DOCSLIB.ORG

EPA-RIMM: a Framework for Dynamic SMM-Based Runtime Integrity Measurement Brian Delgado, Karen Karavanic Portland State University Bdelgado†, [email protected]

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
EPA-RIMM: a Framework for Dynamic SMM-Based Runtime Integrity Measurement Brian Delgado, Karen Karavanic Portland State University Bdelgado†, Karavan@Cs.Pdx.Edu EPA-RIMM: A Framework for Dynamic SMM-based Runtime Integrity Measurement Brian Delgado, Karen Karavanic Portland State University bdelgado†, [email protected] ABSTRACT critical management tasks at runtime using SMM. This can include managing CPU power states, controlling low-level Runtime integrity measurements identify unexpected changes in hardware, handling thermal throttling, performing BIOS flash operating systems and hypervisors during operation, enabling updates [34], and handling memory errors, among other early detection of persistent threats. System Management Mode, a usages[1]. SMM operates at a more privileged layer than host-side privileged x86 CPU mode, has the potential to effectively perform kernel or hypervisor code. The entry into SMM is accomplished such rootkit detection. Previously proposed SMM-based by a System Management Interrupt (SMI) which typically takes approaches demonstrated effective detection capabilities, but at a all CPU threads1 out of the operating system or applications and cost of performance degradation and software side effects. In this into the SMI handler. However, the SMI’s work is generally paper we introduce our solution to these problems, an SMM-based processed by a single CPU thread. SMIs can be triggered by Ring Extensible, Performance Aware Runtime Integrity Measurement 0 software by writing values to the APM_CNT IO port on Intel Mechanism called EPA-RIMM. The EPA-RIMM architecture platforms [46] and the “SMI Command Port” on AMD platforms features a performance-sensitive design that decomposes large [47]. Intel’s Itanium processors also feature a Platform integrity measurements and schedules them to control Management Interrupt (PMI) that is similar to an SMI [49]. A perturbation and side effects. EPA-RIMM's decomposition of proposal has been made to bring SMM-like functionality to ARM long-running measurements into shorter tasks, extensibility, and platforms utilizing TrustZone [48]. Upon entering SMM, the use of SMM complicates the efforts of malicious code to detect or SMRAM Save State Map is populated with CPU register values avoid the integrity measurements. Using a Minnowboard-based from the time of interruption. An SMM RIMM can inspect this prototype, we demonstrate its detection capabilities and data to determine if unexpected changes have occurred. SMM performance impacts. Early results are promising, and suggest that code issues an RSM instruction to exit SMM and resume host-side EPA-RIMM will meet production-level performance constraints execution at the point of interruption. The Intel BITS tool while continuously monitoring key OS and hypervisor data measures the duration of SMIs on a system and warns if they are structures for signs of attack. larger than “acceptable” limits (e.g. 150 microseconds) [7]. For RIMM purposes, SMM provides critical benefits: KEYWORDS • SMM runs at a higher privilege than host software; BIOS; SMM; firmware; rootkit detection; runtime integrity • SMM has broad visibility into operating system and measurement; security; performance 2 hypervisor (host software) memory and CPU registers • SMM is strongly isolated from host software as the 1 INTRODUCTION hardware-protected SMRAM can only be read or Today’s complex server platforms include software written from SMM, providing a location to place environments vulnerable to sophisticated malware called rootkits. measurement software Rootkits target sensitive low-level kernel or hypervisor data • When an SMI occurs, the transitions into SMM cannot structures - such as interrupt handlers, event handlers, registers, be prevented by malicious code; and memory - remaining undetected for extended periods to • When all CPU threads enter SMM, host software achieve persistence. One response to this vulnerability has been execution is paused which presents the opportunity to the development of runtime integrity measurement mechanisms inspect the system while it is temporarily halted; and (RIMMs) that aim to detect rootkits before financial, political, or • As x86 systems broadly support SMM, the mechanisms other damage occurs. The runtime integrity measurement can be readily adopted. approach periodically preempts execution and examines the interrupted state, checking for unexpected changes in low-level resources. Several approaches leveraging a privileged CPU mode 1 As some Intel CPUs feature the HyperThreading feature which called System Management Mode (SMM) to perform the needed creates a set of logical CPUs, we refer to the logical CPUs as monitoring of resources in the runtime environment demonstrated “CPU threads.” promising rootkit detection capabilities [3][4][5]. 2 Recent open-source UEFI code updates have constrained SMM’s SMM is a general purpose, widely available mechanism on memory visibility. We discuss the implications and potential x86 CPUs. Firmware on computer systems performs a variety of options in Section 5. † This author was a full-time employee of Intel Corp. when this work was done. For these reasons, SMM RIMMs present intriguing possibilities (Section 2.4). We discuss the architecture in Section 2.5. A for adding new detection capabilities to combat host software detailed example is provided in Appendix A. rootkits. There are three key abstractions: Checks, Tasks, and Bins. A Our research demonstrated that an important drawback limits Check is a description of an integrity measurement, including a the potential of SMM-RIMMs: interference with system software command and its arguments, a priority, and a decomposition that may lead to significant perturbation of the system and even target (to guide decomposition). Checks allow the Administrator software failures [2]. System software assumptions regarding to specify particular measurements over sets of memory regions, scheduling regularity as well as task durations are challenged by Control Registers, and Model-Specific Registers (MSRs). Sample prolonged periods of time in SMM. Early SMM RIMMs exceeded Checks include: “Static Linux Kernel Code Sections” that the published SMM guidelines by orders of magnitude. There are measures the Linux kernel code sections to identify code other limitations to early SMM-based approaches: the lack of injections, the “IDTR” Check that verifies that the IDTR register extensibility - the inability to dynamically change the set of value has not unexpectedly changed, the “GDT” Check that monitored resources to maintain effectiveness as new rootkits measures the Global Descriptor Table (GDT) to determine if it has emerge; and the inability to adjust the frequency of checking as changed. Other Checks measure specific MSRs or CPU control new threat information becomes available. registers (e.g. CR0, CR4), for example, to determine if the In this paper, we present our solution to this problem, an Supervisor Mode Execution Protection (SMEP) were disabled by SMM-RIMM framework called EPA-RIMM. EPA-RIMM’s goal malware. At runtime, Checks are decomposed into some number is to provide quick detection of kernel or hypervisor rootkits by of Tasks, or partial resource measurements to meet expectations identifying unexpected changes in system state snapshots. It for SMI latency. Tasks are scheduled by filling Bins which accomplishes this by periodically interrupting the running system consist of the set of work to be performed in one SMI session. to inspect sets of presumed static resources to identify changes, Each Bin’s size is defined as the sum of the execution times of the any of which would be a strong indicator of compromise. Tasks it contains. The key contributions of this work are: 1. A mechanism for decomposing large integrity 2.1 Diagnosis Manager measurements to remain consistent with expectations The Diagnosis Manager (DM) is the component that regarding SMI latency. This approach removes the orchestrates the runtime integrity measurements. It decides which significant performance degradation incurred by inspections to run under at a given point of time and interprets the prolonged SMIs and creates an opportunity for the measurement results. A single DM may be responsible for one or development of new integrity measurements that were more nodes in a cluster, and may communicate with other formerly impractical. Diagnosis Managers. The DM sends and receives information 2. A mechanism for throttling the rate of integrity checking. about attack discoveries from across the EPA-RIMM framework EPA-RIMM’s scheduler facilitates a varying time budget to help guide detection on other monitored nodes. This allows for measurements, allowing the performance-security dynamically adjusting the priority of measurements to search for tradeoff to be adjusted during runtime based on the threat detected issues on other nodes. The DM can also interface with an landscape. This allows EPA-RIMM to reduce its external Security Information and Event Management system performance impact on the system when necessary but (SIEM) to send and receive telemetry on attacks, although a full also supports increasing it as threats emerge. description of this interface is outside of the scope of this paper. 3. An API to specify measurements during operation. This allows the measurements to vary depending on the environment and abstracts the complexity of OS/VMM- specific details from the lowest level SMM-code. 4. An open-source prototype of EPA-RIMM to demonstrate its effectiveness and performance. We plan to release EPA-RIMM as open-source software to facilitate its use as a research and educational tool. EPA-RIMM supports either
Load more

Recommended publications
  • Hoja De Datos De Familes Del Procesador Intel(R) Core(TM) De 10A Generación, Vol.1
    10a generación de familias de procesadores Intel® Core™ Ficha técnica, Volumen 1 de 2 Compatible con la 10a generación de la familia de procesadores Intel® Core™, procesadores Intel® Pentium®, procesadores Intel® Celeron® para plataformas U/Y, anteriormente conocidos como Ice Lake. Agosto de 2019 Revisión 001 Número del Documento: 341077-001 Líneas legales y descargos de responsabilidad Esta información es una combinación de una traducción hecha por humanos y de la traducción automática por computadora del contenido original para su conveniencia. Este contenido se ofrece únicamente como información general y no debe ser considerada como completa o precisa. No puede utilizar ni facilitar el uso de este documento en relación con ninguna infracción u otro análisis legal relacionado con los productos Intel descritos en este documento. Usted acepta conceder a Intel una licencia no exclusiva y libre de regalías a cualquier reclamación de patente redactada posteriormente que incluya el objeto divulgado en este documento. Este documento no concede ninguna licencia (expresa o implícita, por impedimento o de otro tipo) a ningún derecho de propiedad intelectual. Las características y beneficios de las tecnologías Intel dependen de la configuración del sistema y pueden requerir la activación de hardware, software o servicio habilitado. El desempeño varía según la configuración del sistema. Ningún equipo puede ser absolutamente seguro. Consulte al fabricante de su sistema o su distribuidor minorista u obtenga más información en intel.la. Las tecnologías Intel pueden requerir la activación de hardware habilitado, software específico o servicios. Consulte con el fabricante o distribuidor del sistema. Los productos descritos pueden contener defectos de diseño o errores conocidos como erratas que pueden hacer que el producto se desvíe de las especificaciones publicadas.
    [Show full text]
  • GPU Developments 2018
    GPU Developments 2018 2018 GPU Developments 2018 © Copyright Jon Peddie Research 2019. All rights reserved. Reproduction in whole or in part is prohibited without written permission from Jon Peddie Research. This report is the property of Jon Peddie Research (JPR) and made available to a restricted number of clients only upon these terms and conditions. Agreement not to copy or disclose. This report and all future reports or other materials provided by JPR pursuant to this subscription (collectively, “Reports”) are protected by: (i) federal copyright, pursuant to the Copyright Act of 1976; and (ii) the nondisclosure provisions set forth immediately following. License, exclusive use, and agreement not to disclose. Reports are the trade secret property exclusively of JPR and are made available to a restricted number of clients, for their exclusive use and only upon the following terms and conditions. JPR grants site-wide license to read and utilize the information in the Reports, exclusively to the initial subscriber to the Reports, its subsidiaries, divisions, and employees (collectively, “Subscriber”). The Reports shall, at all times, be treated by Subscriber as proprietary and confidential documents, for internal use only. Subscriber agrees that it will not reproduce for or share any of the material in the Reports (“Material”) with any entity or individual other than Subscriber (“Shared Third Party”) (collectively, “Share” or “Sharing”), without the advance written permission of JPR. Subscriber shall be liable for any breach of this agreement and shall be subject to cancellation of its subscription to Reports. Without limiting this liability, Subscriber shall be liable for any damages suffered by JPR as a result of any Sharing of any Material, without advance written permission of JPR.
    [Show full text]
  • SIMD Extensions
    SIMD Extensions PDF generated using the open source mwlib toolkit. See http://code.pediapress.com/ for more information. PDF generated at: Sat, 12 May 2012 17:14:46 UTC Contents Articles SIMD 1 MMX (instruction set) 6 3DNow! 8 Streaming SIMD Extensions 12 SSE2 16 SSE3 18 SSSE3 20 SSE4 22 SSE5 26 Advanced Vector Extensions 28 CVT16 instruction set 31 XOP instruction set 31 References Article Sources and Contributors 33 Image Sources, Licenses and Contributors 34 Article Licenses License 35 SIMD 1 SIMD Single instruction Multiple instruction Single data SISD MISD Multiple data SIMD MIMD Single instruction, multiple data (SIMD), is a class of parallel computers in Flynn's taxonomy. It describes computers with multiple processing elements that perform the same operation on multiple data simultaneously. Thus, such machines exploit data level parallelism. History The first use of SIMD instructions was in vector supercomputers of the early 1970s such as the CDC Star-100 and the Texas Instruments ASC, which could operate on a vector of data with a single instruction. Vector processing was especially popularized by Cray in the 1970s and 1980s. Vector-processing architectures are now considered separate from SIMD machines, based on the fact that vector machines processed the vectors one word at a time through pipelined processors (though still based on a single instruction), whereas modern SIMD machines process all elements of the vector simultaneously.[1] The first era of modern SIMD machines was characterized by massively parallel processing-style supercomputers such as the Thinking Machines CM-1 and CM-2. These machines had many limited-functionality processors that would work in parallel.
    [Show full text]
  • Demystifying Internet of Things Security Successful Iot Device/Edge and Platform Security Deployment — Sunil Cheruvu Anil Kumar Ned Smith David M
    Demystifying Internet of Things Security Successful IoT Device/Edge and Platform Security Deployment — Sunil Cheruvu Anil Kumar Ned Smith David M. Wheeler Demystifying Internet of Things Security Successful IoT Device/Edge and Platform Security Deployment Sunil Cheruvu Anil Kumar Ned Smith David M. Wheeler Demystifying Internet of Things Security: Successful IoT Device/Edge and Platform Security Deployment Sunil Cheruvu Anil Kumar Chandler, AZ, USA Chandler, AZ, USA Ned Smith David M. Wheeler Beaverton, OR, USA Gilbert, AZ, USA ISBN-13 (pbk): 978-1-4842-2895-1 ISBN-13 (electronic): 978-1-4842-2896-8 https://doi.org/10.1007/978-1-4842-2896-8 Copyright © 2020 by The Editor(s) (if applicable) and The Author(s) This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Open Access This book is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made. The images or other third party material in this book are included in the book’s Creative Commons license, unless indicated otherwise in a credit line to the material.
    [Show full text]
  • FAST HASHING in CUDA Neville Walo Department of Computer
    FAST HASHING IN CUDA Neville Walo Department of Computer Science ETH Zurich¨ Zurich,¨ Switzerland ABSTRACT cies, it is possible to use the compression function of SHA- Hash functions, such as SHA-256 [1], are extensively used 256 along with the Sarkar-Schellenberg composition prin- in cryptographic applications. However, SHA-256 cannot ciple [2] to create a parallel collision resistant hash function be parallelized due to sequential dependencies. Using the called PARSHA-256 [3]. Sarkar-Schellenberg composition principle [2] in combina- In this work, we try to accelerate hashing in CUDA [6]. tion with SHA-256 gives rise to PARSHA-256 [3], a parallel We have divided this project into two sub-projects. The first collision resistant hash function. We present efficient imple- one is the Bitcoin scenario, with the goal to calculate many mentations for both SHA-256 and PARSHA-256 in CUDA. independent SHA-256 computation in parallel. The second Our results demonstrate that for large messages PARSHA- case is PARSHA-256, where the goal is to implement the 256 can significantly outperform SHA-256. proposed algorithm efficiently in CUDA. Related work. To our knowledge there is no compara- ble implementation of PARSHA-256 which runs on a GPU. 1. INTRODUCTION There exists only the implementation of the original paper, Hash functions are one of the most important operations which uses multithreading [3]. On the other hand, there in cryptographic applications, like digital signature algo- are countless implementations of Bitcoin Miners in CUDA rithms, keyed-hash message authentication codes, encryp- [7, 8], as this was the most prominent way to mine Bitcoins tions and the generation of random numbers.
    [Show full text]
  • A Fast, Verified, Cross-Platform Cryptographic Provider
    EverCrypt: A Fast, Verified, Cross-Platform Cryptographic Provider Jonathan Protzenko∗, Bryan Parnoz, Aymeric Fromherzz, Chris Hawblitzel∗, Marina Polubelovay, Karthikeyan Bhargavany Benjamin Beurdouchey, Joonwon Choi∗x, Antoine Delignat-Lavaud∗,Cedric´ Fournet∗, Natalia Kulatovay, Tahina Ramananandro∗, Aseem Rastogi∗, Nikhil Swamy∗, Christoph M. Wintersteiger∗, Santiago Zanella-Beguelin∗ ∗Microsoft Research zCarnegie Mellon University yInria xMIT Abstract—We present EverCrypt: a comprehensive collection prone (due in part to Intel and AMD reporting CPU features of verified, high-performance cryptographic functionalities avail- inconsistently [78]), with various cryptographic providers able via a carefully designed API. The API provably supports invoking illegal instructions on specific platforms [74], leading agility (choosing between multiple algorithms for the same functionality) and multiplexing (choosing between multiple im- to killed processes and even crashing kernels. plementations of the same algorithm). Through abstraction and Since a cryptographic provider is the linchpin of most zero-cost generic programming, we show how agility can simplify security-sensitive applications, its correctness and security are verification without sacrificing performance, and we demonstrate crucial. However, for most applications (e.g., TLS, cryptocur- how C and assembly can be composed and verified against rencies, or disk encryption), the provider is also on the critical shared specifications. We substantiate the effectiveness of these techniques with
    [Show full text]
  • Extracting and Mapping Industry 4.0 Technologies Using Wikipedia
    Computers in Industry 100 (2018) 244–257 Contents lists available at ScienceDirect Computers in Industry journal homepage: www.elsevier.com/locate/compind Extracting and mapping industry 4.0 technologies using wikipedia T ⁎ Filippo Chiarelloa, , Leonello Trivellib, Andrea Bonaccorsia, Gualtiero Fantonic a Department of Energy, Systems, Territory and Construction Engineering, University of Pisa, Largo Lucio Lazzarino, 2, 56126 Pisa, Italy b Department of Economics and Management, University of Pisa, Via Cosimo Ridolfi, 10, 56124 Pisa, Italy c Department of Mechanical, Nuclear and Production Engineering, University of Pisa, Largo Lucio Lazzarino, 2, 56126 Pisa, Italy ARTICLE INFO ABSTRACT Keywords: The explosion of the interest in the industry 4.0 generated a hype on both academia and business: the former is Industry 4.0 attracted for the opportunities given by the emergence of such a new field, the latter is pulled by incentives and Digital industry national investment plans. The Industry 4.0 technological field is not new but it is highly heterogeneous (actually Industrial IoT it is the aggregation point of more than 30 different fields of the technology). For this reason, many stakeholders Big data feel uncomfortable since they do not master the whole set of technologies, they manifested a lack of knowledge Digital currency and problems of communication with other domains. Programming languages Computing Actually such problem is twofold, on one side a common vocabulary that helps domain experts to have a Embedded systems mutual understanding is missing Riel et al. [1], on the other side, an overall standardization effort would be IoT beneficial to integrate existing terminologies in a reference architecture for the Industry 4.0 paradigm Smit et al.
    [Show full text]
  • Application Specific Programmable Processors for Reconfigurable Self-Powered Devices
    C651etukansi.kesken.fm Page 1 Monday, March 26, 2018 2:24 PM C 651 OULU 2018 C 651 UNIVERSITY OF OULU P.O. Box 8000 FI-90014 UNIVERSITY OF OULU FINLAND ACTA UNIVERSITATISUNIVERSITATIS OULUENSISOULUENSIS ACTA UNIVERSITATIS OULUENSIS ACTAACTA TECHNICATECHNICACC Teemu Nyländen Teemu Nyländen Teemu University Lecturer Tuomo Glumoff APPLICATION SPECIFIC University Lecturer Santeri Palviainen PROGRAMMABLE Postdoctoral research fellow Sanna Taskila PROCESSORS FOR RECONFIGURABLE Professor Olli Vuolteenaho SELF-POWERED DEVICES University Lecturer Veli-Matti Ulvinen Planning Director Pertti Tikkanen Professor Jari Juga University Lecturer Anu Soikkeli Professor Olli Vuolteenaho UNIVERSITY OF OULU GRADUATE SCHOOL; UNIVERSITY OF OULU, FACULTY OF INFORMATION TECHNOLOGY AND ELECTRICAL ENGINEERING Publications Editor Kirsti Nurkkala ISBN 978-952-62-1874-8 (Paperback) ISBN 978-952-62-1875-5 (PDF) ISSN 0355-3213 (Print) ISSN 1796-2226 (Online) ACTA UNIVERSITATIS OULUENSIS C Technica 651 TEEMU NYLÄNDEN APPLICATION SPECIFIC PROGRAMMABLE PROCESSORS FOR RECONFIGURABLE SELF-POWERED DEVICES Academic dissertation to be presented, with the assent of the Doctoral Training Committee of Technology and Natural Sciences of the University of Oulu, for public defence in the Wetteri auditorium (IT115), Linnanmaa, on 7 May 2018, at 12 noon UNIVERSITY OF OULU, OULU 2018 Copyright © 2018 Acta Univ. Oul. C 651, 2018 Supervised by Professor Olli Silvén Reviewed by Professor Leonel Sousa Doctor John McAllister ISBN 978-952-62-1874-8 (Paperback) ISBN 978-952-62-1875-5 (PDF) ISSN 0355-3213 (Printed) ISSN 1796-2226 (Online) Cover Design Raimo Ahonen JUVENES PRINT TAMPERE 2018 Nyländen, Teemu, Application specific programmable processors for reconfigurable self-powered devices. University of Oulu Graduate School; University of Oulu, Faculty of Information Technology and Electrical Engineering Acta Univ.
    [Show full text]
  • 10Th Gen Intel® Core™ Processor Families Datasheet, Vol. 1
    10th Generation Intel® Core™ Processor Families Datasheet, Volume 1 of 2 Supporting 10th Generation Intel® Core™ Processor Families, Intel® Pentium® Processors, Intel® Celeron® Processors for U/Y Platforms, formerly known as Ice Lake July 2020 Revision 005 Document Number: 341077-005 Legal Lines and Disclaimers You may not use or facilitate the use of this document in connection with any infringement or other legal analysis concerning Intel products described herein. You agree to grant Intel a non-exclusive, royalty-free license to any patent claim thereafter drafted which includes subject matter disclosed herein. No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document. Intel technologies' features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at intel.com. Intel technologies may require enabled hardware, specific software, or services activation. Check with your system manufacturer or retailer. The products described may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade. All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps Copies of documents which have an order number and are referenced in this document may be obtained by calling 1-800-548- 4725 or visit www.intel.com/design/literature.htm.
    [Show full text]
  • Oracle Solaris 10 113 Release Notes
    Oracle® Solaris 10 1/13 Release Notes Part No: E29493–01 January 2013 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT END USERS. Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including anyoperating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications.
    [Show full text]
  • Família De Processadores Intel® Core™ Da 10ª Geração
    Família de processadores Intel® Core™ da 10ª geração Datasheet, Volume 1 de 2 Apoiando a família de processadores Intel® Core™ da 10ª geração, processadores Intel® Pentium®, processadores Intel® Celeron® para plataformas U, anteriormente conhecido como Ice Lake Agosto de 2019 Revisão 001 Número do documento: 341077-001 Linhas legais e isenções de responsabilidade Para a sua conveniência, o conteúdo deste site foi traduzido utilizando-se uma combinação de programas de computador de tradução automática e tradutores. Este conteúdo é fornecido somente como informação de caráter genérico, não devendo ser considerado como uma tradução completamente correta do idioma original. Você não pode usar ou facilitar o uso deste documento em conexão com qualquer violação ou outra análise jurídica sobre produtos Intel descritos aqui. Você concorda em conceder à Intel uma licença não exclusiva e livre de royalties para qualquer pedido de patente, posteriormente redigido, que inclua o assunto divulgado aqui. Nenhuma licença (expressa ou implícita, por estoppel ou de outra forma) a quaisquer direitos de propriedade intelectual é concedida por este documento. Os recursos e benefícios das tecnologias Intel dependem da configuração do sistema e podem exigir ativação ativa de hardware, software ou serviço. O desempenho varia de acordo com a configuração do sistema. Nenhum sistema de computador é totalmente seguro. Consulte o fabricante ou revendedor do varejo de seu sistema, ou saiba mais em Intel.com. As tecnologias Intel podem exigir ativação de hardware, software específico ou serviços habilitados. Verifique com o fabricante do sistema ou varejista. Os produtos descritos podem conter defeitos de design ou erros conhecidos como errata que podem fazer com que o produto se desvie das especificações publicadas.
    [Show full text]
  • Datasheet Product Features
    Intel® IXP42X Product Line of Network Processors and IXC1100 Control Plane Processor Datasheet Product Features For a complete list of product features, see “Product Features” on page 9. ■ Intel XScale® Core ■ Encryption/Authentication ■ Three Network Processor Engines ■ High-Speed UART ■ PCI Interface ■ Console UART ■ Two MII Interfaces ■ Internal Bus Performance Monitoring Unit ■ UTOPIA-2 Interface ■ 16 GPIOs ■ USB v 1.1 Device Controller ■ Four Internal Timers ■ Two High-Speed, Serial Interfaces ■ Packaging ■ SDRAM Interface —492-pin PBGA —Commercial/Extended Temperature Typical Applications ■ High-Performance DSL Modem ■ Control Plane ■ High-Performance Cable Modem ■ Integrated Access Device (IAD) ■ Residential Gateway ■ Set-Top Box ■ SME Router ■ Access Points (802.11a/b/g) ■ Network Printers ■ Industrial Controllers Document Number: 252479-004 June 2004 Intel® IXP42X Product Line and IXC1100 Control Plane Processor INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTELR PRODUCTS. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY RELATING TO SALE AND/OR USE OF INTEL PRODUCTS, INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT, OR OTHER INTELLECTUAL PROPERTY RIGHT. Intel Corporation may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the presented subject matter. The furnishing of documents and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any such patents, trademarks, copyrights, or other intellectual property rights. Intel products are not intended for use in medical, life saving, life sustaining, critical control or safety systems, or in nuclear facility applications.
    [Show full text]