https://twitter.com/vpikhur/status/989561250609709057
PATENT ALERT. Engineers not wanting to be tainted by external patent info should not read this post. It is only the title/abstract of the patent, however.
.
.
.
.
.
.
.
Inventor: Volodymyr Pikhur, Atul A. Khare
Current Assignee: Intel Corp
Priority date: 2016-09-07
Non-enclave access prevention
A processing system includes an execution unit comprising a logic circuit to implement an architecturally-protected execution environment associated with a protected region in a memory, in which the execution unit is to execute application code stored in the protected region as a thread running in the architecturally-protected execution environment, determine that an access mode flag is set to a first value, detect an attempt by the thread to access data stored outside the protected region, and responsive to detecting the attempt and determining that the access mode flag is set to the first value, generate an exception.
Firmware Security 