公开(公告)号：US10083040B2

公开(公告)日：2018-09-25

申请号：US14795933

申请日：2015-07-10

Applicant: ARM Limited

Inventor： Thomas Christopher Grocutt

IPC: G06F21/52 ,  G06F9/38 ,  G06F9/30 ,  G06F9/46 ,  G06F9/48 ,  G06F12/14 ,  G06F21/74

CPC classification number: G06F9/3861 ,  G06F9/3009 ,  G06F9/30101 ,  G06F9/30123 ,  G06F9/3013 ,  G06F9/461 ,  G06F9/4812 ,  G06F12/1491 ,  G06F21/52 ,  G06F21/74 ,  G06F2209/481 ,  G06F2221/034

Abstract: Processing circuitry can operate in a secure domain and a less secure domain. In response to an initial exception from background processing performed by the processing circuitry, state saving of data from a first subset of registers is performed by exception control circuitry before triggering an exception handling routine, while the exception handling routine has responsibility for performing state saving of data from a second subset of registers. In response to a first exception causing a transition from the secure domain from a less secure domain, where the background processing was in the less secure domain, the exception control circuitry performs additional state saving of data from the second set of registers before triggering the exception handling routine. In response to a tail-chained exception causing a transition from the secure domain to the less secure domain, the exception handling routine is triggered without performing an additional state saving.

公开(公告)号：US09251378B2

公开(公告)日：2016-02-02

申请号：US14220499

申请日：2014-03-20

Applicant: ARM Limited

Inventor： Thomas Christopher Grocutt

IPC: G06F21/74 ,  G06F21/71

CPC classification number: G06F21/74 ,  G06F21/71

Abstract: A processing apparatus 2 has a secure domain 90 and a less secure domain 80. Security protection hardware 40 performs security checking operations when the processing circuitry 2 calls between domains. A data store 6 stores several software libraries 100 and library management software 110. The library management software 110 selects at least one of the libraries 100 as an active library which is executable by the processing circuitry 4 and at least one other library 100 as inactive libraries which are not executable. In response to an access to an inactive library, the library management software 110 switches which library is active.

Abstract translation: 处理装置2具有安全域90和较不安全的域80.当处理电路2在域之间调用时，安全保护硬件40执行安全检查操作。 数据存储器6存储多个软件库100和库管理软件110.库管理软件110将库100中的至少一个选择为可由处理电路4和至少一个其他库100作为非活动库执行的活动库 哪些不可执行。 响应于对非活动库的访问，库管理软件110切换哪个库是活动的。

公开(公告)号：US09213828B2

公开(公告)日：2015-12-15

申请号：US13680352

申请日：2012-11-19

Applicant: ARM LIMITED

Inventor： Thomas Christopher Grocutt ,  Richard Roy Grisenthwaite ,  Simon John Craske

IPC: G06F21/00 ,  G06F21/52 ,  G06F9/30 ,  G06F9/46

CPC classification number: G06F21/52 ,  G06F9/30134 ,  G06F9/462 ,  G06F2221/034 ,  G06F2221/2105

Abstract: A data processing apparatus includes processing circuitry and a data store including a plurality of regions including a secure region and a less secure region. The secure region is configured to store sensitive data accessible by the circuitry when operating in a secure domain and not accessible by the circuitry when operating in a less secure domain. The data store includes a plurality of stacks with a secure stack in the secure region. Stack access circuitry is configured to store predetermined processing state to the secure stack. The processing circuitry further comprises fault checking circuitry configured to identify a first fault condition if the data stored in the predetermined relative location is the first value. This provides protection against attacks from the less secure domain, for example performing a function call return from an exception, or an exception return from a function call.

Abstract translation: 数据处理装置包括处理电路和数据存储器，其包括包括安全区域和较不安全区域的多个区域。 安全区域被配置为存储当在安全域中操作时电路可访问的敏感数据，并且当在较不安全的域中操作时不被电路访问。 数据存储器包括在安全区域中具有安全堆栈的多个堆叠。 堆栈访问电路被配置为将预定的处理状态存储到安全堆栈。 处理电路还包括故障检查电路，其被配置为如果存储在预定相对位置中的数据是第一值，则识别第一故障状况。 这提供了防止来自较不安全的域的攻击的保护，例如执行从异常返回的函数调用或来自函数调用的异常返回。

公开(公告)号：US09122890B2

公开(公告)日：2015-09-01

申请号：US14019580

申请日：2013-09-06

Applicant: ARM LIMITED

Inventor： Thomas Christopher Grocutt ,  Stuart David Biles ,  Simon John Craske

IPC: G06F21/00 ,  G06F21/62 ,  G06F21/50 ,  G06F21/52 ,  G06F21/54 ,  G06F21/55

CPC classification number: G06F21/629 ,  G06F21/50 ,  G06F21/52 ,  G06F21/54 ,  G06F21/554 ,  G06F21/74 ,  G06F2221/2105

Abstract: A data processing apparatus including processing circuitry having a secure domain and a further different secure domain and a data store for storing data and instructions. The data store includes a plurality of regions each corresponding to a domain, and at least one secure region for storing sensitive data accessible by the data processing circuitry operating in the secure domain and not accessible by the data processing circuitry operating in the further different secure domain and a less secure region for storing less sensitive data. The processing circuitry is configured to verify that a region of the data store storing the program instruction corresponds to a current domain of operation of the processing circuitry and, if not, to verify whether the program instruction includes a guard instruction and, if so, to switch to the domain corresponding to the region of the data store storing the program instruction.

Abstract translation: 一种数据处理装置，包括具有安全域和另一不同安全域的处理电路以及用于存储数据和指令的数据存储。 数据存储器包括多个区域，每个区域各自对应于域，以及至少一个安全区域，用于存储由安全域中操作的数据处理电路可访问的敏感数据，并且不能由在另外不同的安全域中操作的数据处理电路访问 以及用于存储较不敏感数据的较不安全的区域。 处理电路被配置为验证存储程序指令的数据存储区域对应于处理电路的当前操作区域，如果不是，则验证程序指令是否包括保护指令，并且如果是，则 切换到与存储程序指令的数据存储区域对应的域。

公开(公告)号：US20250156182A1

公开(公告)日：2025-05-15

申请号：US18835476

申请日：2022-12-20

Applicant: Arm Limited

Inventor： François Christopher Jacques Botman ,  Thomas Christopher Grocutt

IPC: G06F9/30

Abstract: An apparatus is described having processing circuitry to perform vector processing operations, a set of vector registers, and an instruction decoder to decode vector instructions to control the processing circuitry to perform the required operations. The instruction decoder is responsive to a given vector memory access instruction specifying a plurality of memory access operations, where each memory access operation is to be performed to access an associated data element, to determine, from a data vector indication field of the given vector memory access instruction, at least one vector register in the set of vector registers associated with a plurality of data elements, and to determine, from at least one capability vector indication field of the given vector memory access instruction, a plurality of vector registers in the set of vector registers containing a plurality of capabilities. Each capability is associated with one of the data elements in the plurality of data elements and provides an address indication and constraining information constraining use of that address indication when accessing memory. The number of vector registers determined from the at least one capability vector indication field is greater than the number of vector registers determined from the data vector indication field. The instruction decoder controls the processing circuitry: to determine, for each given data element in the plurality of data elements, a memory address based on the address indication provided by the associated capability, and to determine whether the memory access operation to be used to access the given data element is allowed in respect of that determined memory address having regard to the constraining information of the associated capability; and to enable performance of the memory access operation for each data element for which the memory access operation is allowed.

公开(公告)号：US11989425B2

公开(公告)日：2024-05-21

申请号：US17759426

申请日：2020-12-21

Applicant: Arm Limited

Inventor： Thomas Christopher Grocutt

IPC: G06F12/00 ,  G06F3/06 ,  G06F12/14

CPC classification number: G06F3/0622 ,  G06F3/0637 ,  G06F3/0673 ,  G06F12/1466

Abstract: A technique for controlling access to memory mapped control registers. The apparatus has processing circuitry for executing program code to perform data processing operations, and a set of memory mapped control registers for storing control information used to control operation of the processing circuitry. Further, a lockdown register used to store a lockdown value. The processing circuitry is arranged to execute store instructions to perform write operations to a memory address space. The processing circuitry is arranged to prevent a write operation being performed to change the control information in the memory mapped control registers. This significantly reduces the prospect of an attacker seeking to exploit a software vulnerability to change the control information in the memory mapped control registers.

公开(公告)号：US11907301B2

公开(公告)日：2024-02-20

申请号：US17260109

申请日：2019-06-06

Applicant: Arm Limited

Inventor： Thomas Christopher Grocutt ,  François Christopher Jacques Botman

IPC: G06F16/903 ,  G06F12/1009 ,  G06F12/14

CPC classification number: G06F16/90339 ,  G06F12/1009 ,  G06F12/1483 ,  G06F16/90348

Abstract: A control table (22) defines information for controlling a processing component (20) to perform an operation. The table (22) comprises entries each corresponding to a variable size region defined by a first limit address and one of a second limit address and size. A binary search procedure is provided for looking up the table, comprising a number of search window narrowing steps, each narrowing a current search window of candidate entries to a narrower search window comprising fewer entries, based on a comparison of a query address against the first limit address of a selected candidate entry of the current search window. The comparison is independent of the second limit address or size of the selected candidate entry. After the search window is narrowed to a single entry, the query address is compared with the second limit address or size of that single entry.

公开(公告)号：US11727110B2

公开(公告)日：2023-08-15

申请号：US17269205

申请日：2019-09-03

Applicant: Arm Limited

Inventor： Thomas Christopher Grocutt

IPC: G06F21/54 ,  G06F9/30 ,  G06F9/38 ,  G06F21/55 ,  G06F21/64 ,  G06F21/74

CPC classification number: G06F21/54 ,  G06F9/30101 ,  G06F9/3861 ,  G06F21/554 ,  G06F21/556 ,  G06F21/64 ,  G06F21/74

Abstract: An apparatus comprises: processing circuitry to perform data processing in one of a plurality of security domains including at least a secure domain and a less secure domain, and memory access checking circuitry to check whether a memory access is allowed depending on security attribute data indicating which domain is associated with a target address. In response to a given change of program flow from processing in the less secure domain to a target instruction having an address associated with the secure domain: a fault is triggered when the target instruction is an instruction other than a gateway instruction indicating a valid entry point to the secure domain. When the target instruction is said gateway instruction, a stack pointer verifying action is triggered to verify whether it is safe to use a selected stack pointer stored in a selected stack pointer register.

公开(公告)号：US11714641B2

公开(公告)日：2023-08-01

申请号：US16471185

申请日：2017-11-08

Applicant: ARM LIMITED

Inventor： François Christopher Jacques Botman ,  Thomas Christopher Grocutt ,  Neil Burgess

IPC: G06F9/30 ,  G06F9/345 ,  G06F9/355

CPC classification number: G06F9/30036 ,  G06F9/3013 ,  G06F9/30043 ,  G06F9/30112 ,  G06F9/345 ,  G06F9/3552 ,  G06F9/3555

Abstract: An apparatus and method are provided for performing vector processing operations. In particular the apparatus has processing circuitry to perform the vector processing operations and an instruction decoder to decode vector instructions to control the processing circuitry to perform the vector processing operations specified by the vector instructions. The instruction decoder is responsive to a vector generating instruction identifying a scalar start value and wrapping control information, to control the processing circuitry to generate a vector comprising a plurality of elements. In particular, the processing circuitry is arranged to generate the vector such that the first element in the plurality is dependent on the scalar start value, and the values of the plurality of elements follow a regularly progressing sequence that is constrained to wrap as required to ensure that each value is within bounds determined from the wrapping control information. The vector generating instruction can be useful in a variety of situations, a particular use case being to implement a circular addressing mode within memory, where the vector generating instruction can be coupled with an associated vector memory access instruction. Such an approach can remove the need to provide additional logic within the memory access path to support such circular addressing.

公开(公告)号：US11663007B2

公开(公告)日：2023-05-30

申请号：US17492068

申请日：2021-10-01

Applicant: Arm Limited

Inventor： Thomas Christopher Grocutt ,  François Christopher Jacques Botman

IPC: G06F9/32 ,  G06F9/30 ,  G06F9/38

CPC classification number: G06F9/30065 ,  G06F9/325 ,  G06F9/3846

Abstract: In response to decoding a zero-overhead loop control instruction of an instruction set architecture, processing circuitry sets at least one loop control parameter for controlling execution of one or more iterations of a program loop body of a zero-overhead loop. Based on the at least one loop control parameter, loop control circuitry controls execution of the one or more iterations of the program loop body of the zero-overhead loop, the program loop body excluding the zero-overhead loop control instruction. Branch prediction disabling circuitry detects whether the processing circuitry is executing the program loop body of the zero-overhead loop associated with the zero-overhead loop control instruction, and dependent on detecting that the processing circuitry is executing the program loop body of the zero-overhead loop, disables branch prediction circuitry. This reduces power consumption during a zero-overhead loop when the branch prediction circuitry is unlikely to provide a benefit.