公开(公告)号：US11126714B2

公开(公告)日：2021-09-21

申请号：US16149297

申请日：2018-10-02

Applicant: Arm Limited

Inventor： Alastair David Reid ,  Dominic Phillip Mulligan ,  Milosch Meriac ,  Matthias Lothar Boettcher ,  Nathan Yong Seng Chong ,  Ian Michael Caulfield ,  Peter Richard Greenhalgh ,  Frederic Claude Marie Piry ,  Albin Pierrick Tonnerre ,  Thomas Christopher Grocutt ,  Yasuo Ishii

IPC: G06F21/55 ,  H04L9/06 ,  G06F9/38 ,  G06F12/10 ,  G06F21/53 ,  G06F21/78

Abstract: A data processing apparatus comprises branch prediction circuitry adapted to store at least one branch prediction state entry in relation to a stream of instructions, input circuitry to receive at least one input to generate a new branch prediction state entry, wherein the at least one input comprises a plurality of bits; and coding circuitry adapted to perform an encoding operation to encode at least some of the plurality of bits based on a value associated with a current execution environment in which the stream of instructions is being executed. This guards against potential attacks which exploit the ability for branch prediction entries trained by one execution environment to be used by another execution environment as a basis for branch predictions.

公开(公告)号：US11113164B2

公开(公告)日：2021-09-07

申请号：US16641387

申请日：2018-08-30

Applicant: ARM Limited

Inventor： Balaji Venu ,  Matthias Lothar Boettcher ,  Mbou Eyole

IPC: G06F11/22 ,  G06F9/30 ,  G06F9/46 ,  G06F11/07 ,  G06F11/10 ,  G06F11/16 ,  G06F11/18 ,  G11C7/10

Abstract: A buffer (72), (74), (76), (60), (78), (20), (82-90) has a number of entries for buffering items associated with data processing operations. Buffer control circuitry (100) has a redundant allocation mode in which, on allocating a given item to the buffer, the item is allocated to two or more redundant entries of the buffer. On reading or draining an item from the buffer, the redundant entries are compared and an error handling response is triggered if a mismatch is detected. By effectively reducing the buffer capacity, this simplifies testing for faults in buffer entries.

公开(公告)号：US09355061B2

公开(公告)日：2016-05-31

申请号：US14165967

申请日：2014-01-28

Applicant: ARM LIMITED

Inventor： Matthias Lothar Boettcher ,  Mbou Eyole-Monono ,  Giacomo Gabrielli

IPC: G06F9/38 ,  G06F15/78 ,  G06F9/30 ,  G06F9/00

CPC classification number: G06F15/78 ,  G06F9/3001 ,  G06F9/30036 ,  G06F9/30098 ,  G06F9/3017 ,  G06F9/3875 ,  G06F9/3887 ,  G06F9/3893

Abstract: A data processing apparatus and method are provided for executing a vector scan instruction. The data processing apparatus comprises a vector register store configured to store vector operands, and processing circuitry configured to perform operations on vector operands retrieved from said vector register store. Further, control circuitry is configured to control the processing circuitry to perform the operations required by one or more instructions, said one or more instructions including a vector scan instruction specifying a vector operand comprising N vector elements and defining a scan operation to be performed on a sequence of vector elements within the vector operand. The control circuitry is responsive to the vector scan instruction to partition the N vector elements of the specified vector operand into P groups of adjacent vector elements, where P is between 2 and N/2, and to control the processing circuitry to perform a partitioned scan operation yielding the same result as the defined scan operation. The processing circuitry is configured to perform the partitioned scan operation by performing separate scan operations on those vector elements of the sequence contained within each group to produce intermediate results for each group, and to perform a computation operation to combine the intermediate results into a final result vector operand containing a sequence of result vector elements. The partitioned scan operation approach of the present invention enables a balance to be achieved between energy consumption and performance.

Abstract translation: 提供了一种用于执行向量扫描指令的数据处理装置和方法。 数据处理装置包括被配置为存储向量操作数的向量寄存器存储器，以及被配置为对从所述向量寄存器存储器检索的向量操作数执行操作的处理电路。 此外，控制电路被配置为控制处理电路执行一个或多个指令所需的操作，所述一个或多个指令包括指定包括N个向量元素的向量操作数的向量扫描指令，并且定义要在 向量操作数中向量元素的序列。 控制电路响应于矢量扫描指令将指定矢量操作数的N个向量元素划分为相邻矢量元素的P组，其中P在2和N / 2之间，并且控制处理电路执行分区扫描 操作产生与定义的扫描操作相同的结果。 处理电路被配置为通过对包含在每个组中的序列的那些矢量元素执行单独的扫描操作来执行分割扫描操作，以产生每个组的中间结果，并且执行计算操作以将中间结果组合成最终结果 向量操作数包含一系列结果向量元素。 本发明的划分扫描操作方法能够在能量消耗和性能之间实现平衡。

公开(公告)号：US20240354404A1

公开(公告)日：2024-10-24

申请号：US18302354

申请日：2023-04-18

Applicant: Arm Limited

Inventor： Dominic Phillip Mulligan ,  Brendan James Moran ,  Michael Bartling ,  Matthias Lothar Boettcher

IPC: G06F21/55 ,  G06F21/53

CPC classification number: G06F21/554 ,  G06F21/53 ,  G06F21/552

Abstract: A method to mitigate an attack initiated by a malicious actor by migration of the attacked process is provided. The method includes monitoring a process being executed from a first computing location on a computing device for a trigger indicating a potential attack and detecting the trigger indicating the potential attack. Responsive to detecting the trigger indicating the potential attack, initiating an attack countermeasure by migrating the process to execute in a second computing location isolated from the first computing location, thereby breaking access to information at the first computing location. A computing device is also provided that includes a processor, a memory, and instructions stored on the memory that when executed by the processor direct the computing device to monitor a process being executed from a first computing location on the computing device for a trigger indicating a potential attack and detect the trigger indicating the potential attack.

公开(公告)号：US12010242B2

公开(公告)日：2024-06-11

申请号：US16925723

申请日：2020-07-10

Applicant: Arm Limited

Inventor： Roberto Avanzi ,  Andreas Lars Sandberg ,  Michael Andrew Campbell ,  Matthias Lothar Boettcher ,  Prakash S. Ramrakhyani

IPC: H04L9/32 ,  G06F21/57 ,  G06F21/64 ,  H04W12/06 ,  G06F12/0875 ,  G06F12/14 ,  G06F21/79

CPC classification number: H04L9/3242 ,  G06F21/57 ,  G06F21/64 ,  H04W12/06 ,  G06F12/0875 ,  G06F12/1408 ,  G06F21/79

Abstract: To protect the integrity of data stored in a protected area of memory, data in the protected area of memory is retrieved in data blocks and an authentication code is associated with a memory granule contiguously comprising a first data block and a second data block. Calculation of the authentication code comprises a cryptographic calculation based on a first hash value determined from the first data block and a second hash value determined from the second data block. A hash value cache is provided to store hash values determined from data blocks retrieved from the protected area of the memory. When the first data block and its associated authentication code are retrieved from memory, a lookup for the second hash value in the hash value cache is performed, and a verification authentication code is calculated for the memory granule to which that data block belongs. The integrity of the first data block is contingent on the verification authentication code matching the retrieved authentication code.

公开(公告)号：US11550965B2

公开(公告)日：2023-01-10

申请号：US16855659

申请日：2020-04-22

Applicant: Arm Limited

Inventor： Subbayya Chowdary Yanamadala ,  Jeremy Patrick Dubeuf ,  Carl Wayne Vineyard ,  Matthias Lothar Boettcher ,  Hugo John Martin Vincent ,  Shidhartha Das

IPC: G06F21/00 ,  G06F21/79 ,  G06F21/54 ,  G06F21/55 ,  G06F21/56

Abstract: Analytics processing circuitry can include a data scavenger and a data analyzer coupled to receive the data from the data scavenger. The data scavenger collects data from at least one element of interest of a plurality of elements of interest of an IC. The data analyzer identifies patterns in the data from the data scavenger over a time frame or for a snapshot of time based on a predefined metric. The analytics processing circuitry can further include a moderator and a risk predictor. The risk predictor generates a risk assessment regarding whether the data collected by the data scavenger is indicative of normal behavior or abnormal behavior based at least on the output of the data analyzer and a behavioral model for the IC, which can be device and application specific. A threat response can be performed based on the risk assessment.

公开(公告)号：US11281434B2

公开(公告)日：2022-03-22

申请号：US16745808

申请日：2020-01-17

Applicant: Arm Limited

Inventor： Andreas Lars Sandberg ,  Matthias Lothar Boettcher

IPC: G06F7/72

Abstract: An apparatus and method are provided for maintaining a counter value. The apparatus has first counter control circuitry for maintaining a first counter value representing a first portion of a hybrid counter value, and second counter control circuitry for maintaining a second counter value representing a second portion of the hybrid counter value, wherein the second portion is a higher order portion of the hybrid counter value than the first portion. The first counter control circuitry is arranged to maintain the first counter value as a binary value that indicates a magnitude of the first counter value, the first counter control circuitry comprising adder circuitry that is responsive to an adjustment value to update the first counter value by performing an addition operation to add the adjustment value to a current binary value of the first counter value, and to generate a carry out signal which is set when a carry out is generated by the addition operation. The second counter control circuitry is arranged to maintain the second counter value as a bit sequence having N discrete states, and is responsive to the carry out signal being set to transition the second counter value from the current discrete state to a new discrete state. This allows an arbitrary value to be used as the adjustment value, that is smaller than or equal to the maximum value of the first counter, whilst avoiding the need for the generation and handling of carry bits to be managed across the entire bit range of the hybrid counter value.

公开(公告)号：US11086715B2

公开(公告)日：2021-08-10

申请号：US16251503

申请日：2019-01-18

Applicant: Arm Limited

Inventor： Matthias Lothar Boettcher ,  François Christopher Jacques Botman ,  Jacob Eapen

IPC: G06F11/10 ,  G06F11/14

Abstract: An apparatus comprising data processing circuitry for processing data in one of a plurality of operating states, an instruction decoder for decoding instructions and error checking circuitry for performing error checking operations. In response to a touch instruction being decoded by the instruction decoder, error checking operation is performed on selected architectural state. The architectural state is architecturally inaccessible to the operating state. As a result of the touch instruction, the architectural state remains unchanged, at least when no error is detected.

公开(公告)号：US10445093B2

公开(公告)日：2019-10-15

申请号：US15371670

申请日：2016-12-07

Applicant: ARM Limited

Inventor： Mbou Eyole ,  Matthias Lothar Boettcher

IPC: G06F9/30 ,  G06F9/38

Abstract: Data processing apparatus comprises vector processing circuitry to apply a vector processing instruction to data vectors having a data vector length, each data vector comprising a plurality of data items equal in number to the data vector length, the vector processing circuitry having circuitry defining a plurality of processing lanes, there being at least as many processing lanes as a maximum data vector length; and control circuitry to selectively vary the data vector length used by the vector processing circuitry amongst a plurality of possible data vector length values up to the maximum data vector length and to disable operation of a subset of the processing lanes so that the disabled subset of processing lanes are unavailable for use by the vector processing circuitry and there remain at least as many enabled processing lanes as the data vector length set by the control circuitry.