公开(公告)号：US20240202139A1

公开(公告)日：2024-06-20

申请号：US18556477

申请日：2022-02-17

Applicant: Arm Limited

Inventor： François Christopher Jacques Botman ,  Thomas Christopher Grocutt ,  Bradley John Smith

IPC: G06F12/14 ,  G06F21/60

CPC classification number: G06F12/1458 ,  G06F21/604

Abstract: There is provided an apparatus, method and computer program for constraining memory accesses. The apparatus comprises processing circuitry to perform operations during which access requests to memory are generated. The processing circuitry is arranged to generate memory addresses for the access requests using capabilities that identify constraining information. The apparatus further comprises capability checking circuitry to perform a capability check operation to determine whether a given access request whose memory address is generated using a given capability is permitted based on given constraining information identified by the given capability. The capability check operation includes performing a range check based on range constraining information provided by the given constraining information, and when a determined condition is met, to perform the range check in dependence on both the range constraining information and an item of state information of the apparatus which varies dynamically during performance of the operations of the processing circuitry.

公开(公告)号：US11720619B2

公开(公告)日：2023-08-08

申请号：US17098815

申请日：2020-11-16

Applicant: Arm Limited

Inventor： François Christopher Jacques Botman ,  Thomas Christopher Grocutt ,  Bradley John Smith

IPC: G06F16/35 ,  G06F16/33 ,  G06F16/335

CPC classification number: G06F16/355 ,  G06F16/335

Abstract: Data processing apparatuses, methods and computer programs are disclosed. A range definition register is arranged to store a range specifier and filtering operations are performed with respect to a specified transaction by reference to the range definition register. The range definition register stores the range specifier in a format comprising a significand and an exponent, wherein a range of data identifiers is at least partially defined by the range specifier. When the specified transaction is with respect to a data identifier within the range of data identifiers, the filtering operations performed are dependent on attribute data associated with the range of data identifiers.

公开(公告)号：US10909006B2

公开(公告)日：2021-02-02

申请号：US16338757

申请日：2017-10-20

Applicant: Arm Limited ,  THE CHANCELLOR, MASTERS AND SCHOLARS OF THE UNIVERSITY OF CAMBRIDGE

Inventor： Sam Ainsworth ,  Thomas Christopher Grocutt ,  Timothy Martin Jones

IPC: G06F11/16 ,  G06F11/14

Abstract: An apparatus comprises a main processor to execute a main stream of program instructions, two or more checker processors to execute respective checker streams of program instructions in parallel with each other, the checker streams corresponding to different portions of the main stream executed by the main processor, and error detection circuitry to detect an error when a mismatch is detected between an outcome of a given portion of the main stream executed on the main processor and an outcome of the corresponding checker stream executed on one of the plurality of checker processors. This approach enables high performance main processors 4 to be checked for errors with lower circuit area and power consumption overhead than a dual-core lockstep technique.

公开(公告)号：US10819736B2

公开(公告)日：2020-10-27

申请号：US15825524

申请日：2017-11-29

Applicant: Arm Limited

Inventor： Thomas Christopher Grocutt ,  Yasuo Ishii

IPC: H04L29/06 ,  G06F9/38 ,  G06F21/53 ,  G06F21/78

Abstract: A data processing apparatus comprises branch prediction circuitry adapted to store at least one branch prediction state entry in relation to a stream of instructions, input circuitry to receive at least one input to generate a new branch prediction state entry, wherein the at least one input comprises a plurality of bits; and coding circuitry adapted to perform an encoding operation to encode at least some of the plurality of bits based on a value associated with a current execution environment in which the stream of instructions is being executed. This guards against potential attacks which exploit the ability for branch prediction entries trained by one execution environment to be used by another execution environment as a basis for branch predictions.

公开(公告)号：US10210349B2

公开(公告)日：2019-02-19

申请号：US13735350

申请日：2013-01-07

Applicant: ARM Limited

Inventor： Thomas Christopher Grocutt ,  Richard Roy Grisenthwaite

IPC: G06F21/64 ,  G06F21/52 ,  G06F9/30 ,  G06F9/46

Abstract: A data processing apparatus has processing circuitry which has a secure domain and a less secure domain of operation. When operating in the secure domain the processing circuitry has access to data that is not accessible in the less secure domain. In response to a control flow altering instruction, processing switches to a program instruction at a target address. Domain selection is performed to determine a selected domain in which the processing circuitry is to operate for the instruction at the target address. Domain checking can be performed to check which domains are allowed to be the selected domain determining the domain selection. A domain check error is triggered if the selected domain in the domain selection is not an allowed selected domain.

公开(公告)号：US09465690B2

公开(公告)日：2016-10-11

申请号：US14462205

申请日：2014-08-18

Applicant: ARM LIMITED

Inventor： Thomas Christopher Grocutt ,  Dall George Mathew Amos

IPC: G06F11/10 ,  H03M13/09 ,  H04L1/00

CPC classification number: G06F11/1004 ,  H03M13/09 ,  H03M13/091 ,  H04L1/0041 ,  H04L1/0061

Abstract: Circuitry for providing error check values for indicating errors in data portions within a data stream. The circuitry comprises error detecting code generation circuitry configured to apply an error detecting code algorithm to the data stream and to thereby generate and periodically update a multi-bit check value as the data stream is processed, each update of the multi-bit check value being indicative of the error detecting code generation circuitry receiving a further item of the data stream. An output for periodically outputting a fragment of the multi-bit check value from the error detecting code generation circuitry during the processing of the data stream, the fragments output each corresponding to a data portion of the data stream. Wherein each of the fragment of the multi-bit check value provides a value indicative of an error occurring either in the corresponding portion of the data stream or in an earlier portion of the data stream.

Abstract translation: 用于提供用于指示数据流内的数据部分中的错误的错误检查值的电路。 该电路包括错误检测代码生成电路，该错误检测代码产生电路经配置以将错误检测代码算法应用于数据流，并由此在处理数据流时生成并周期性地更新多位检查值，多位检查值的更新为 指示错误检测代码生成电路接收数据流的另一个项目。 一种输出，用于在数据流的处理期间周期性地从错误检测码产生电路输出多比特校验值的片段，每个与数据流的数据部分相对应的片段输出。 其中，多位检查值的每个片段提供指示在数据流的相应部分或数据流的较早部分中出现的错误的值。

公开(公告)号：US12174755B2

公开(公告)日：2024-12-24

申请号：US18247400

申请日：2021-08-11

Applicant: Arm Limited

Inventor： François Christopher Jacques Botman ,  Thomas Christopher Grocutt ,  Bradley John Smith

IPC: G06F12/14 ,  G06F21/56

Abstract: An apparatus and method for constraining access to memory using capabilities. Processing circuitry performs operations during which access requests to memory are generated, with memory addresses for the access requests being generated using capabilities that identify constraining information. Capability checking circuitry performs a capability check operation to determine whether a given access request whose memory address is generated using a given capability is permitted based on the constraining information. Memory access checking circuitry then further constrains access to the memory by the given access request in dependence on a level of trust. The given capability has a capability level of trust associated therewith, and the level of trust associated with the given access request is dependent on both the current mode level of trust associated with the current mode of operation of the processing circuitry, and the capability level of trust of the given capability.

公开(公告)号：US11704127B2

公开(公告)日：2023-07-18

申请号：US16628418

申请日：2018-06-19

Applicant: ARM LIMITED

Inventor： Thomas Christopher Grocutt ,  François Christopher Jacques Botman ,  Bradley John Smith

IPC: G06F9/312 ,  G06F9/46 ,  G06F9/30

CPC classification number: G06F9/30043 ,  G06F9/3013 ,  G06F9/30189 ,  G06F9/461

Abstract: A data processing system includes processing circuitry for executing context-data-dependent program instructions which are decoded by decoder circuitry. Such context-data-dependent program instructions perform processing which is dependent upon currently existing context data. As an example, the context-data-dependent program instructions may be floating point instructions and the context data may be rounding mode information. The decoder circuitry supports a context save instruction which saves context data when it is marked as having been used and saves default context data when the current context data is marked as not having been used. The decoder circuitry further supports a context restore instruction which restores context data when the current context data is marked as having been used and permits the current context data to continue for future use when it is marked as currently unused.

公开(公告)号：US11550735B1

公开(公告)日：2023-01-10

申请号：US17486639

申请日：2021-09-27

Applicant: Arm Limited

Inventor： François Christopher Jacques Botman ,  Thomas Christopher Grocutt ,  Jack William Derek Andrew

IPC: G06F13/00 ,  G06F13/16 ,  G06F12/02

Abstract: Memory access control circuitry controls handling of a memory access request based on at least one memory access control attribute associated with a region of address space including the target address. The memory access control circuitry comprises: lookup circuitry comprising a plurality of sets of comparison circuitry, each set of comparison circuitry to detect, based on at least one address-region-indicating parameter associated with a corresponding region of address space, whether the target address is within the corresponding region of address space; region mismatch prediction circuitry to provide a region mismatch prediction indicative of which of the sets of comparison circuitry is predicted to detect a region mismatch condition; and comparison disabling circuitry to disable at least one of the sets of comparison circuitry that is predicted by the region mismatch prediction circuitry to detect the region mismatch condition for the target address.

公开(公告)号：US10768938B2

公开(公告)日：2020-09-08

申请号：US16085053

申请日：2017-03-21

Applicant: ARM Limited

Inventor： Thomas Christopher Grocutt ,  Richard Roy Grisenthwaite ,  Simon John Craske ,  François Christopher Jacques Botman ,  Bradley John Smith

IPC: G06F9/30 ,  G06F9/38 ,  G06F9/32 ,  G06F9/34

Abstract: A data processing system provides a branch forward instruction (BF) which has programmable parameters specifying a branch target address to be branched to and a branch point identifying a program instruction following the branch forward instruction which, when reached, is followed by a branch to the branch target address.