JP6301378B2 - ハードウェアテーブルウォーク(hwtw)を実行する際にいくつかの条件下でレジスタの内容に対する許可のないアクセスを防止するための方法および装置 - Google Patents

ハードウェアテーブルウォーク(hwtw)を実行する際にいくつかの条件下でレジスタの内容に対する許可のないアクセスを防止するための方法および装置 Download PDF

Info

Publication number
JP6301378B2
JP6301378B2 JP2015561522A JP2015561522A JP6301378B2 JP 6301378 B2 JP6301378 B2 JP 6301378B2 JP 2015561522 A JP2015561522 A JP 2015561522A JP 2015561522 A JP2015561522 A JP 2015561522A JP 6301378 B2 JP6301378 B2 JP 6301378B2
Authority
JP
Japan
Prior art keywords
logic means
determination
decision
contents
register
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP2015561522A
Other languages
English (en)
Japanese (ja)
Other versions
JP2016513836A5 (enExample
JP2016513836A (ja
Inventor
トーマス・ゼン
アゼディン・トウズニ
ズン・レン・ツェン
フィル・ジェイ・ボストリー
Original Assignee
クアルコム,インコーポレイテッド
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by クアルコム,インコーポレイテッド filed Critical クアルコム,インコーポレイテッド
Publication of JP2016513836A publication Critical patent/JP2016513836A/ja
Publication of JP2016513836A5 publication Critical patent/JP2016513836A5/ja
Application granted granted Critical
Publication of JP6301378B2 publication Critical patent/JP6301378B2/ja
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/145Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/08Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
    • G06F12/10Address translation
    • G06F12/1027Address translation using associative or pseudo-associative address translation means, e.g. translation look-aside buffer [TLB]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1458Protection against unauthorised use of memory or access to memory by checking the subject access rights
    • G06F12/1491Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45504Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1032Reliability improvement, data loss prevention, degraded operation etc
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/15Use in a specific computing environment
    • G06F2212/151Emulated environment, e.g. virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/15Use in a specific computing environment
    • G06F2212/152Virtualized environment, e.g. logically partitioned system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/65Details of virtual memory and virtual address translation
    • G06F2212/654Look-ahead translation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/68Details of translation look-aside buffer [TLB]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
  • Memory System Of A Hierarchy Structure (AREA)
JP2015561522A 2013-03-05 2014-03-04 ハードウェアテーブルウォーク(hwtw)を実行する際にいくつかの条件下でレジスタの内容に対する許可のないアクセスを防止するための方法および装置 Expired - Fee Related JP6301378B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/785,979 2013-03-05
US13/785,979 US9330026B2 (en) 2013-03-05 2013-03-05 Method and apparatus for preventing unauthorized access to contents of a register under certain conditions when performing a hardware table walk (HWTW)
PCT/US2014/020185 WO2014138005A1 (en) 2013-03-05 2014-03-04 Method and apparatus for preventing unauthorized access to contents of a register under certain conditions when performing a hardware table walk (hwtw)

Publications (3)

Publication Number Publication Date
JP2016513836A JP2016513836A (ja) 2016-05-16
JP2016513836A5 JP2016513836A5 (enExample) 2017-03-16
JP6301378B2 true JP6301378B2 (ja) 2018-03-28

Family

ID=50977041

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2015561522A Expired - Fee Related JP6301378B2 (ja) 2013-03-05 2014-03-04 ハードウェアテーブルウォーク(hwtw)を実行する際にいくつかの条件下でレジスタの内容に対する許可のないアクセスを防止するための方法および装置

Country Status (7)

Country Link
US (2) US9330026B2 (enExample)
EP (1) EP2965211A1 (enExample)
JP (1) JP6301378B2 (enExample)
KR (1) KR20150129764A (enExample)
CN (1) CN105027097B (enExample)
TW (1) TW201447584A (enExample)
WO (1) WO2014138005A1 (enExample)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9015400B2 (en) 2013-03-05 2015-04-21 Qualcomm Incorporated Methods and systems for reducing the amount of time and computing resources that are required to perform a hardware table walk (HWTW)
GB2528115B (en) * 2014-07-11 2021-05-19 Advanced Risc Mach Ltd Dynamic saving of registers in transactions
US9672159B2 (en) * 2015-07-02 2017-06-06 Arm Limited Translation buffer unit management
WO2017028309A1 (zh) 2015-08-20 2017-02-23 华为技术有限公司 文件数据访问方法和计算机系统
US12248560B2 (en) * 2016-03-07 2025-03-11 Crowdstrike, Inc. Hypervisor-based redirection of system calls and interrupt-based task offloading
US12339979B2 (en) 2016-03-07 2025-06-24 Crowdstrike, Inc. Hypervisor-based interception of memory and register accesses
US10386904B2 (en) * 2016-03-31 2019-08-20 Qualcomm Incorporated Hardware managed power collapse and clock wake-up for memory management units and distributed virtual memory networks
US10339324B2 (en) * 2016-12-22 2019-07-02 Apple Inc. Tamper-proof storage using signatures based on threshold voltage distributions
CN110795363B (zh) * 2019-08-26 2023-05-23 北京大学深圳研究生院 一种存储介质的热页预测方法和页面调度方法

Family Cites Families (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2933628B2 (ja) * 1988-07-25 1999-08-16 株式会社日立製作所 主記憶装置管理方法および計算機システム
GB2260004B (en) 1991-09-30 1995-02-08 Apple Computer Memory management unit for a computer system
JP3454854B2 (ja) * 1992-01-16 2003-10-06 株式会社東芝 メモリ管理装置及び方法
ID24931A (id) * 1997-11-05 2000-08-31 Novartis Ag Dipeptida nitril
US6745306B1 (en) * 1999-07-29 2004-06-01 Microsoft Corporation Method and system for restricting the load of physical address translations of virtual addresses
US7124170B1 (en) 1999-08-20 2006-10-17 Intertrust Technologies Corp. Secure processing unit systems and methods
US6633963B1 (en) * 2000-03-31 2003-10-14 Intel Corporation Controlling access to multiple memory zones in an isolated execution environment
US20030079103A1 (en) 2001-10-24 2003-04-24 Morrow Michael W. Apparatus and method to perform address translation
US8051301B2 (en) * 2001-11-13 2011-11-01 Advanced Micro Devices, Inc. Memory management system and method providing linear address based memory access security
US7089377B1 (en) * 2002-09-06 2006-08-08 Vmware, Inc. Virtualization system for computers with a region-based memory architecture
JP4220476B2 (ja) * 2002-11-18 2009-02-04 エイアールエム リミテッド 安全ドメインおよび非安全ドメインを有するシステム内での仮想−物理メモリアドレスマッピング
US7089397B1 (en) 2003-07-03 2006-08-08 Transmeta Corporation Method and system for caching attribute data for matching attributes with physical addresses
US7117290B2 (en) 2003-09-03 2006-10-03 Advanced Micro Devices, Inc. MicroTLB and micro tag for reducing power in a processor
US7162609B2 (en) 2003-12-03 2007-01-09 Marvell International Ltd. Translation lookaside buffer prediction mechanism
EP1870814B1 (en) 2006-06-19 2014-08-13 Texas Instruments France Method and apparatus for secure demand paging for processor devices
US7340582B2 (en) 2004-09-30 2008-03-04 Intel Corporation Fault processing for direct memory access address translation
KR100630702B1 (ko) 2004-10-05 2006-10-02 삼성전자주식회사 명령어 캐쉬와 명령어 변환 참조 버퍼의 제어기, 및 그제어방법
US7886126B2 (en) * 2005-01-14 2011-02-08 Intel Corporation Extended paging tables to map guest physical memory addresses from virtual memory page tables to host physical memory addresses in a virtual machine system
US7428626B2 (en) 2005-03-08 2008-09-23 Microsoft Corporation Method and system for a second level address translation in a virtual machine environment
US7366869B2 (en) 2005-03-17 2008-04-29 Qualcomm Incorporated Method and system for optimizing translation lookaside buffer entries
US20060224815A1 (en) 2005-03-30 2006-10-05 Koichi Yamada Virtualizing memory management unit resources
US7386669B2 (en) 2005-03-31 2008-06-10 International Business Machines Corporation System and method of improving task switching and page translation performance utilizing a multilevel translation lookaside buffer
US20070226795A1 (en) 2006-02-09 2007-09-27 Texas Instruments Incorporated Virtual cores and hardware-supported hypervisor integrated circuits, systems, methods and processes of manufacture
US7822941B2 (en) * 2006-06-05 2010-10-26 Oracle America, Inc. Function-based virtual-to-physical address translation
US8615643B2 (en) 2006-12-05 2013-12-24 Microsoft Corporation Operational efficiency of virtual TLBs
EP2075696A3 (en) 2007-05-10 2010-01-27 Texas Instruments Incorporated Interrupt- related circuits, systems and processes
US8275971B2 (en) * 2008-08-27 2012-09-25 International Business Machines Corporation Method and apparatus for managing software controlled cache of translating the physical memory access of a virtual machine between different levels of translation entities
US8595465B1 (en) 2009-09-09 2013-11-26 Marvell Israel (M.I.S.L) Ltd. Virtual address to physical address translation using prediction logic
WO2011156021A2 (en) 2010-03-01 2011-12-15 The Trustees Of Columbia University In The City Of New York Systems and methods for detecting design-level attacks against a digital circuit
US8359453B2 (en) * 2010-09-13 2013-01-22 International Business Machines Corporation Real address accessing in a coprocessor executing on behalf of an unprivileged process
US9405700B2 (en) 2010-11-04 2016-08-02 Sonics, Inc. Methods and apparatus for virtualization in an integrated circuit
US9092358B2 (en) 2011-03-03 2015-07-28 Qualcomm Incorporated Memory management unit with pre-filling capability
US9009445B2 (en) 2011-10-20 2015-04-14 Apple Inc. Memory management unit speculative hardware table walk scheme
US9183399B2 (en) * 2013-02-14 2015-11-10 International Business Machines Corporation Instruction set architecture with secure clear instructions for protecting processing unit architected state information
US9015400B2 (en) 2013-03-05 2015-04-21 Qualcomm Incorporated Methods and systems for reducing the amount of time and computing resources that are required to perform a hardware table walk (HWTW)

Also Published As

Publication number Publication date
US20170083456A1 (en) 2017-03-23
TW201447584A (zh) 2014-12-16
JP2016513836A (ja) 2016-05-16
KR20150129764A (ko) 2015-11-20
CN105027097B (zh) 2018-01-16
EP2965211A1 (en) 2016-01-13
CN105027097A (zh) 2015-11-04
US20140258663A1 (en) 2014-09-11
WO2014138005A1 (en) 2014-09-12
US9330026B2 (en) 2016-05-03

Similar Documents

Publication Publication Date Title
JP6301378B2 (ja) ハードウェアテーブルウォーク(hwtw)を実行する際にいくつかの条件下でレジスタの内容に対する許可のないアクセスを防止するための方法および装置
JP6298083B2 (ja) ハードウェアテーブルウォークを実行するのに要求される時間およびコンピューティングリソースの量を低減するための方法およびシステム
US10437733B2 (en) Method and apparatus to allow secure guest access to extended page tables
US8954959B2 (en) Memory overcommit by using an emulated IOMMU in a computer system without a host IOMMU
US10726120B2 (en) System, apparatus and method for providing locality assertion between a security processor and an enclave
US9268707B2 (en) Low overhead paged memory runtime protection
US10558584B2 (en) Employing intermediary structures for facilitating access to secure memory
US9921967B2 (en) Multi-core shared page miss handler
US20120072619A1 (en) Memory Overcommit by Using an Emulated IOMMU in a Computer System with a Host IOMMU
US10310759B2 (en) Use efficiency of platform memory resources through firmware managed I/O translation table paging
US12450173B2 (en) Method and apparatus to set guest physical address mapping attributes for trusted domain
US11971827B2 (en) Methods, systems, articles of manufacture and apparatus to control address space isolation in a virtual machine
US10990538B2 (en) Arithmetic processing device, information processing apparatus, and method for controlling arithmetic processing device
US20250321901A1 (en) Mixed criticality non-secure protected scheme
WO2025221374A1 (en) Mixed criticality non-secure protected scheme
WO2025221373A1 (en) Enhanced region tagging
CN117521054A (zh) 电子装置和安全访问软件的方法

Legal Events

Date Code Title Description
A529 Written submission of copy of amendment under article 34 pct

Free format text: JAPANESE INTERMEDIATE CODE: A529

Effective date: 20150820

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20170209

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20170209

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20180131

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20180205

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20180228

R150 Certificate of patent or registration of utility model

Ref document number: 6301378

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

LAPS Cancellation because of no payment of annual fees