公开(公告)号：WO2015148080A1

公开(公告)日：2015-10-01

申请号：PCT/US2015/018907

申请日：2015-03-05

Applicant: INTEL CORPORATION

Inventor： NAYSHTUT, Alex ,  MUTTIK, Igor ,  DEMENTIEV, Roman

IPC: G06F12/14 ,  G06F21/50

CPC classification number: G06F21/00 ,  G06F9/467 ,  G06F9/48 ,  G06F9/52 ,  G06F12/1441 ,  G06F21/52 ,  G06F21/554 ,  G06F21/56 ,  G06F21/566 ,  G06F2212/1016 ,  G06F2212/1052

Abstract: Technologies for detecting unauthorized memory accesses include a computing device having transactional memory support. The computing device executes a transactional memory execution envelope within a security thread. Within the transactional envelope, the security thread reads one or more memory locations. The computing device detects a transactional abort originating from the transactional envelope, and determines whether a security event has occurred. A security event may include an unauthorized write to the monitored memory locations from outside the transactional envelope, including from non-transactional code. The computing device reports any security events that are detected. The computing device may execute several security threads that each monitor a different, non-overlapping memory location. The computing device may spawn a new security thread to monitor a memory location while a previous security thread is handling a transactional abort. Other embodiments are described and claimed.

Abstract translation: 用于检测未经授权的存储器访问的技术包括具有事务存储器支持的计算设备。 计算设备在安全线程内执行事务性存储器执行包络。 在事务包络内，安全线程读取一个或多个内存位置。 计算设备检测源自事务包络的事务中止，并确定是否发生了安全事件。 安全事件可能包括从事务信封之外的非监督存储器位置的非授权写入，包括非事务性代码。 计算设备报告检测到的任何安全事件。 计算设备可以执行几个安全线程，每个安全线程监视不同的，不重叠的存储器位置。 计算设备可以产生新的安全线程来监视存储器位置，同时先前的安全线程正在处理事务中止。 描述和要求保护其他实施例。

公开(公告)号：WO2018004974A1

公开(公告)日：2018-01-04

申请号：PCT/US2017/035436

申请日：2017-06-01

Applicant: INTEL CORPORATION

Inventor： KLEEN, Andreas ,  SADE, Raanan ,  YASIN, Ahmad ,  RAJWAR, Ravi ,  CHAPPELL, Robert S. ,  DEMENTIEV, Roman

IPC: G06F11/30

CPC classification number: G06F9/30043 ,  G06F3/0619 ,  G06F3/0653 ,  G06F3/0656 ,  G06F3/0673 ,  G06F9/3004 ,  G06F9/30145 ,  G06F9/3834 ,  G06F11/30 ,  G06F12/0815 ,  G06F12/084

Abstract: A method of analyzing aborts of transactional execution transactions. Starting a transactional execution transaction with a first logical processor. Performing, with a second logical processor, store to memory instructions, while the first logical processor is performing the transactional execution transaction. Capturing memory addresses of, and instruction pointer values associated with, at least a sample of the store to memory instructions. Performing, with the second logical processor, a first store to memory instruction to a first memory address, which is to cause the transactional execution transaction to abort. Capturing the first memory address. Determining an instruction pointer value associated with the first store to memory instruction by correlating at least the captured first memory address with the captured memory addresses of said at least the sample of the store to memory instructions.

Abstract translation:

一种分析事务执行事务异常终止的方法。 用第一个逻辑处理器开始一个事务执行事务。 在第一逻辑处理器正在执行事务执行事务的同时，利用第二逻辑处理器执行对存储器指令的存储。 捕获与存储器的至少一个样本相关联的存储器地址和与存储器指令相关联的指令指针值。 利用第二逻辑处理器执行对存储器指令的第一存储器指令，该第一存储器指令将导致事务执行事务中止。 捕获第一个内存地址。 通过将至少所捕获的第一存储器地址与所述至少所述商店样本的所捕获的存储器地址至存储器指令相关联来确定与所述第一存储器至存储器指令相关联的指令指针值。

公开(公告)号：WO2015094189A1

公开(公告)日：2015-06-25

申请号：PCT/US2013/075805

申请日：2013-12-17

Applicant: INTEL CORPORATION ,  MUTTIK, Igor ,  DEMENTIEV, Roman ,  NAYSHTUT, Alex

Inventor： MUTTIK, Igor ,  DEMENTIEV, Roman ,  NAYSHTUT, Alex

IPC: G06F12/14 ,  G06F21/00

CPC classification number: G06F12/14 ,  G06F12/1441 ,  G06F21/53 ,  G06F21/54 ,  G06F21/566 ,  G06F21/60

Abstract: Technologies for detecting unauthorized memory accesses include a computing device having transactional memory support. The computing device executes a code segment identified as suspicious and detects a transactional abort during execution of the code segment. The computing device may execute a security support thread concurrently with the code segment that reads one or more monitored memory locations. A transactional abort may be caused by a read of the security support thread conflicting with a write from the code segment. The computing device may set a breakpoint within the code segment, and a transactional abort may be caused by execution of the code segment reaching the breakpoint. An abort handler determines whether a security event has occurred and reports the security event. The abort handler may determine whether the security event has occurred based on the cause of the transactional abort. Other embodiments are described and claimed.

Abstract translation: 用于检测未经授权的存储器访问的技术包括具有事务存储器支持的计算设备。 计算设备执行标识为可疑的代码段，并且在执行代码段期间检测事务中止。 计算设备可以与读取一个或多个监视的存储器位置的代码段同时执行安全支持线程。 事务中止可能是由安全支持线程读取与代码段的写入冲突引起的。 计算设备可以在代码段内设置断点，并且可能由执行到达断点的代码段引起事务中止。 中止处理程序确定是否发生安全事件并报告安全事件。 中止处理程序可以基于事务中止的原因来确定安全事件是否已经发生。 描述和要求保护其他实施例。

公开(公告)号：WO2018004946A1

公开(公告)日：2018-01-04

申请号：PCT/US2017/035168

申请日：2017-05-31

Applicant: INTEL CORPORATION

Inventor： DEMENTIEV, Roman ,  DOSHI, Kshitij

IPC: G06F13/16 ,  G06F9/46

Abstract: An apparatus and method are described for reentering a transactional sequence for hardware transactional memory. For example, one embodiment of a processor comprises: one or more cores to execute instructions and process data; execution circuitry within at least one of the cores to execute a transactional sequence of instructions; a mask value to identify a specified set of architectural state to be saved upon reaching a particular instruction within the transactional sequence of instructions; and a scratchpad memory within the execution circuitry to store the specified set of architectural state upon reaching the particular instruction within the sequence of instructions.

Abstract translation: 描述了一种用于重新进入硬件事务存储器的事务序列的装置和方法。 例如，处理器的一个实施例包括：用于执行指令和处理数据的一个或多个内核; 在至少一个内核内的执行电路执行交易指令序列; 掩码值，用于识别在达到指令的事务处理序列内的特定指令时待保存的指定的一组架构状态; 以及执行电路内的暂存器存储器，以在达到指令序列内的特定指令时存储指定的一组架构状态。

公开(公告)号：EP3525088A1

公开(公告)日：2019-08-14

申请号：EP19151260.7

申请日：2019-01-10

Applicant: Intel Corporation

Inventor： DOSHI, Kshitij ,  DEMENTIEV, Roman ,  SUKHOMLINOV, Vadim

IPC: G06F9/30 ,  G06F9/38

Abstract: A processor of an aspect includes a decode unit to decode an instruction. The instruction is to indicate a destination memory address information. An execution unit is coupled with the decode unit. The execution unit, in response to the decode of the instruction, is to store memory addresses, for at least all initial writes to corresponding data items, which are to occur after the instruction in original program order, to a memory address log. A start of the memory address log is to correspond to the destination memory address information. Other processors, methods, systems, and instructions are also disclosed.

公开(公告)号：EP3084615A1

公开(公告)日：2016-10-26

申请号：EP13899925.5

申请日：2013-12-17

Applicant: Intel Corporation

Inventor： MUTTIK, Igor ,  DEMENTIEV, Roman ,  NAYSHTUT, Alex

IPC: G06F12/14 ,  G06F21/00

Abstract: Technologies for detecting unauthorized memory accesses include a computing device having transactional memory support. The computing device executes a code segment identified as suspicious and detects a transactional abort during execution of the code segment. The computing device may execute a security support thread concurrently with the code segment that reads one or more monitored memory locations. A transactional abort may be caused by a read of the security support thread conflicting with a write from the code segment. The computing device may set a breakpoint within the code segment, and a transactional abort may be caused by execution of the code segment reaching the breakpoint. An abort handler determines whether a security event has occurred and reports the security event. The abort handler may determine whether the security event has occurred based on the cause of the transactional abort. Other embodiments are described and claimed.

公开(公告)号：EP3084615B1

公开(公告)日：2020-06-24

申请号：EP13899925.5

申请日：2013-12-17

Applicant: Intel Corporation

Inventor： MUTTIK, Igor ,  DEMENTIEV, Roman ,  NAYSHTUT, Alex

IPC: G06F12/14 ,  G06F21/00 ,  G06F21/54 ,  G06F21/53 ,  G06F21/56