CN113810171A - Execution port time channel safety protection system and method based on conflict detection - Google Patents

Execution port time channel safety protection system and method based on conflict detection Download PDF

Info

Publication number
CN113810171A
CN113810171A CN202111088243.1A CN202111088243A CN113810171A CN 113810171 A CN113810171 A CN 113810171A CN 202111088243 A CN202111088243 A CN 202111088243A CN 113810171 A CN113810171 A CN 113810171A
Authority
CN
China
Prior art keywords
port
policy
micro
algorithm
conflict
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111088243.1A
Other languages
Chinese (zh)
Other versions
CN113810171B (en
Inventor
岳晓萌
杨秋松
李明树
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Advanced Research Institute of CAS
Original Assignee
Shanghai Advanced Research Institute of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Advanced Research Institute of CAS filed Critical Shanghai Advanced Research Institute of CAS
Priority to CN202111088243.1A priority Critical patent/CN113810171B/en
Publication of CN113810171A publication Critical patent/CN113810171A/en
Application granted granted Critical
Publication of CN113810171B publication Critical patent/CN113810171B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/005Countermeasures against attacks on cryptographic mechanisms for timing attacks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Abstract

The invention provides a system for executing port time channel safety protection based on conflict detection, which comprises a port conflict matrix and a strategy modifier; when the scheduler schedules ready micro-operations, port conflicts are identified and recorded in a port conflict matrix, port conflicts caused by double threads are judged according to the records, and port conflict vectors are correspondingly sent; the strategy modifier outputs a strategy type, a priority vector and a strategy enabling signal; when the distribution module receives a port division strategy and a strategy port enabling vector, a port division algorithm is changed; and when the scheduler receives the port time-sharing strategy, the strategy port enabling vector and the priority vector, the algorithm based on the priority vector is changed. The invention also provides a corresponding safety protection method. The system and the method effectively prevent the attack of constructing the time channel by continuously using the conflict instruction of the execution port under the SMT environment.

Description

Execution port time channel safety protection system and method based on conflict detection
Technical Field
The invention belongs to the technical field of system safety, and relates to a system and a method for executing port time channel safety protection based on conflict detection.
Background
In a superscalar processor microarchitecture design, macroinstructions described in an instruction set architecture undergo an instruction fetch and decode process to form corresponding microoperations. Before the micro-operation executes the instruction, the binding of the corresponding execution port is completed through the instruction analysis. Under the condition of closing Simultaneous Multi-Threading (SMT), only one thread is arranged in a processor pipeline, and the micro-operation of finishing port binding by utilizing an allocation module enters an execution unit through a corresponding port; in the case of starting SMT technology, during the interaction between the processor decoding system and the out-of-order execution system, only the micro-operation from the same thread can enter the scheduler at the same time because the micro-architecture design of the renaming and allocating module restricts that the micro-operation from the same thread can be processed at the same time. In order to schedule and distribute micro-operations more quickly in the micro-architectural design of the scheduler, which does not care about the thread information of the micro-operations, only consider whether they are ready (ready means that a certain micro-operation has fulfilled the conditions for being selected and transmitted to the execution port), if there are micro-operations that are ready at the same time, the older priority is transmitted, and therefore, the scheduler can transmit the micro-operations of two threads at different execution ports at the same time.
If the micro-operations of the two threads in the scheduler point to the same port, the micro-operations of the two threads can naturally carry different age information due to the precedence relationship during allocation. There are two key data structures in the scheduler, one is a dependency matrix (i.e., ready matrix) and the other is an age matrix, the ready matrix and the age matrix being used to maintain the state and relationships of the various micro-operations in the scheduler. Although the micro-operations of the two threads are in the ready state, depending on the precedence relationship of the age matrix, the scheduler selection module of the scheduler firstly selects the micro-operation of the thread with the older transmitting age to enter the corresponding port, so that the micro-operation of the other thread which cannot be transmitted to the same port is ready but delayed due to the younger micro-operation, and at this time, the port conflict among the threads occurs.
As shown in fig. 1, the multi-port scheduling micro-architecture in the SMT environment mainly includes an Allocation Module (Allocation Module)10, and a Dependency Matrix (Scheduler Dependency Matrix)21, an Age Matrix (Scheduler Age Matrix)22, and a Scheduler Selection Module (Scheduler Selection Module)23 located inside a Scheduler 20.
The allocation module 10 is mainly responsible for performing out-of-order allocation of execution resources on renamed micro-operations, and mainly includes functions of allocation of execution ports, allocation of reordering queues, allocation of schedulers, allocation of memory sorting buffers and the like; the dependency matrix 21 of the scheduler is mainly responsible for solving the observation and transmission of the dependent state of the micro-operations corresponding to each data item in the scheduler and the micro-operations in execution, the micro-operations after the dependency solution are considered as ready, and the ready micro-operations form a ready vector; the age matrix 22 of the scheduler is mainly responsible for carrying out age state statistics and sorting on the micro-operations corresponding to each data item in the scheduler 20, and ensuring that the aged micro-operations are preferentially selected; the scheduler selection module 23 is primarily responsible for port 30 and execution unit 40 selection of uops to be selected with age information and ready information, which can be transmitted.
Current research aimed at implementing port time channel protection is mainly by adding noise during the time channel transfer phase or by directly turning off SMT techniques. The former adds noise to all time information related to the process to achieve the purpose of reducing the time sequence channel bandwidth for protection, and can add noise to a return value executed by an instruction by modifying an RDTSC or RDTSCP instruction to achieve the purpose of reducing the time information acquisition precision of an attacker, but the mode can also directly influence the functional accuracy of the corresponding modified instruction and influence the use of a normal program; the latter is a simpler way to prevent such problems by disabling the SMT in a software or hardware manner, which can completely solve the problem of time-side channel generated by dual-thread sharing of the execution port, but this way loses the gains brought by the SMT technology itself, resulting in corresponding performance loss, and other protection means solve the problem by shutting down or dynamically shutting down the SMT technology, and there is no method for protecting the execution port time-channel problem in a micro-architecture manner.
Disclosure of Invention
The invention aims to provide a system and a method for performing port time channel security protection based on conflict detection, which are used for effectively preventing the attack of constructing a time channel by continuously using a conflict instruction of an execution port in an SMT (surface mount technology) environment.
In order to achieve the above object, the present invention provides a system for performing port time channel security protection based on conflict detection, which is based on a multi-port scheduling micro-architecture in an SMT environment, wherein the multi-port scheduling micro-architecture comprises an allocation module, a scheduler, and out-of-order execution resources; the allocation module is configured to execute a port binding algorithm to bind each micro-operation corresponding to an instruction to one of the ports in the out-of-order execution resources; a scheduler selection module of the scheduler is configured to execute a scheduling selection algorithm to select ready micro-operations for each port to be transmitted to the port; the enforcement port time channel security protection system comprises a port conflict matrix and a policy modifier inside a scheduler; the scheduler is also configured to identify occurrence and release of port conflicts and record the port conflicts in a port conflict matrix when the ready micro-operation is scheduled, and then judge port conflicts caused by double threads according to the record of the port conflict matrix and correspondingly send port conflict vectors of corresponding ports; the policy modifier is arranged to output a policy type, a priority vector and a policy enable signal; the strategy type comprises a port division strategy and a port time sharing strategy; the policy enabling signal is generated according to whether a port collision vector of a corresponding port is received; the strategy type comprises a port division strategy and a port time sharing strategy; the allocation module is set to change a fairness algorithm adopted by micro-operation executed by multiple ports into a port segmentation algorithm on the basis of a port binding algorithm when receiving the strategy type and the strategy port enabling vector of the port segmentation strategy sent by the strategy modifier; the scheduler is arranged to change the original selection algorithm to an algorithm for priority selection based on the priority vector upon receipt of the policy type, the policy port enable vector and the priority vector of the port timesharing policy.
Preferably, the port collision matrix is composed of a two-dimensional array corresponding to two threads independent of each other, each row of the two-dimensional array is a two-bit saturation counter corresponding to one of the ports, and each bit of the saturation counter represents one of the threads of a single port.
Preferably, the initial value of the saturation counter is 0; when a thread is the same as another thread because the bound port of the thread and causes delayed emission of micro-operations of the thread, adding 1 to the count value of the bit corresponding to the thread in the saturation counter corresponding to the port in the port collision matrix; when a port receives micro-operations transmitted by the same thread for two times continuously and no port conflict occurs, the count value of the bit corresponding to the thread in the saturated counter corresponding to the row of the port in the port conflict matrix is reduced by 1.
Preferably, when the values of 2 bits of the saturation counter in the port collision matrix are all 1, it is determined that the port corresponding to the saturation counter has a port collision caused by the dual threads, and the port collision vector of the corresponding port is correspondingly sent.
Preferably, the port collision vector of the corresponding port is a one-hot code form of an index value of the corresponding port.
Preferably, the fairness algorithm adopted by default by the micro-operation executed by the multiple ports adopts a Round-Robin principle-based loop selection algorithm; the port partitioning algorithm means that a plurality of port resources are equally distributed to two threads for use.
The priority vector is synchronously generated after the occurrence of the port conflict of a certain port is judged for the first time after bit values of saturation counters corresponding to the port are all 0; after it is determined that the port conflict occurs for the first time, the priority of the thread corresponding to the bit whose count value of the saturation counter is 1 is higher than the priority of the other thread.
Preferably, the original selection algorithm defaults to the Ping-Pong principle; in the algorithm for selecting the priority based on the priority vector, the priority is selected based on the priority, and the selection is performed according to the selection algorithm of the age matrix under the condition that the priorities are the same, wherein the age matrix is positioned in the scheduler.
Preferably, the policy modifier is further arranged to receive a refresh signal from the commit unit, upon a commit unit refresh the policy modifier resets restoring the algorithms of the allocation module and the scheduler to the original fairness algorithm and the selection algorithm.
In another aspect, the present invention provides a method for performing port time channel security protection based on collision detection, which is performed when a multi-port scheduling micro-architecture in an SMT environment is performed, and includes:
step S1: port conflict recognition;
the step S1 includes:
step S11: when the scheduler schedules ready micro-operations, the occurrence and the release of port conflicts are identified and recorded in a port conflict matrix, and then port conflicts caused by double threads are judged according to the records of the port conflict matrix and corresponding port conflict vectors of the corresponding ports are correspondingly sent;
step S12: outputting, with the policy modifier, a policy type, a policy enable signal, and a priority vector corresponding to the port to the assignment module and the scheduler; the strategy type comprises a port division strategy and a port time sharing strategy; the policy enabling signal is generated according to whether a port collision vector of a corresponding port is received;
step S2: when the distribution module receives the strategy type and the strategy enabling signal of the port segmentation strategy, a fairness algorithm adopted by micro-operation executed by multiple ports is changed into a port segmentation algorithm on the basis of a port binding algorithm;
step S3: when the scheduler receives the policy type, the policy port enable vector and the priority vector of the port time sharing policy, the original selection algorithm is changed to an algorithm for priority selection based on the priority vector.
The invention relates to a system for executing port time channel safety protection based on collision detection, which comprises 2 submodules, namely a port collision matrix and a strategy modifier. In the whole protection design, a port conflict vector is formed through continuous detection of port conflicts; and then, the algorithm strategy of the allocation unit and the scheduler selection algorithm is modified through the strategy modifier, so that a time channel generated by the conflict of the execution ports is eliminated, and the time channel attack by using the dual-thread shared execution port in the SMT environment is further prevented.
The execution port time channel safety protection method based on the conflict detection is designed and the micro-architecture component is realized aiming at the execution port time channel attack in the SMT environment for the first time. The SMT technology is applied to the security protection of the execution port time channel in the SMT environment based on the mode of dividing the data structure and performing time-sharing processing by the SMT technology, the protection effect is achieved by improving the data structure sharing strategy and algorithm, the purpose of security protection can be achieved while reasonably utilizing the shared data structure by the SMT technology, and the SMT technology has a good protection effect on the attack mode of continuously generating the execution port time channel by utilizing continuous port conflict instructions.
Drawings
FIG. 1 is a block diagram of a prior art multi-port dispatch microarchitecture.
FIG. 2 is a microarchitectural diagram of a collision detection based enforcement port time channel security protection system of the present invention.
Fig. 3A and 3B are comparison diagrams of a standard multi-port scheduling algorithm and an algorithm of adding protection design, wherein fig. 3A shows the standard multi-port scheduling algorithm, and fig. 3B shows the combination of the standard multi-port scheduling algorithm and the method for performing port time channel security protection based on collision detection according to the present invention.
Detailed Description
An embodiment of the present invention will be described below in conjunction with the accompanying drawings, and the aspects of the present invention will be explained and explained in further detail.
FIG. 2 is a microarchitectural diagram of a collision detection based enforcement port time channel security protection system of the present invention. As shown in FIG. 2, the execution port time channel security protection system based on conflict detection of the present invention is based on the multi-port scheduling micro-architecture of the existing processor and adds a protection design. As shown in fig. 1, the multi-port scheduling micro-architecture in the SMT environment of the conventional processor includes an allocation module 10, a scheduler 20, a dependency matrix 21, an age matrix 22, and a scheduler selection module 23 provided inside the scheduler 20, and out-of-order execution resources. The out-of-order execution resources include a port 30 (i.e., an execution port) sequentially connected to the scheduler 20, an execution unit 40, a commit unit 60, and a storage unit 50 connected to the commit unit 60.
The allocation module 10 is configured to execute a port binding algorithm, and is mainly responsible for performing out-of-order allocation of execution resources on the micro-operations obtained by decoding the instruction, and mainly includes functions such as allocation of execution ports, allocation of a reorder queue, allocation of a scheduler, allocation of a memory sorting buffer, and the like, so as to bind each micro-operation with one of the ports 30 in the out-of-order execution resources (i.e., to which port 30 the micro-operation is transmitted). Micro-operations are decoded from instructions and require operations or processing in out-of-order execution resources. The dependency matrix 21 of the scheduler is mainly responsible for solving the observation and transmission of the dependent state of the micro-operations corresponding to each data item in the scheduler and the micro-operations in execution, the micro-operations after the dependency solution are considered as ready, and the ready micro-operations form a ready vector; the age matrix 22 of the scheduler is mainly responsible for carrying out age state statistics and sorting on the micro-operations corresponding to each data item in the scheduler 20, and ensuring that the aged micro-operations are preferentially selected; scheduler selection module 23 is configured to execute a schedule selection algorithm to select ready uops having ready information (from dependency matrix 21) and age information (from age matrix 22) to be issued to port 30 and execution unit 40 (i.e., to preferentially issue which uops to port 30).
The execution port time channel safety protection system based on conflict detection realizes the execution port time channel safety protection by adding two scheduler sub-modules, namely a port conflict matrix 24 and a strategy modifier 25 in a scheduler 20 and modifying an allocation module 10 and the scheduler 20 by utilizing the strategy modifier 25 on the basis of the existing multi-port scheduling micro-architecture.
Port collision matrix 24
The port collision matrix 24 is arranged to record the occurrence and release of port collisions. Accordingly, the scheduler 20 is configured to recognize occurrence and release of a port conflict and record the port conflict in the port conflict matrix 24 when scheduling ready micro-operations, then determine a port conflict caused by a dual thread of the SMT technique according to the record of the port conflict matrix 24, and transmit a port conflict vector of a corresponding port when determining a port conflict caused by a dual thread. Wherein the scheduler 20 recognizes the occurrence and release of the port conflict according to the states of the micro-operations of the two threads bound to each port and the selection result by the scheduler selection module 23.
The port collision matrix 24 is composed of a two-dimensional array corresponding to two independent threads, each row in the two-dimensional array represents one of the ports 30, two rows represent two bits of a two-bit saturation counter, respectively, the two rows in the same row can be regarded as a whole of the saturation counter, and each bit of the two-bit saturation counter corresponds to one of the threads. For example, if there are 6 ports, P0 to P5, each port corresponds to a two-bit (2-bit) saturating counter (i.e., a universal bimodel counter), each bit of which (i.e., one column of the port collision matrix) represents one of the threads of a single port. The initial value of the saturation counter is 0. When a thread is the same as another thread because the bound port of the thread is the same and causes delayed emission of the micro-operation of the thread (i.e. the micro-operation of a thread is ready but the scheduler selection module 23 selects the micro-operation of another thread for emission because of the age of the micro-operation), the count value of the bit corresponding to the thread in the saturation counter of the row corresponding to the port in the port conflict matrix 24 is increased by 1 to record the occurrence of the port conflict; when a port receives the micro-operations transmitted by the same thread twice consecutively and no port conflict occurs, the count value of the bit corresponding to the thread in the saturated counter in the row corresponding to the port in the port conflict matrix 24 is decremented by 1 to record the release of the port conflict, and the count values of the two bits of the saturated counter in the row corresponding to the port are finally decremented by 1 alternately due to the thread balance. The method is a general method of hardware design, and a 2-bit saturation counter has obvious advantages over a 1-bit saturation counter, namely, the saturation counter is not 0 or 1, namely, the tendency is more definite, so that the accidental phenomenon is avoided.
Because of the fairness design of the SMT technology, a port conflict occurring on a port 30 may cause delayed emission to occur alternately in 2 threads bound to the port 30 (i.e., a first conflict may cause delayed emission to occur in a1 st thread bound to a certain port, and a second conflict may cause delayed emission to occur in a2 nd thread bound to the same port).
Therefore, when the values of the 2 bits (corresponding to 2 threads) of the saturation counter corresponding to a certain port are all 1, it is determined that the port 30 has a port collision caused by two threads, and the port collision vector of the corresponding port 30 is transmitted. In the event of a port collision, the index value of the corresponding port 30 (i.e., specifically the port number) is sent to the policy modifier 25 as a port collision vector in the form of a one-hot code. The length of the collision vector is equal to the number of ports 30. That is, in the present embodiment, when the number of ports 30 is 6, the length of the collision vector is also 6 bits. In other embodiments, the collision vector may be replaced with other forms.
Among them, the scheduler 20 determines the occurrence of an output port collision and records it in the port collision matrix 24 by using the port collision delayed transmission determination algorithm (algorithm 1), and determines the release of a port collision and records it in the port collision matrix 24 by using the port collision cancellation algorithm (algorithm 2).
Algorithm 1: port collision delay transmission decision algorithm
A port conflict deferred transmission decision algorithm is executed by the scheduler 20 for deciding the occurrence of an port conflict (i.e. the situation where a thread delays transmission of its micro-operations due to its bound port being the same as another thread), and the value of the port conflict matrix 24 is modified according to the decision result.
The port collision delay emission judgment algorithm comprises the following specific steps:
step A1: judging whether ready micro-operations of two threads exist for each port and are bound with the same port 30;
step A2: 1) when there are ready micro-operations of two threads bound to the same port 30, if it is selected to issue a ready micro-operation bound to one of the threads to said port 30, then the count value of the single bit corresponding to the other thread in the saturation counter corresponding to said port 30 in the port collision matrix 24 is increased by 1 (i.e. the collision flag of the other thread is set to 1);
that is, or, when ready micro-operations of two threads are bound to the same port 30, if the ready operation of thread 0 is selected, the conflict flag of thread 1 is set to 1, whereas if the ready operation of thread 1 is selected, the conflict flag of thread 0 is set to 1;
2) otherwise, it is stated that when ready micro-operations of the two threads are bound to different ports 30, no operation is performed on the port collision matrix 24, and the two threads select the respective originally corresponding ports 30 to transmit. Thus, the port conflict cancellation algorithm (Algorithm 2) may then continue to be executed to further determine whether the value of the conflict flag needs to be reduced.
Pseudo code corresponding to the port collision delay transmission decision algorithm is given as an example below.
The input parameters include: allocation of branch instruction address AxBranch refresh address FxX ═ {0,1}, ready thread port TxiSelecting a thread port SxiX is {0,1}, and execution port P is { P0,p1,p2,…,pn-1Where, i is {0, n-1}, and C is the clock period; i denotes the index of the port, x denotes the ordinal number of the thread, and n denotes the total number of ports. Ready thread port TxiThe index of the target port assigned to the ready micro-operation referring to the x-th thread is i, i.e. according toThe index of an execution port to be bound by a thread with a ready state in an original port binding algorithm is i, and ready refers to one state of a scheduler. An execution port is a physical device that actually exists. Selecting thread SxiIt means that the index of the port 30 to which the micro-operation of the x-th thread is bound is i. i is mainly generation tiling for hardware to simplify the same type of code.
The output parameters include: conf counteri[1:0]. When ready micro-operations of two threads are bound to the same port 30, the saturation counter corresponding to the port 30 is the conflict saturation counter Confi[1:0]Saturation counter Confi[1:0]Are Conf for each of the two bitsi[1-x]、Confi[x]。
ConflictCounterSet(Txi,Sxi,P,C,Confi[1:0])
At clock cycle C:
Figure BDA0003266567450000091
and 2, algorithm: port conflict cancellation algorithm
The port collision cancellation algorithm is executed by the scheduler 20 to determine the cancellation of the port collision (in the case where a port receives a transmitted micro-operation twice in succession and no port collision occurs), and modify the value of the port collision matrix 24 according to the determination result.
The port conflict cancellation algorithm comprises the following specific steps:
step B1: for each port, judging whether two threads bound by the port have the micro-operation of the simultaneously ready port 30 in the current clock cycle, and determining that the single thread where the selected micro-operation is located is a preselected thread when the judgment result is that the micro-operation does not exist; otherwise, determining that the preselected thread does not exist;
wherein the conflict release flags of both threads of each port 30 are initialized to 0 before step B1 is executed. In step B1, for a port 30, if two threads do not have the micro-operation ready for the port 30 at the same time, which means that only one of the threads has the micro-operation ready for the port available for transmission, the conflict release flag of the single thread in which the selected ready micro-operation is located is set to 1, so as to determine it as the pre-selected thread; otherwise, it indicates that the two threads have the micro-operation of the ready port 30 at the same time, the conflict release flags of the two threads are both set to 0, which indicates that the preselected thread does not exist;
that is, if thread 0 and thread 1 are not ready for the micro-operation of the port 30 at the same time and thread 0 is selected, the conflict release flag of thread 0 is set to 1, and likewise, thread 0 and thread 1 are not ready for the micro-operation of the port at the same time and thread 1 is selected, the conflict release flag of thread 1 is set to 1, otherwise, for a certain port, if thread 0 and thread 1 are ready for the micro-operation of the port at the same time, the conflict release flags of thread 0 and thread 1 are both set to 0;
step B2: judging whether two threads bound by the port have the micro-operation of the port 30 ready at the same time in the next clock cycle, determining the single thread where the micro-operation selected twice is located when the judgment result is that the micro-operation does not exist, then comparing the single thread with the preselected thread to determine whether the single thread is the same, and if the single thread is the same, setting the bit of the saturation counter corresponding to the preselected thread to be 0; otherwise, the values of the saturation counters corresponding to the ports are kept unchanged;
for the port 30, if the two threads do not have the micro-operation ready for the port 30 at the same time, and the setting of the conflict release flag of the single thread in which the ready micro-operation selected twice is located is already 1 (that is, the single thread in which the ready micro-operation selected twice is located and the preselected thread are the same thread), the bit of the saturation counter corresponding to the preselected thread is set to be 0, otherwise, the values of the saturation counters corresponding to the ports are all kept unchanged.
That is, if thread 0 and thread 1 have no micro-operation of the port ready at the same time, and thread 0 is selected and the conflict release flag of thread 0 is 1, the bit of the saturation counter corresponding to thread 0 is set to 0, similarly, if thread 0 and thread 1 have no micro-operation of the port ready at the same time, and thread 1 is selected and the conflict release flag of thread 1 is 1 for a certain port, the saturation counter flag corresponding to thread 1 is set to 0, otherwise, for a certain port, the saturation counter is not changed if thread 0 and thread 1 are ready at the same time for the micro-operation of the port.
Pseudo code corresponding to the port collision cancellation algorithm is given below as an example.
The input parameters include: ready thread port TxiSelecting a thread port SxiX is {0,1}, and execution port P is { P0,p1,p2,…,pn-1I ═ 0, n, clock period C;
the intermediate variables include: conflict release Flagi[x](ii) a Conflict release Flagi[x]For marking out a preselected thread, that is, for thread x, if it is a preselected thread, its conflict release Flagi[x]Is 1, otherwise, its conflict release Flag is Flagi[x]Is 0.
The output parameters include: conf counteri[1:0]。
ConflictCounterReset(Txi,Sxi,P,C,Confi[1:0])
Clock cycle C performs:
Figure BDA0003266567450000111
clock cycle C +1 performs:
Figure BDA0003266567450000112
policy (II) modifier 25
The policy modifier 25 is arranged to output the appropriate policy type, priority vector and policy enable signal to generate protection logic for the multi-port scheduling algorithm of the SMT technique and to complete the application of the new protection algorithm thereafter. There are two types of policies generated by the policy modifier 25, including a port splitting policy and a port timesharing policy. The port partitioning policy is specifically a policy adjustment for a port binding algorithm executed by the allocation module 10, and is used to bind resources of more than 1 port 30; the port timesharing policy is used for policy adjustment of the scheduling selection algorithm executed by scheduler 20. In order to ensure fairness between two threads, when a certain executed micro-operation has a plurality of port resources available for port allocation (i.e. when the allocation module 10 executes), the fairness algorithm adopted by the micro-operation executed by multiple ports by default adopts a Round-Robin algorithm based on Round-Robin principle; when only one port resource is available for scheduler selection for an execution behavior (i.e., scheduler 20 executes), the original selection algorithm defaults to the Ping-Pong principle.
The policy modifier 25 is arranged to output to the allocation module 10 and the scheduler 20 the policy type (including the port splitting policy and the port timesharing policy), the policy enable signal, and the priority vector corresponding to the port.
Wherein the policy enabling signal is generated according to whether a port collision vector of the corresponding port is received. Specifically, when a port collision vector of a corresponding port is not received, a low-level policy enable signal corresponding to the port is sent, that is, the policy enable signal is 0; and when the port collision vector of the corresponding port is received, sending a high-level strategy enabling signal, namely the strategy enabling signal is 1.
Whether a policy type is a port split policy or a port timesharing policy or a combination of both depends on which ports the type of micro-operation employing the policy type can be allocated for execution.
For example: 1) case applicable to port split policy: if a certain type of micro-operation can be executed on 2 ports, the two threads are physically used separately, that is, a port partition strategy is adopted, and the micro-operation of the type in each thread is bound with one port.
2) Applicable to the case of port timesharing policy: if a certain type of micro-operation can only be executed on 1 port, the two threads are used separately in time, that is, the micro-operation of the type in the two threads is executed on the same port by adopting a port time sharing strategy.
3) The method is simultaneously suitable for the conditions of a port segmentation strategy and a port time-sharing strategy: if a certain type of micro-operation can be executed on 3 ports, in the 3 ports, two threads physically adopt a port partition strategy first so that a part of micro-operations of each thread are respectively bound with one of the ports, and the rest of the ports adopt a port time-sharing strategy.
The rest is analogized in turn. That is, if a certain type of micro-operation can only be executed on 1 port, the policy type corresponding to the micro-operation is a port time sharing policy; if a certain type of micro-operation can be executed on an even number of ports, the strategy type corresponding to the micro-operation is a port segmentation strategy; if a certain type of micro-operation can be executed on an odd number of ports greater than 1, the policy type is a port time-sharing policy and a port partitioning policy corresponding to the micro-operation.
The priority vector is generated synchronously after the occurrence of the port conflict of a certain port is judged for the first time after the bit values of the saturation counters corresponding to the ports are all 0. After the occurrence of the port conflict is judged for the first time, the priority of the thread corresponding to the bit with the count value of 1 of the saturation counter is higher than that of the other thread.
After the occurrence of a port conflict is first determined, exemplary code is as follows:
if Confi[0]=1&&Confi[1]=0
then prior0>prior1
else if Confi[0]=0&&Confi[1]=1
then prior1>prior0
else prior0=prior1
thus, the policy type, policy enable signal, and opcode of the micro-operation associated with the priority vector are provided to both the dispatch module 10 and the selection logic 21 of the scheduler 20, the opcode identifying the micro-operation to which the branch instruction of the dispatch module 10 corresponds.
In addition, the policy modifier 25 is further configured to receive a refresh signal from the commit unit 60, and when an interrupt, an event, an exception, or a single thread event such as a SMT down thread wake-up, a thread sleep, a thread switch, or a double thread event occurs (i.e., at the time of the commit unit 60 refresh), the policy modifier 25 resets to restore the algorithms of the allocation module 10 and the scheduler 20 to the original two-thread shared multiport scheduling algorithm (i.e., the original fairness algorithm and the selection algorithm).
(III) modification of the Allocation Module 10 by the policy modifier 25
The allocation module 10 is configured to change a round-robin selection algorithm or other fairness algorithm adopted by the micro-operation executed by the multiple ports into a port splitting algorithm based on the existing port binding algorithm when receiving the policy type and the policy enable signal of the port splitting policy sent by the policy modifier 25. The port partitioning algorithm means that a plurality of port resources are equally distributed to two threads for use. For example, add, mov reg, etc. are all micro-operations that require multi-port execution. Thereby enabling the partitioning of the designated ports.
In this embodiment, the multi-port execution unit INT ALU and the single-port execution unit INT MUL of the Intel Skylake micro-architecture are taken as examples. Assuming that the ports 30 include a zeroth port p0, a first port p1, a second port p2, a third port p3, a fourth port p4, a fifth port p5 and a sixth port p6, and the ports capable of being allocated by a certain micro-operation type are the zeroth port p0, the first port p1, the fifth port p5 or the sixth port p6, the specific steps of the port splitting algorithm are as follows:
step S21: when a micro-architecture (such as an Intel Skylake micro-architecture) utilizes the allocation module 10 to bind micro-operations of two threads with the zeroth port p0, the first port p1, the fifth port p5 or the sixth port p6, if the allocated port targets of the two threads are the same and the port target is the zeroth port p0, the first port p1, the fifth port p5 or the sixth port p6, the micro-operation of one of the threads is selected to bind the zeroth port p0 or the first port p1, and the micro-operation of the other thread is selected to bind the fifth port p5 or the sixth port p 6;
step S22: when the port targets allocated by the current two threads are different, the allocated ports are not changed, that is, the two threads bind the allocated port targets respectively.
The corresponding pseudo code is given below by way of example.
The input parameters include: ready thread port TxiPriority of threadxX is {0,1}, x is the thread number, and the execution port P is { P ═ P0,p1,p2,…,pn-1I is {0, n }, i is the index of port 30, n is the number of execution ports;
the output parameters include: selecting thread Sxi,x={0,1}。
AllocationResourceModify(Txi,Priorx,P,Sxi)
generate for(i∈{0,1,5,6});
if(Txi==pi&&T(1-x)i==pi)
Sxi=pm(m∈{0,1});
S(1-x)i=pn(n∈{5,6});
else
Sxi=pi
S(1-x)i=P\pi
end if
end for
It should be noted that the method of the present invention is a general method, and here, only the Intel Skylake micro-architecture is taken as an example.
(IV) modification of scheduler 20 by policy modifier 25
The scheduler 20 is arranged to change the original selection algorithm, e.g. the selection algorithm according to the age matrix, to the priority selection algorithm based on the priority vector upon receipt of the policy type of the port timesharing policy, the policy enable signal and the priority vector.
In the algorithm for selecting the priority based on the priority vector, the micro-operation is preferentially selected with high priority based on the priority, and the micro-operation is selected according to the selection algorithm of the age matrix under the condition of the same priority. Thus, even if the high priority thread micro-operation is younger in age as recorded in the age matrix than the other threads, it is preferentially selected.
The algorithm for selecting the priority based on the priority vector specifically comprises the following steps:
step S31: when a micro-architecture (such as an Intel Skylake micro-architecture) utilizes a scheduler 20 to allocate each to-be-executed micro-operation of each port 30, if the port targets allocated by two threads are the same, the priorities of the two threads are compared, and the corresponding port 30 is allocated with a high priority;
step S32: the port targets assigned by the two threads are not the same, and the two threads each assign their ports 30.
The corresponding pseudo code is given below by way of example.
The input parameters include: ready thread port TxiPriority of threadxX is {0,1}, and execution port P is { P0,p1,p2,…,pn-1},i={0,n};
The output parameters include: selecting thread Sxi,x={0,1}.
SelectionResourceModify(Txi,Priorx,P,Sxi)
if(Txi==p1&&T(1-x)i==p1&&Priorx>Prior1-x)
Sxi=p1
else if(Txi==p1&&T(1-x)i==p1&&Priorx<Prior1-x)
S(1-x)i=p1
else
Sxi=pi
S(1-x)i=P\pi
end if
3A-3B, the execution port time channel based on collision detection safety protection method implemented based on the execution port time channel based on collision detection safety protection system described above, which is executed when executing multi-port scheduling micro-architecture in SMT environment, includes the following steps:
step S1: and identifying port conflict.
The step S1 includes:
step S11: when the scheduler 20 schedules ready micro-operations, it recognizes the occurrence and release of port conflicts and records them in the port conflict matrix 24, then determines port conflicts caused by dual threads of the SMT technology according to the records of the port conflict matrix 24, and sends port conflict vectors for the corresponding ports 30 when determining port conflicts caused by dual threads.
Among them, the scheduler 20 determines the occurrence and release of the port collision and records it in the port collision matrix 24 by executing the port collision delayed transmission determination algorithm (algorithm 1) and the port collision cancellation algorithm (algorithm 2) in order.
Step S12: outputting, by the policy modifier 25, to the assignment module 10 and the scheduler 20, a policy type, a policy enable signal, and a priority vector corresponding to the port 30;
there are two types of policies generated by the policy modifier 25, including a port splitting policy and a port timesharing policy. The policy enable signal is generated based on whether a port collision vector is received for the corresponding port 30.
Step S2: and adjusting a port binding algorithm. That is, when the allocation module 10 receives the policy type and the policy enable signal of the port splitting policy, the loop selection algorithm or other fairness algorithm adopted by the micro-operation executed by the multiple ports is changed into the port splitting algorithm based on the port binding algorithm.
Step S3: and adjusting a scheduling selection algorithm. That is, when the scheduler 20 receives the policy type of the port time sharing policy, the policy enable signal, and the priority vector, it changes the original selection algorithm (e.g., the selection algorithm according to the age matrix) to the algorithm for performing priority selection based on the priority vector. In the algorithm for selecting the priority based on the priority vector, high priority selection is performed based on the priority, and the selection is performed according to the selection algorithm of the age matrix under the condition that the priorities are the same. Thus, even if the high priority thread micro-operation is younger in age as recorded in the age matrix than the other threads, it is preferentially selected.
As shown in FIG. 3A, the multi-port scheduled microarchitecture in an SMT environment includes:
step S1': reading micro-operations of the two threads by using a polling algorithm;
step S2': binding the micro-operation corresponding to the instruction with the port 30 by using the distribution module 10; wherein the step S2 is performed simultaneously with the step S2 'for improving the step S2'.
Step S3': generating ready micro-operations bound to each port 30 using a dependency matrix in the selection logic 21 of the scheduler selection module 20; the plurality of ready micro-operations bound to port 30 constitute a ready vector;
step S4': selecting, among the plurality of ready micro-operations bound to each port 30, the respective pending micro-operation for each port 30 using an age matrix in the selection logic 21 of the scheduler selection module 20; the micro-operations that each port 30 selected will perform constitute a selection vector. Wherein the step S3 is performed while the step S4 'is performed, for improving the step S4'.
Further, the step S1 is performed according to the scheduling result of the step S4' to determine whether there is a port conflict of the dual threads.
The experiment of the invention verifies that:
gem5 is used to simulate a high-performance multi-execution-port superscalar processor as an evaluation platform of protection effectiveness and performance overhead of the protection method, and configuration parameters of the superscalar processor are shown in Table 1. The protection mode for the targets is the most effective protection strategy for the time channel attack of the execution port double-thread sharing under the SMT environment at present, namely, the SMT technology is closed (including the dynamic SMT technology).
For protection effectiveness evaluation, POC (POC Of code) codes in PortSmosh attack are selected as experimental targets, and the protection effects Of the proposed protection design on the two attack modes are analyzed.
For performance evaluation, a SPEC CPU 2006 test set is selected as a reference of the performance evaluation, and the influence of a protection method on the performance is mainly evaluated and compared with the performance influence generated by closing an SMT technology. The performance evaluation adopts a SPEC CPU 2006 test set with 19 test programs including an integer and a floating point, wherein the integer is 7, the floating point is 12, and other test programs run on a Gem5 simulator to cause problems.
TABLE 1 Gem5 simulator configuration parameters
Figure BDA0003266567450000181
The results of the protection effectiveness test are shown in table 2:
table 2 results of protection effectiveness experiments
Figure BDA0003266567450000182
Figure BDA0003266567450000191
From experimental results, after the protection design is added, due to the fact that the conflict port enables a split or time-sharing dynamic resource use strategy along with the increase of the magnitude of the conflict instruction, even if an attacker program conflicts with the instruction of a victim and the time delay and the conflict scale caused by the conflict are in an obvious linear relation, the time delay and the conflict scale caused by the use of the instruction type which does not conflict with the victim are in an obvious linear relation and tend to be consistent when the conflict exists. The experimental data show that obvious errors and interferences exist in the process of collecting time channels by measuring conflict time in a mode of continuously generating port conflict instructions to attack the time channels by an attacker, the type and frequency of the instructions used by a victim cannot be judged, the protection effect of forbidding or dynamically closing the SMT technology can be achieved, and further the leakage of instruction execution ports, instruction execution times and instruction type information of the victim is prevented.
The results of the performance comparison evaluation experiments are shown in table 3:
table 3 comparative evaluation of properties experimental results
Figure BDA0003266567450000201
By running a test program on Gem5, counting the execution cycle values of three scenes of closing the SMT technology, normally opening the SMT technology and using the protection method respectively, and then carrying out overall performance comparison of the SPEC CPU 2006 program, wherein the larger the execution cycle is, the worse the performance is, the smaller the cycle is, and the better the performance is.
Compared with the execution performance tested by using the SPEC CPU 2006 test set after the protection design in the SMT environment, the execution performance is averagely reduced by 2.3% compared with that of the SMT started without the protection design, the performance is most obviously reduced by 453, the reduction proportion is 13%, and the performance of the test program represented by 473 is not reduced after the protection design is added, and the performance is improved by 0.5%. The protection method has an overall controllable effect on performance, and has obvious performance advantages compared with the method of forbidding or dynamically closing the SMT technology.
The above embodiments are merely preferred embodiments of the present invention, which are not intended to limit the scope of the present invention, and various changes may be made in the above embodiments of the present invention. All simple and equivalent changes and modifications made according to the claims and the content of the specification of the present application fall within the scope of the claims of the present patent application. The invention has not been described in detail in order to practice the invention.

Claims (10)

1. An execution port time channel security protection system based on conflict detection is based on a multi-port scheduling micro-architecture in an SMT environment, wherein the multi-port scheduling micro-architecture comprises an allocation module (10), a scheduler (20) and out-of-order execution resources; the allocation module (10) being arranged to execute a port binding algorithm to bind each micro-operation corresponding to an instruction to one of the ports (30) in the out-of-order execution resources; a scheduler selection module (23) of the scheduler (20) is arranged to execute a schedule selection algorithm to select ready micro-operations for each port (30) to be transmitted to the port (30);
characterized in that said enforcement port time channel security protection system comprises a port collision matrix (24) and a policy modifier (25) internal to the scheduler (20); the scheduler (20) is also configured to identify occurrence and release of port conflicts and record the port conflicts in the port conflict matrix (24) when the ready micro-operations are scheduled, and then judge port conflicts caused by double threads according to the record of the port conflict matrix (24) and correspondingly send port conflict vectors of corresponding ports (30); the policy modifier (25) is arranged to output a policy type, a priority vector and a policy enable signal; the strategy type comprises a port division strategy and a port time sharing strategy; the policy enabling signal is generated according to whether a port collision vector of a corresponding port is received;
the allocation module (10) is configured to change a fairness algorithm adopted by micro-operations executed by multiple ports into a port segmentation algorithm on the basis of the port binding algorithm when the policy type and the policy port enabling vector of the port segmentation policy sent by the policy modifier (25) are received;
the scheduler (20) is arranged to change the original selection algorithm to an algorithm for priority selection based on a priority vector upon receipt of a policy type of a port timesharing policy, a policy port enable vector and a priority vector.
2. The system according to claim 1, wherein the port collision matrix (24) is comprised of a two-dimensional array corresponding to two threads independent of each other, each row of the two-dimensional array being a two-bit saturation counter corresponding to one of the ports, each bit of the saturation counter representing one of the threads of a single port.
3. The system according to claim 2, wherein the initial value of the saturation counter is 0; when a thread is the same as another thread because the port bound by the thread and causes delayed emission of micro-operations of the thread, adding 1 to the count value of the bit corresponding to the thread in the saturation counter corresponding to the port in the port collision matrix (24); when a port receives micro-operations transmitted by the same thread for two times continuously and no port conflict occurs, the count value of the bit corresponding to the thread in the saturation counter of the row corresponding to the port in the port conflict matrix (24) is reduced by 1.
4. The system according to claim 3, wherein when the values of 2 bits of the saturation counter in the port collision matrix (24) are all 1, it is determined that the port corresponding to the saturation counter has a port collision caused by two threads, and the port collision vector of the corresponding port (30) is correspondingly transmitted.
5. The system according to claim 4, wherein the port collision vector of the corresponding port (30) is a one-hot code form of the ordinal value of the corresponding port (30).
6. The system according to claim 3, wherein the priority vector is generated synchronously after the occurrence of the port collision of a port is determined for the first time after the bit value of the saturation counter corresponding to the port is 0; after it is determined that the port conflict occurs for the first time, the priority of the thread corresponding to the bit whose count value of the saturation counter is 1 is higher than the priority of the other thread.
7. The system according to claim 1, wherein the fairness algorithm default adopted by the multi-port execution micro-operation adopts a Round-Robin algorithm based on Round-Robin principle; the port partitioning algorithm means that a plurality of port resources are equally distributed to two threads for use.
8. The system of claim 1, wherein an original selection algorithm defaults to Ping-Pong principle; in the algorithm for priority selection based on the priority vector, high priority selection is performed based on priority, and selection is performed according to the selection algorithm of the age matrix under the condition that the priority is the same, wherein the age matrix is positioned in the scheduler (20).
9. An enforcement port time channel security protection system based on collision detection as claimed in claim 1, characterized in that the policy modifier (25) is further arranged to receive a refresh signal from the commit unit (60), upon a refresh of the commit unit (60), the policy modifier (25) resets, restoring the algorithms of the allocation module (10) and the scheduler (20) to the original fairness algorithm and selection algorithm.
10. An execution port time channel security protection method based on collision detection, which is based on the execution port time channel security protection system based on collision detection according to one of claims 1 to 9, and which is executed when executing a multi-port scheduling micro-architecture in an SMT environment, comprising:
step S1: port conflict recognition;
the step S1 includes:
step S11: when the scheduler (20) schedules ready micro-operations, the occurrence and the release of port conflicts are identified and recorded in a port conflict matrix (24), then the port conflicts caused by double threads are judged according to the record of the port conflict matrix (24), and the port conflict vectors of the corresponding ports (30) are correspondingly sent;
step S12: outputting, with a policy modifier (25), a policy type, a policy enable signal, and a priority vector corresponding to the port (30) to an allocation module (10) and a scheduler (20); the strategy type comprises a port division strategy and a port time sharing strategy; -said policy enabling signal the policy enabling signal is generated depending on whether a port collision vector for the corresponding port (30) is received;
step S2: when the distribution module (10) receives the strategy type and the strategy enabling signal of the port segmentation strategy, a fairness algorithm adopted by micro-operation executed by multiple ports is changed into a port segmentation algorithm on the basis of a port binding algorithm;
step S3: when the scheduler (20) receives the policy type of the port sharing policy, the policy port enable vector and the priority vector, it changes the original selection algorithm to the one for priority selection based on the priority vector.
CN202111088243.1A 2021-09-16 2021-09-16 Execution port time channel safety protection system and method based on conflict detection Active CN113810171B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111088243.1A CN113810171B (en) 2021-09-16 2021-09-16 Execution port time channel safety protection system and method based on conflict detection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111088243.1A CN113810171B (en) 2021-09-16 2021-09-16 Execution port time channel safety protection system and method based on conflict detection

Publications (2)

Publication Number Publication Date
CN113810171A true CN113810171A (en) 2021-12-17
CN113810171B CN113810171B (en) 2023-06-06

Family

ID=78941340

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111088243.1A Active CN113810171B (en) 2021-09-16 2021-09-16 Execution port time channel safety protection system and method based on conflict detection

Country Status (1)

Country Link
CN (1) CN113810171B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104838355A (en) * 2012-12-21 2015-08-12 英特尔公司 Mechanism to provide high performance and fairness in multi-threading computer system
US20180352557A1 (en) * 2017-06-02 2018-12-06 Cavium, Inc. Methods And Apparatus For A Unified Baseband Architecture
US20190163486A1 (en) * 2017-11-30 2019-05-30 International Business Machines Corporation Issue queue with dynamic shifting between ports
CN110187977A (en) * 2018-02-23 2019-08-30 英特尔公司 System and method for reducing register block conflict based on software prompt and hardware thread switching
CN111740924A (en) * 2020-07-29 2020-10-02 上海交通大学 Traffic shaping and routing planning scheduling method of time-sensitive network gating mechanism

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104838355A (en) * 2012-12-21 2015-08-12 英特尔公司 Mechanism to provide high performance and fairness in multi-threading computer system
US20180352557A1 (en) * 2017-06-02 2018-12-06 Cavium, Inc. Methods And Apparatus For A Unified Baseband Architecture
US20190163486A1 (en) * 2017-11-30 2019-05-30 International Business Machines Corporation Issue queue with dynamic shifting between ports
CN110187977A (en) * 2018-02-23 2019-08-30 英特尔公司 System and method for reducing register block conflict based on software prompt and hardware thread switching
CN111740924A (en) * 2020-07-29 2020-10-02 上海交通大学 Traffic shaping and routing planning scheduling method of time-sensitive network gating mechanism

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ALI E-M 等: "Front-End Policies for Improved Issue Ef-ficiency in SMT processors", THE 9TH INTERNATIONAL SYMPOSI-UM ON HIGH-PERFORMANCE COMPUTER ARCHITECTURE *
李静梅;关海洋;: "基于同时多线程的IFSBSMT取指策略研究", 计算机科学, no. 08 *
王晗;叶家炜;严明;: "TS检查器:SDN中的两步冲突检测整合机制", 计算机应用与软件, no. 06 *

Also Published As

Publication number Publication date
CN113810171B (en) 2023-06-06

Similar Documents

Publication Publication Date Title
Usui et al. DASH: Deadline-aware high-performance memory scheduler for heterogeneous systems with hardware accelerators
US6557095B1 (en) Scheduling operations using a dependency matrix
US7949855B1 (en) Scheduler in multi-threaded processor prioritizing instructions passing qualification rule
US6334182B2 (en) Scheduling operations using a dependency matrix
CN106104481B (en) System and method for performing deterministic and opportunistic multithreading
EP0813145B1 (en) Pipelined instruction dispatch unit in a superscalar processor
US8555284B2 (en) Method, a mechanism and a computer program product for executing several tasks in a multithreaded processor
CA2341098C (en) Method and apparatus for splitting packets in a multithreaded vliw processor
US9519479B2 (en) Techniques for increasing vector processing utilization and efficiency through vector lane predication prediction
Raasch et al. Applications of thread prioritization in SMT processors
Yu et al. Smguard: A flexible and fine-grained resource management framework for gpus
Zheng et al. Memory access scheduling schemes for systems with multi-core processors
US20060146864A1 (en) Flexible use of compute allocation in a multi-threaded compute engines
US20090031114A1 (en) Multithread processor
Usui et al. Squash: Simple qos-aware high-performance memory scheduler for heterogeneous systems with hardware accelerators
US6304953B1 (en) Computer processor with instruction-specific schedulers
CN113810171B (en) Execution port time channel safety protection system and method based on conflict detection
CN100377076C (en) Control device and its method for fetching instruction simultaneously used on multiple thread processors
US9760969B2 (en) Graphic processing system and method thereof
Sakalis et al. Seeds of SEED: Preventing priority inversion in instruction scheduling to disrupt speculative interference
US10592517B2 (en) Ranking items
CN112579277B (en) Central processing unit, method, device and storage medium for simultaneous multithreading
Singh et al. Reconciling QoS and concurrency in NVIDIA GPUs via warp-level scheduling
US7127589B2 (en) Data processor
CN113742085B (en) Execution port time channel safety protection system and method based on branch filtering

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant