Difference between revisions of "Trusted Execution Environment"

From MgmtWiki
Jump to: navigation, search
(Context)
(Context)
Line 2: Line 2:
  
 
==Context==
 
==Context==
The origin of computers built with any sort of trusted execution is an IBM 7094 with two separate memory banks with a switch that was designed and built at MIT to support CTSS, the Compatible Time Sharing System.
+
The origin of computers built with any sort of trusted execution is an IBM 7094 with two separate memory banks with a switch that was designed and built at MIT to support CTSS, the Compatible Time Sharing System. One bank ran kernel code and the other user code, although those were not the terms used at that time.
  
 
The following quote is a description of the method to switch between user (slave) and kernel (master) modes in the GE 645.<ref>E. L. Glaser +2, ''System Design of a Computer for Time Sharing Applications'', 1965 Fall Joint Computer Conference</ref>
 
The following quote is a description of the method to switch between user (slave) and kernel (master) modes in the GE 645.<ref>E. L. Glaser +2, ''System Design of a Computer for Time Sharing Applications'', 1965 Fall Joint Computer Conference</ref>

Revision as of 20:33, 24 July 2018

Full Title or Meme

Context

The origin of computers built with any sort of trusted execution is an IBM 7094 with two separate memory banks with a switch that was designed and built at MIT to support CTSS, the Compatible Time Sharing System. One bank ran kernel code and the other user code, although those were not the terms used at that time.

The following quote is a description of the method to switch between user (slave) and kernel (master) modes in the GE 645.[1]

  • Because it was felt desirable to make it possible to branch easily between various programs including between slave and master programs, a certain degree of insurance has to be built into the hardware to guarantee that spurious branches would not take place into the middle of master mode programs from slave programs. As a consequence, a master mode procedure when viewed from a slave mode procedure appears to be a segment which can neither be written nor read. Further, the only method of addressing this segment that is permitted is a branch to the 0th location. Any attempt to get at other locations by branch, execute, return or any other instructions will result in an improper procedure fault causing an appropriate interrupt.

References

  1. E. L. Glaser +2, System Design of a Computer for Time Sharing Applications, 1965 Fall Joint Computer Conference