page Fault
Von water m.2
Hi, What should I do when  handle task switch, but the new TSS is not in current virtual address space? Shoud I inject a Page Fault Exception to the guest directly?
handl I/O instruction caused VM-Exit
Von water m.2
Hi, I'm writting code to handl I/O instruction caused VM-Exit, exit reason is 30.My guest is Windows XP. After get information from Exit Qualification, I can handle insturctions when String instruction bit and REP prefixed bit is cleared. But If these two bits are set, the trouble appears. When I tried to read data from memory where guest ESI(or EDI) pointed, I want to translate the logical address into physical address contained in guest  ESI(or EDI). but during the tranlsation,  the Page Table is not presented. At this time, I tried to inject a Page Fault to WindowsXP by set VM-entry interruption-information to 0x80000B0E,  VM-entry instruction length to 0x0, VM-entry exception error code to many kinds of possible number. But failed. I'am not sure whether my solution is correct. Can any one give me some tips?
Issue when the kernel parameter intel_iommu=on is being used
Von sridhar s.1
Hello, I am using DPDK 1.5 for development of host pmd for device “Connect X3”. I am observing issue  while the ConnectX3 device DMA to a memory which is allocated with rte_memzone_reserve_aligned() API . The issue(please refer ERROR below) has been observed if the system runs with the kernel parameter “intel_iommu=on”. ########## ERROR :##################################3 dmar: DRHD: handling fault status reg 302 dmar: DMAR:[DMA Write] Request device [01:00.0] fault addr 4f883000 DMAR:[fault reason 01] Present bit in root entry is clear #################################### The reported "fault Addr" is the physical address which was returned by the Above API. I don’t see any issue with the same code when the system up with kernel parameter intel_iommu=off.   If I use kernel parameters intel_iommu=on and iommu=pt, then the following error has been observed. ####ERROR REPORT######## dmar: DRHD: handling fault status reg 2 dmar: DMAR:[DMA Write] Request device [01:00.0] fault addr 4f88…
registering vm_exit handler in VT-x
Von ivan i.1
Hi all, I would like to ask how an VM_EXIT handler is registered in VMCS - could you give some example. As far as i know VM_EXIT handler is routine, it could  be defined as C function. My question is how to register that handler function and to trap VM_EXITs into that function. Could you give some API  or snippet.  I have one more question ... when the VM_EXIT  handler is register and the execution meets the VM_EXIT conditions what is the mechanism of invoking the VM_EXIT handler? Is the invoking of the registered VM_EXIT handler is performed by VT-x at hardware level or there is something more to be done? Best Regards
Foren abonnieren
Kein Inhalt gefunden