公开(公告)号：US12211543B2

公开(公告)日：2025-01-28

申请号：US17940430

申请日：2022-09-08

Applicant: QUALCOMM INCORPORATED

Inventor： Victor Van Der Veen ,  Pankaj Deshmukh ,  Behnam Dashtipour ,  David Hartley

IPC: G11C11/4078 ,  G06F13/16 ,  G11C7/10 ,  G11C11/406

Abstract: Mitigating or managing an effect known as “rowhammer” upon a DRAM device may include a memory controller receiving an activation count threshold value from the DRAM device. The memory controller may detect row activation commands directed to the DRAM device and count the number of the row activation commands. The memory controller may send a mitigative refresh command to the DRAM device based on the result of comparing the counted number of row activation commands with the received activation count threshold value.

公开(公告)号：US20170085542A1

公开(公告)日：2017-03-23

申请号：US15053892

申请日：2016-02-25

Applicant: QUALCOMM Incorporated

Inventor： Roberto Avanzi ,  David Hartley ,  Rosario Cammarota

IPC: H04L29/06 ,  G06F11/16 ,  G06F11/30 ,  G06F12/14 ,  G06F11/07

CPC classification number: H04L63/061 ,  G06F11/0727 ,  G06F11/167 ,  G06F11/3037 ,  G06F12/1408 ,  G06F21/6218 ,  G06F21/78 ,  G06F2212/1052

Abstract: In an aspect, a method for protecting software includes obtaining a payload including at least one of instructions or data, establishing a realm in a memory device, encrypting the payload based on an ephemeral encryption key (EEK) associated with the realm, and storing the encrypted payload in the realm of the memory device. In another aspect, a method for protecting software includes receiving a memory transaction associated with the memory device, the memory transaction including at least a realm identifier (RID) and a realm indicator bit, obtaining the EEK associated with the RID when the RID indicates the realm and when the realm indicator bit is enabled, decrypting an instruction and/or data retrieved from the realm based on the EEK when the memory transaction is a read transaction, and encrypting second data for storage in the realm based on the EEK when the memory transaction is a write transaction.

公开(公告)号：US20180241778A1

公开(公告)日：2018-08-23

申请号：US15439769

申请日：2017-02-22

Applicant: QUALCOMM Incorporated

Inventor： Philip Hawkes ,  David Hartley

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/20 ,  G06F21/62 ,  H04L9/3242 ,  H04L9/3297 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/10 ,  H04W12/08

Abstract: Aspect may relate to a device that comprises an interface and a processor. The interface may be configured to: obtain a statement from an asserting party exercising an authorization. The processor may be coupled to the interface and the processor may be configured to: implement an evaluator to evaluate the statement from the asserting party with policy verification instructions to determine if the asserting party was authorized to issue the statement.

公开(公告)号：US10235303B2

公开(公告)日：2019-03-19

申请号：US15232723

申请日：2016-08-09

Applicant: QUALCOMM Incorporated

Inventor： David Hartley ,  Roberto Avanzi ,  Rosario Cammarota

IPC: G06F12/14 ,  G06F21/12 ,  G06F21/62 ,  H04L29/06 ,  G06F21/14 ,  G06F21/74

Abstract: Techniques for protecting software in a computing device are provided. A method according to these techniques includes receiving a request from a non-secure software module to execute an instruction of a secure software module comprising encrypted program code, determining whether the instruction comprises an instruction associated with a controlled point of entry to the secure software module accessible outside of the secure software module, executing one or more instructions of the secure software module responsive to the instruction comprising an instruction associated with the controlled point of entry to the secure software module, and controlling exit from the secure software module to return execution to the non-secure software module.

公开(公告)号：US10223289B2

公开(公告)日：2019-03-05

申请号：US15070947

申请日：2016-03-15

Applicant: QUALCOMM Incorporated

Inventor： Roberto Avanzi ,  David Hartley ,  Rosario Cammarota

IPC: G06F21/00 ,  G06F12/14 ,  G06F12/0802 ,  G06F21/14 ,  G06F21/79 ,  G06F21/60

Abstract: In an aspect, a cache memory device receives a request to read an instruction or data associated with a memory device. The request includes a first realm identifier and a realm indicator bit, where the first realm identifier enables identification of a realm that includes one or more selected regions in the memory device. The cache memory device determines whether the first realm identifier matches a second realm identifier in a cache tag when the instruction or data is stored in the cache memory device, where the instruction or data stored in the cache memory device has been decrypted based on an ephemeral encryption key associated with the second realm identifier when the first realm identifier indicates the realm and when the realm indicator bit is enabled. The cache memory device transmits the instruction or data when the first realm identifier matches the second realm identifier.

公开(公告)号：US10142303B2

公开(公告)日：2018-11-27

申请号：US15053892

申请日：2016-02-25

Applicant: QUALCOMM Incorporated

Inventor： Roberto Avanzi ,  David Hartley ,  Rosario Cammarota

IPC: H04L29/06 ,  G06F12/14 ,  G06F21/62 ,  G06F21/78 ,  G06F11/07 ,  G06F11/16 ,  G06F11/30

Abstract: In an aspect, a method for protecting software includes obtaining a payload including at least one of instructions or data, establishing a realm in a memory device, encrypting the payload based on an ephemeral encryption key (EEK) associated with the realm, and storing the encrypted payload in the realm of the memory device. In another aspect, a method for protecting software includes receiving a memory transaction associated with the memory device, the memory transaction including at least a realm identifier (RID) and a realm indicator bit, obtaining the EEK associated with the RID when the RID indicates the realm and when the realm indicator bit is enabled, decrypting an instruction and/or data retrieved from the realm based on the EEK when the memory transaction is a read transaction, and encrypting second data for storage in the realm based on the EEK when the memory transaction is a write transaction.

公开(公告)号：US20170010982A1

公开(公告)日：2017-01-12

申请号：US15070947

申请日：2016-03-15

Applicant: QUALCOMM Incorporated

Inventor： Roberto Avanzi ,  David Hartley ,  Rosario Cammarota

IPC: G06F12/14 ,  G06F21/60 ,  G06F12/08

CPC classification number: G06F12/1408 ,  G06F12/0802 ,  G06F12/1466 ,  G06F21/14 ,  G06F21/602 ,  G06F21/79

Abstract: In an aspect, a cache memory device receives a request to read an instruction or data associated with a memory device. The request includes a first realm identifier and a realm indicator bit, where the first realm identifier enables identification of a realm that includes one or more selected regions in the memory device. The cache memory device determines whether the first realm identifier matches a second realm identifier in a cache tag when the instruction or data is stored in the cache memory device, where the instruction or data stored in the cache memory device has been decrypted based on an ephemeral encryption key associated with the second realm identifier when the first realm identifier indicates the realm and when the realm indicator bit is enabled. The cache memory device transmits the instruction or data when the first realm identifier matches the second realm identifier.

Abstract translation: 在一方面，高速缓冲存储器设备接收读取与存储器设备相关联的指令或数据的请求。 该请求包括第一领域标识符和领域指示符位，其中第一领域标识符使得能够识别包括存储器设备中的一个或多个所选区域的领域。 当指令或数据存储在高速缓冲存储器件中时，高速缓存存储器件确定第一区标识符是否与高速缓存标签中的第二区标识符匹配，其中存储在高速缓冲存储器件中的指令或数据已经基于短暂的解密 当第一领域标识符指示领域以及当领域指示符位被启用时与第二领域标识符相关联的加密密钥。 当第一领域标识符与第二领域标识符匹配时，高速缓冲存储器设备发送指令或数据。

公开(公告)号：US12094515B2

公开(公告)日：2024-09-17

申请号：US17890022

申请日：2022-08-17

Applicant: QUALCOMM INCORPORATED

Inventor： Victor Van Der Veen ,  Pankaj Deshmukh ,  Behnam Dashtipour ,  David Hartley ,  Mosaddiq Saifuddin

IPC: G11C7/00 ,  G11C11/406 ,  G11C11/4096

CPC classification number: G11C11/40618 ,  G11C11/40615 ,  G11C11/4096

Abstract: An effect known as “rowhammer” may be mitigated in a DRAM organized in sub-banks of two or more rows. Row activation commands directed to a sub-bank may be detected. The number of row activation commands occurring within a refresh window may be counted and compared with a threshold. When it is detected that the number of row activation commands within the refresh window exceeds the threshold, an additional refresh command may be provided to the DRAM.

公开(公告)号：US20240062800A1

公开(公告)日：2024-02-22

申请号：US17890022

申请日：2022-08-17

Applicant: QUALCOMM Incorporated

Inventor： Victor Van Der Veen ,  Pankaj Deshmukh ,  Behnam Dashtipour ,  David Hartley ,  Mosaddiq Saifuddin

IPC: G11C11/406 ,  G11C11/4096

CPC classification number: G11C11/40618 ,  G11C11/40615 ,  G11C11/4096

Abstract: An effect known as “rowhammer” may be mitigated in a DRAM organized in sub-banks of two or more rows. Row activation commands directed to a sub-bank may be detected. The number of row activation commands occurring within a refresh window may be counted and compared with a threshold. When it is detected that the number of row activation commands within the refresh window exceeds the threshold, an additional refresh command may be provided to the DRAM.