Concurrent Protected and Standard world?

Concurrent Protected and Standard world?


Is it possible to run a protected (MLE) and standard environment concurrently or is it always sequential? (concurrent would be similar to two virtual machines). From my understanding, an MLE can be launched either at boot time or via late launch (using SENTER).

Also does anyone know the differences between the protected environments that are produced as a result of SENTER and ENTERACCS commands?

Thank you for your help!


2 posts / 0 new
Last post
For more complete information about compiler optimizations, see our Optimization Notice.

Hello - hopefully this will answer your question:

All processors are required to join the measured launch environment. Letting processors with physical access to memory remain outside of the MLE would be a security violation.

The measured launch environment is always invoked using SENTER.

ENTERACCS is used to invoke the BIOS Authenticated Control Module during boot. SENTER is used to invoke the SINIT Authenticated Control module and provide a late launch of a measured launch  environment.

Leave a Comment

Please sign in to add a comment. Not a member? Join today