-
1.发明申请公开(公告)号:US20190095357A1
公开(公告)日:2019-03-28
申请号:US15719222
申请日:2017-09-28
Applicant: Intel Corporation
Inventor: Meltem OZSOY , Vedvyas SHANBHOGUE , Krystof C. ZMUDZINSKI , Francis X. MCKEEN , Carlos V. ROZAS , Ilya ALEXANDROVICH , Ittai ANATI , Raghunandan MAKARAM , Dror CASPI , Hisham SHAFI
Abstract: A system includes a processor core and main memory. The processor core is to, in response to execution of a patch-load instruction, retrieve, from a predetermined area of the main memory, memory protection metadata and a memory range of reserved memory, wherein the reserved memory is not flexibly convertible to enclave pages. The processor core is further to retrieve a bit from an architectural control register, wherein a value of the bit is to indicate whether an operating system is capable of management of flexibly-convertible enclave pages. The processor core is further to activate, using the memory protection metadata and one of the first information or the second information, a mode of protected memory management for the processor core in response to the value of the bit in the architectural control register.
-
公开(公告)号:US20200004552A1
公开(公告)日:2020-01-02
申请号:US16024733
申请日:2018-06-29
Applicant: Intel Corporation
Inventor: Fangfei LIU , Bin XING , Michael STEINER , Mona VIJ , Carlos ROZAS , Francis MCKEEN , Meltem OZSOY , Matthew FERNANDEZ , Krystof ZMUDZINSKI , Mark SHANAHAN
Abstract: Detailed herein are systems, apparatuses, and methods for a computer architecture with instruction set support to mitigate against page fault- and/or cache-based side-channel attacks. In an embodiment, an apparatus includes a decoder to decode a first instruction, the first instruction having a first field for a first opcode that indicates that execution circuitry is to set a first flag in a first register that indicates a mode of operation that redirects program flow to an exception handler upon the occurrence of an event. The apparatus further includes execution circuitry to execute the decoded first instruction to set the first flag in the first register that indicates the mode of operation and to store an address of an exception handler in a second register.
-
公开(公告)号:US20190196982A1
公开(公告)日:2019-06-27
申请号:US15854278
申请日:2017-12-26
Applicant: Intel Corporation
Inventor: Carlos V. ROZAS , Ittai ANATI , Francis X. MCKEEN , Krystof ZMUDZINSKI , Ilya ALEXANDROVICH , Somnath CHAKRABARTI , Dror CASPI , Meltem OZSOY
IPC: G06F12/14 , G06F12/128 , G06F3/06 , G06F12/0806 , G06F12/0868 , G06F12/1009 , G06F12/1027
Abstract: A secure enclave circuit stores an enclave page cache map to track contents of a secure enclave in system memory that stores secure data containing a page having a virtual address. An execution unit is to, in response to a request to evict the page from the secure enclave: block creation of translations of the virtual address; record one or more hardware threads currently accessing the secure data in the secure enclave; send an inter-processor interrupt to one or more cores associated with the one or more hardware threads, to cause the one or more hardware threads to exit the secure enclave and to flush translation lookaside buffers of the one or more cores; and in response to detection of a page fault associated with the virtual address for the page in the secure enclave, unblock the creation of translations of the virtual address.
-
-
Search Results
3
records
(took 0.013 seconds)
