CN111433740B - 推测屏障指令 - Google Patents

推测屏障指令 Download PDF

Info

Publication number
CN111433740B
CN111433740B CN201880078157.2A CN201880078157A CN111433740B CN 111433740 B CN111433740 B CN 111433740B CN 201880078157 A CN201880078157 A CN 201880078157A CN 111433740 B CN111433740 B CN 111433740B
Authority
CN
China
Prior art keywords
instruction
speculative
barrier
cache
conditional
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201880078157.2A
Other languages
English (en)
Chinese (zh)
Other versions
CN111433740A (zh
Inventor
理查德·罗伊·格里森思怀特
贾科莫·加布雷利
马修·詹姆斯·霍斯内尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ARM Ltd
Original Assignee
ARM Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ARM Ltd filed Critical ARM Ltd
Publication of CN111433740A publication Critical patent/CN111433740A/zh
Application granted granted Critical
Publication of CN111433740B publication Critical patent/CN111433740B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/0802Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches
    • G06F12/0875Addressing of a memory level in which the access to the desired data or data block requires associative addressing means, e.g. caches with dedicated cache, e.g. instruction or stack
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30003Arrangements for executing specific machine instructions
    • G06F9/3005Arrangements for executing specific machine instructions to perform operations for flow control
    • G06F9/30058Conditional branch instructions
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30003Arrangements for executing specific machine instructions
    • G06F9/30076Arrangements for executing specific machine instructions to perform miscellaneous control operations, e.g. NOP
    • G06F9/30087Synchronisation or serialisation instructions
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/32Address formation of the next instruction, e.g. by incrementing the instruction counter
    • G06F9/322Address formation of the next instruction, e.g. by incrementing the instruction counter for non-sequential address
    • G06F9/323Address formation of the next instruction, e.g. by incrementing the instruction counter for non-sequential address for indirect branch instructions
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/38Concurrent instruction execution, e.g. pipeline or look ahead
    • G06F9/3824Operand accessing
    • G06F9/3834Maintaining memory consistency
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/38Concurrent instruction execution, e.g. pipeline or look ahead
    • G06F9/3836Instruction issuing, e.g. dynamic instruction scheduling or out of order instruction execution
    • G06F9/3842Speculative instruction execution
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Physics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Advance Control (AREA)
  • Executing Machine-Instructions (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
CN201880078157.2A 2018-01-03 2018-12-14 推测屏障指令 Active CN111433740B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201862613280P 2018-01-03 2018-01-03
US62/613,280 2018-01-03
US16/208,701 US10866805B2 (en) 2018-01-03 2018-12-04 Speculation barrier instruction
US16/208,701 2018-12-04
PCT/GB2018/053636 WO2019135063A1 (en) 2018-01-03 2018-12-14 Speculation barrier instruction

Publications (2)

Publication Number Publication Date
CN111433740A CN111433740A (zh) 2020-07-17
CN111433740B true CN111433740B (zh) 2024-07-30

Family

ID=67058912

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201880078157.2A Active CN111433740B (zh) 2018-01-03 2018-12-14 推测屏障指令

Country Status (6)

Country Link
US (1) US10866805B2 (enExample)
EP (1) EP3735633B1 (enExample)
JP (1) JP7406489B2 (enExample)
KR (1) KR102727263B1 (enExample)
CN (1) CN111433740B (enExample)
WO (1) WO2019135063A1 (enExample)

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2554096B (en) * 2016-09-20 2019-03-20 Advanced Risc Mach Ltd Handling of inter-element address hazards for vector instructions
US11265291B2 (en) 2017-08-25 2022-03-01 Red Hat, Inc. Malicious packet filtering by a hypervisor
US11675594B2 (en) * 2018-04-19 2023-06-13 Intel Corporation Systems, methods, and apparatuses to control CPU speculation for the prevention of side-channel attacks
DE102019107055A1 (de) 2018-04-19 2019-10-24 Intel Corporation Systeme, Verfahren und Vorrichtungen zum Steuern der CPU-Spekulationen zur Verhinderung vn Seitenkanalangriffen
JP7064135B2 (ja) * 2018-05-15 2022-05-10 富士通株式会社 演算処理装置及び演算処理装置の制御方法
US11106466B2 (en) * 2018-06-18 2021-08-31 International Business Machines Corporation Decoupling of conditional branches
US11119784B2 (en) * 2018-06-29 2021-09-14 Intel Corporation Efficient mitigation of side-channel based attacks against speculative execution processing architectures
US11334495B2 (en) * 2019-08-23 2022-05-17 Arm Limited Cache eviction
US11663014B2 (en) * 2019-08-26 2023-05-30 Arm Limited Speculatively executing instructions that follow a status updating instruction
US11709716B2 (en) * 2019-08-26 2023-07-25 Red Hat, Inc. Hardware offload support for an operating system offload interface using operation code verification
US11443044B2 (en) * 2019-09-23 2022-09-13 International Business Machines Corporation Targeted very long delay for increasing speculative execution progression
US20210096872A1 (en) * 2019-09-27 2021-04-01 Intel Corporation Hardware for eliding security checks when deemed safe during speculative execution
US12079197B2 (en) * 2019-10-18 2024-09-03 Dover Microsystems, Inc. Systems and methods for updating metadata
US10990393B1 (en) 2019-10-21 2021-04-27 Advanced Micro Devices, Inc. Address-based filtering for load/store speculation
CN111857825B (zh) 2020-07-20 2024-10-29 昆仑芯(北京)科技有限公司 指令执行方法、装置、电子设备、存储介质和程序产品
US11720360B2 (en) * 2020-09-11 2023-08-08 Apple Inc. DSB operation with excluded region
US20220091851A1 (en) * 2020-09-23 2022-03-24 Intel Corporation System, Apparatus And Methods For Register Hardening Via A Micro-Operation
US11675899B2 (en) * 2020-12-15 2023-06-13 International Business Machines Corporation Hardware mitigation for Spectre and meltdown-like attacks
US20220207147A1 (en) * 2020-12-26 2022-06-30 Intel Corporation Hardening registers against speculation vulnerabilities
US20220207138A1 (en) * 2020-12-26 2022-06-30 Intel Corporation Hardening store hardware against speculation vulnerabilities
DE102021102777A1 (de) * 2021-02-05 2022-08-11 Infineon Technologies Ag Verarbeitung von in einem speicher gespeicherter daten
CN113703842B (zh) * 2021-09-10 2024-03-26 中国人民解放军国防科技大学 一种基于分支预测的值预测方法、装置及介质
US12067399B2 (en) 2022-02-01 2024-08-20 Apple Inc. Conditional instructions prediction
US12450068B2 (en) 2023-07-25 2025-10-21 Apple Inc. Biased conditional instruction prediction
US12578965B2 (en) 2023-07-25 2026-03-17 Apple Inc. Biased indirect control transfer prediction
US20260072693A1 (en) * 2024-09-10 2026-03-12 Arm Limited Speculation barrier
US12561144B1 (en) * 2024-09-27 2026-02-24 Intel Corporation Circuitry and methods for a conditional fence instruction

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6484230B1 (en) * 1998-09-28 2002-11-19 International Business Machines Corporation Method and system for speculatively processing a load instruction before completion of a preceding synchronization instruction

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5611063A (en) * 1996-02-06 1997-03-11 International Business Machines Corporation Method for executing speculative load instructions in high-performance processors
US6772325B1 (en) * 1999-10-01 2004-08-03 Hitachi, Ltd. Processor architecture and operation for exploiting improved branch control instruction
US6493819B1 (en) * 1999-11-16 2002-12-10 Advanced Micro Devices, Inc. Merging narrow register for resolution of data dependencies when updating a portion of a register in a microprocessor
US6678810B1 (en) * 1999-12-30 2004-01-13 Intel Corporation MFENCE and LFENCE micro-architectural implementation method and system
WO2003029961A1 (en) * 2001-10-02 2003-04-10 Koninklijke Philips Electronics N.V. Speculative execution for java hardware accelerator
DE10254657A1 (de) * 2002-11-22 2004-06-03 Philips Intellectual Property & Standards Gmbh Mikrocontroller und zugeordnetes Verfahren zum Abarbeiten der Programmierung des Mikrocontrollers
US8516201B2 (en) 2006-12-05 2013-08-20 Intel Corporation Protecting private data from cache attacks
US20090089564A1 (en) * 2006-12-06 2009-04-02 Brickell Ernie F Protecting a Branch Instruction from Side Channel Vulnerabilities
KR20140011940A (ko) * 2012-07-18 2014-01-29 한국전자통신연구원 분기 명령 실행 캐쉬를 이용한 프로세서 및 분기 명령 실행 캐쉬를 이용한 프로세서의 동작 방법
GB2509830B (en) * 2013-02-11 2014-12-24 Imagination Tech Ltd Speculative load issue
US9304940B2 (en) * 2013-03-15 2016-04-05 Intel Corporation Processors, methods, and systems to relax synchronization of accesses to shared memory
US9361144B2 (en) * 2013-06-28 2016-06-07 Globalfoundries Inc. Predictive fetching and decoding for selected return instructions
US9323535B2 (en) * 2013-06-28 2016-04-26 Intel Corporation Instruction order enforcement pairs of instructions, processors, methods, and systems
CN105005737A (zh) * 2015-07-31 2015-10-28 天津大学 一种面向分支预测攻击的微体系结构级安全防护方法

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6484230B1 (en) * 1998-09-28 2002-11-19 International Business Machines Corporation Method and system for speculatively processing a load instruction before completion of a preceding synchronization instruction

Also Published As

Publication number Publication date
KR20200101943A (ko) 2020-08-28
KR102727263B1 (ko) 2024-11-07
US10866805B2 (en) 2020-12-15
CN111433740A (zh) 2020-07-17
US20190205140A1 (en) 2019-07-04
EP3735633A1 (en) 2020-11-11
EP3735633B1 (en) 2022-10-12
WO2019135063A1 (en) 2019-07-11
JP7406489B2 (ja) 2023-12-27
JP2021509743A (ja) 2021-04-01

Similar Documents

Publication Publication Date Title
CN111433740B (zh) 推测屏障指令
Li et al. Conditional speculation: An effective approach to safeguard out-of-order execution against spectre attacks
KR102902347B1 (ko) 추측 제한된 메모리 영역 종류
JP7377211B2 (ja) 投機的サイド・チャネル・ヒント命令
CN114402324A (zh) 基于程序行为对基于推测的攻击的混合缓解
Maisuradze et al. Speculose: Analyzing the security implications of speculative execution in CPUs
Colvin et al. An abstract semantics of speculative execution for reasoning about security vulnerabilities
IL270499B (en) A standard and method for interpreting capability-related credentials
US11307856B2 (en) Branch target variant of branch-with-link instruction
Hayes et al. {GPU} Taint Tracking
KR20200139709A (ko) 명령들의 명령 캐시 스토리지에의 할당을 제어하는 장치 및 방법
Fuchs Analysis of Transient-Execution Attacks on the out-of-order CHERI-RISC-V Microprocessor Toooba
Rokicki GhostBusters: mitigating spectre attacks on a DBT-based processor
US20260072693A1 (en) Speculation barrier
TW202611707A (zh) 推測屏障
Koruyeh Architectural Support for Securing Systems Against Micro-Architectural Attacks
Singh Domain Specific Architectural Support to improve Security, Persistence, and Performance in General-Purpose Microprocessors
Guanhua Defense against Micro-Architecture Level Transient Execution Based Attacks via Program Analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant