Intel EP80579 ユーザーズマニュアル

Security Software—Software Overview

Intel

EP80579 Software for Security Applications on Intel

QuickAssist Technology

August 2009

Order Number: 320183-004US

3.0

Software Overview

This chapter presents the high-level architecture of the Software for Intel

EP80579

Integrated Processor product line, using concepts from the "4+1 view model" of

software architecture, as described in

[4+1]

. These views are interpreted as follows:

•

Section 3.3, “Logical View” on page 15

describes the collection of software

components in terms of their key responsibilities, interfaces, and dependencies.

•

Section 3.4, “Development View” on page 17

describes the static organization of

the software in its development environment (that is, folders and files).

•

Section 3.5, “Process View” on page 18

captures concurrency and synchronization

aspects of the architecture. This includes the mapping of software onto hardware,

reflecting the distributed aspect of the architecture; this is sometimes considered

part of the Physical or Deployment View.

•

Section 3.6, “Deployment View” on page 18

describes the mapping of the software

into kernel modules.

• The architecture is illustrated with a few selected use cases or scenarios which

become a fifth view, the Scenario View. In this document, the Scenario View is

described in

Part 2, “Using the API” on page 41

Before looking at these views, however, other concepts relevant to the architecture are

introduced:

•

Section 3.2, “Shared Memory Allocation” on page 14

describes the concepts of

coherent and non-coherent DRAM.

3.1

What’s New in this Chapter

•

Section 3.3.5

: New Note explaining cryptographic framework “shim” support.

3.2

Shared Memory Allocation

Two regions of memory exist outside of the normal operating system DRAM, to

facilitate communications between the IA core and the EP80579 with QuickAssist

hardware. These are referred to as the coherent and non-coherent shared memory

regions.

These shared memory regions will be allocated from the available system memory,

starting at the address specified by the Top Of Low Memory (TOLM) register of the

Memory Controller Hub (MCH) downwards. The pre-boot firmware (BIOS) informs the

operating system of the location of the regions, and also configures the hardware to

properly decode the non-coherent memory space by writing the MENCBASE and

MENCLIMIT registers.

The base addresses for each of these regions will be determined by the firmware based

on available memory. Two EFI NVRAM (non-volatile RAM) variables are available for the

user to request a specific amount of space for each of these shared memory regions.

The firmware will make a best effort to accommodate the user’s request, but in the