公开(公告)号：US12099450B1

公开(公告)日：2024-09-24

申请号：US18312735

申请日：2023-05-05

Applicant: Arm Limited

Inventor： Richard Jared Cooper ,  Andreas Lars Sandberg

IPC: G06F12/10 ,  G06F12/1009 ,  G06F12/1027

CPC classification number: G06F12/1009 ,  G06F12/1027

Abstract: Address translation circuitry is provided to perform address translation on receipt of a first address to generate a second address. The address translation circuitry comprises a page walk controller configured to perform sequential page table lookups in a plurality of page table levels of a page table hierarchy. Portions of the first address are used to index into sequential page table levels. Cache storage is provided to cache entries comprising translation information retrieved by the sequential page table lookups. An entry in the cache storage further comprises in association with the translation information a re-use indicator indicative of a re-use expectation for subsequent information which is subordinate to the translation information of the entry in the page table hierarchy. The address translation circuitry is configured to modify cache usage for the subsequent information in dependence on the re-use indicator.

公开(公告)号：US10860215B2

公开(公告)日：2020-12-08

申请号：US16152485

申请日：2018-10-05

Applicant: Arm Limited

Inventor： Radhika Sanjeev Jagtap ,  Nikos Nikoleris ,  Andreas Lars Sandberg

IPC: G06F3/06

Abstract: An apparatus comprises control circuitry to control access to a memory implemented using a memory technology providing variable access latency. The control circuitry has request handling circuitry to identify an execution context switch comprising a transition from servicing memory access requests associated with a first execution context to servicing memory access requests associated with a second execution context. At least when the execution context switch meets a predetermined condition, a delay masking action is triggered to control subsequent memory access requests associated with the second execution context, for which the required data is already stored in the memory, to be serviced with a response delay which is independent of which addresses were accessed by the memory access requests associated with the first execution context. This can help guard against attacks which aim to exploit variation in response latency to gain insight into the addresses accessed by a victim execution context.

公开(公告)号：US10831673B2

公开(公告)日：2020-11-10

申请号：US16181474

申请日：2018-11-06

Applicant: Arm Limited

Inventor： Andreas Lars Sandberg ,  Nikos Nikoleris ,  Prakash S. Ramrakhyani

IPC: G06F12/1027

Abstract: Memory address translation apparatus comprises page table access circuitry to access page table data to retrieve translation data defining an address translation between an initial memory address in an initial memory address space, and a corresponding output memory address in an output address space; a translation data buffer to store, for a subset of the virtual address space, one or more instances of the translation data; and control circuitry, responsive to an input initial memory address to be translated, to request retrieval of translation data for the input initial memory address from the translation data buffer and, before completion of processing of the request for retrieval from the translation data buffer, to initiate retrieval of translation data for the input initial memory address by the page table access circuitry.

公开(公告)号：US20200341900A1

公开(公告)日：2020-10-29

申请号：US16395897

申请日：2019-04-26

Applicant: Arm Limited

Inventor： Andreas Lars Sandberg ,  Prakash S. Ramrakhyani

IPC: G06F12/0864 ,  G06F12/0891 ,  G06F12/128 ,  H04L9/08

Abstract: A system, apparatus and method for secure functions and manipulating cache line data. The method includes generating cache block addresses from a subset of bits, i.e. tag bits, of a cache address and hashing the cache block addresses with one or more secure functions that use keys to generate secure indexes.

公开(公告)号：US12118101B2

公开(公告)日：2024-10-15

申请号：US17903267

申请日：2022-09-06

Applicant: Arm Limited

Inventor： Brendan James Moran ,  Adrian Laurence Shaw ,  Andreas Lars Sandberg

IPC: G06F21/60 ,  G06F21/53

CPC classification number: G06F21/604 ,  G06F21/53

Abstract: An apparatus and method are described for providing a trusted execution environment. The apparatus comprises processing circuitry to execute program code, and interrupt controller circuitry, responsive to receipt of one or more interrupt requests, to select a given interrupt request from amongst the one or more interrupt requests, and to issue an interrupt signal to the processing circuitry identifying a given interrupt service routine providing program code to be executed by the processing circuitry to service the given interrupt request. The interrupt controller circuitry is responsive to the given interrupt request being a trusted execution environment (TEE) interrupt request, to issue the interrupt signal to identify as the given interrupt service routine a TEE interrupt service routine, and to inhibit issuance of any further interrupt signal until the TEE interrupt service routine has been executed by the processing circuitry. The interrupt controller circuitry comprises code protection circuitry to inhibit unauthorised modification of the TEE interrupt service routine, and data protection circuitry to inhibit unauthorised access to confidential data processed by the TEE interrupt service routine.

公开(公告)号：US12073104B1

公开(公告)日：2024-08-27

申请号：US18299763

申请日：2023-04-13

Applicant: Arm Limited

Inventor： Roberto Avanzi ,  Andreas Lars Sandberg ,  David Helmut Schall

IPC: G06F3/06

CPC classification number: G06F3/0644 ,  G06F3/0623 ,  G06F3/0673

Abstract: There is provided a memory protection unit configured to maintain region metadata associated with storage regions of off-chip storage and protection metadata associated with each of the storage regions. The protection metadata is stored in the off-chip storage, and the region metadata encodes whether each of the storage regions belongs to a set of protected storage regions or to a set of unprotected storage regions and encodes information indicating corresponding protection metadata associated with each storage region. The memory protection unit is configured to update the region metadata in response to a region update request identifying a given storage region for which the region metadata is to be modified and to dynamically adjust an amount of memory required to store protection metadata associated with the set of protected storage regions in response to the update to the region metadata.

公开(公告)号：US12038846B2

公开(公告)日：2024-07-16

申请号：US17593319

申请日：2020-01-03

Applicant: Arm Limited

Inventor： Andreas Lars Sandberg ,  Stephan Diestelhorst

IPC: G06F12/1009 ,  G06F12/0817

CPC classification number: G06F12/1009 ,  G06F12/0817

Abstract: A page table structure for address translation may include a relative type of page table entry, for which an address pointer to a next-level page table entry or a translated address may be specified using a relative offset value indicating an offset of the address pointer relative to a reference-point base address.

公开(公告)号：US20240080193A1

公开(公告)日：2024-03-07

申请号：US18446530

申请日：2023-08-09

Applicant: Arm Limited

Inventor： Andreas Lars Sandberg ,  Roberto Avanzi ,  Alexander Klimov

IPC: H04L9/32

CPC classification number: H04L9/32

Abstract: An apparatus comprises counter integrity tree circuitry to maintain a counter integrity tree having a plurality of nodes. The counter integrity tree circuitry is configured to store, in a first node of the counter integrity tree, an encrypted representation of two or more non-repeating counters and in a second, parent, node, an indication of a function value equal to a non-repeating function of the two or more non-repeating counters of the first node. The apparatus comprises integrity checking circuitry configured to check the integrity of the first node using the function value retrieved from the second node.

公开(公告)号：US10942856B2

公开(公告)日：2021-03-09

申请号：US16395935

申请日：2019-04-26

Applicant: Arm Limited

Inventor： Andreas Lars Sandberg ,  Prakash S. Ramrakhyani

IPC: G06F12/0864 ,  G06F12/0811 ,  H04L9/06 ,  H04L9/08

Abstract: A system, apparatus and method for secure functions and manipulating cache line data. The method includes generating cache block addresses from a subset of bits, i.e. tag bits, of a cache address and hashing the cache block addresses with one or more secure functions that use keys to generate secure indexes.

公开(公告)号：US10853262B2

公开(公告)日：2020-12-01

申请号：US16342644

申请日：2017-11-29

Applicant: ARM LIMITED

Inventor： Nikos Nikoleris ,  Andreas Lars Sandberg ,  Prakash S. Ramrakhyani ,  Stephan Diestelhorst

IPC: G06F9/26 ,  G06F12/1009 ,  G11C11/408 ,  G06F12/1027 ,  G11C8/06 ,  G11C11/4096

Abstract: Memory address translation apparatus comprises page table access circuitry to access a page table to retrieve translation data; a translation data buffer to store one or more instances of the translation data, comprising: an array of storage locations arranged in rows and columns; a row buffer comprising a plurality of entries and comparison circuitry responsive to a key value dependent upon at least the initial memory address, to compare the key value with information stored in each of at least one key entry and an associated value entry for storing at least a representation of a corresponding output memory address, and to identify which of the at least one key entry, if any, is a matching key entry storing information matching the key value; and output circuitry to output, when there is a matching key entry, at least the representation of the output memory address.