Methods and devices for executing trusted applications on processor with support for protected execution environments
摘要
說明書
In still another aspect, a non-transitory computer-readable medium have stored therein instructions that, when executed by a processor of a device, cause the device to perform a method for executing applications. The method includes: establishing an enclave in a first physical processing unit of the processor; recording a first trust declaration declared by a first application, the first trust declaration declaring whether the first application trusts any application to execute with the first application on the first physical processing unit; assigning the first application to a first logical processing unit hosted on the first physical processing unit; providing a set of enclave entry instructions for the first logical processing unit to execute, to cause the first logical processing unit to enter the enclave when a predefined entering condition is satisfied; and providing a set of enclave exit instructions for the first logical processing unit to execute, to cause the first logical processing unit to exit the enclave when a predefined exiting condition is satisfied.
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments. In the following description, which refers to the drawings, the same numbers in different drawings represent the same or similar elements unless otherwise represented.
