公开(公告)号：US20160117171A1

公开(公告)日：2016-04-28

申请号：US14992658

申请日：2016-01-11

Applicant: INTEL CORPORATION

Inventor： Tsvika Kurts ,  Ofer Levy ,  Itamar Kazachinsky ,  Gabi Malka ,  Zeev Sperber ,  Jason W. Brandt

IPC: G06F9/30 ,  G06F13/40

CPC classification number: G06F9/30145 ,  G06F11/00 ,  G06F11/3471 ,  G06F11/36 ,  G06F13/4068 ,  G06F2201/865

Abstract: A method of an aspect includes generating real time instruction trace (RTIT) packets for a first logical processor of a processor. The RTIT packets indicate a flow of software executed by the first logical processor. The RTIT packets are stored in an RTIT queue corresponding to the first logical processor. The RTIT packets are transferred from the RTIT queue to memory predominantly with firmware of the processor. Other methods, apparatus, and systems are also disclosed.

Abstract translation: 一方面的方法包括为处理器的第一逻辑处理器生成实时指令跟踪（RTIT）分组。 RTIT分组指示由第一逻辑处理器执行的软件的流程。 RTIT分组被存储在对应于第一逻辑处理器的RTIT队列中。 RTIT数据包主要通过处理器的固件从RTIT队列传送到存储器。 还公开了其它方法，装置和系统。

公开(公告)号：US20150227470A1

公开(公告)日：2015-08-13

申请号：US14580345

申请日：2014-12-23

Applicant: Intel Corporation

Inventor： Jason W. Brandt ,  Sanjoy K. Mondal ,  Richard A. Uhlig ,  Gilbert Neiger ,  Robert T. George

IPC: G06F12/10 ,  G06F9/455 ,  G06F12/12

CPC classification number: G06F12/1036 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/4843 ,  G06F12/0292 ,  G06F12/0804 ,  G06F12/0891 ,  G06F12/1027 ,  G06F12/1063 ,  G06F12/109 ,  G06F12/12 ,  G06F12/123 ,  G06F2009/45583 ,  G06F2009/45591 ,  G06F2212/1016 ,  G06F2212/152 ,  G06F2212/30 ,  G06F2212/50 ,  G06F2212/604 ,  G06F2212/657 ,  G06F2212/68 ,  G06F2212/683 ,  G06F2212/684 ,  G06F2212/69 ,  G06F2212/70

Abstract: In one embodiment of the present invention, a method includes switching between a first address space and a second address space, determining if the second address space exists in a list of address spaces; and maintaining entries of the first address space in a translation buffer after the switching. In such manner, overhead associated with such a context switch may be reduced.

Abstract translation: 在本发明的一个实施例中，一种方法包括在第一地址空间和第二地址空间之间切换，确定地址空间列表中是否存在第二地址空间; 并且在切换之后保持翻译缓冲器中的第一地址空间的条目。 以这种方式，可以减少与这种上下文切换相关联的开销。

公开(公告)号：US12282567B2

公开(公告)日：2025-04-22

申请号：US17878322

申请日：2022-08-01

Applicant: Intel Corporation

Inventor： David M. Durham ,  Michael LeMay ,  Ramya Jayaram Masti ,  Gilbert Neiger ,  Jason W. Brandt

IPC: G06F21/60 ,  G06F9/30 ,  G06F9/32 ,  G06F9/455 ,  G06F9/48 ,  G06F9/50 ,  G06F12/02 ,  G06F12/06 ,  G06F12/0811 ,  G06F12/0875 ,  G06F12/0897 ,  G06F12/14 ,  G06F21/12 ,  G06F21/62 ,  G06F21/72 ,  G06F21/79 ,  H04L9/06 ,  H04L9/08 ,  H04L9/14

Abstract: Technologies disclosed herein provide cryptographic computing with cryptographically encoded pointers in multi-tenant environments. An example method comprises executing, by a trusted runtime, first instructions to generate a first address key for a private memory region in the memory and generate a first cryptographically encoded pointer to the private memory region in the memory. Generating the first cryptographically encoded pointer includes storing first context information associated with the private memory region in first bits of the first cryptographically encoded pointer and performing a cryptographic algorithm on a slice of a first linear address of the private memory region based, at least in part, on the first address key and a first tweak, the first tweak including the first context information. The method further includes permitting a first tenant in the multi-tenant environment to access the first address key and the first cryptographically encoded pointer to the private memory region.

公开(公告)号：US20250053651A1

公开(公告)日：2025-02-13

申请号：US18925667

申请日：2024-10-24

Applicant: Intel Corporation

Inventor： Robert S. Chappell ,  Jared W. Stark, IV ,  Joseph Nuzman ,  Stephen Robinson ,  Jason W. Brandt

IPC: G06F21/55 ,  G06F9/30 ,  G06F9/38 ,  G06F9/48 ,  G06F12/0802 ,  G06F21/62

Abstract: Systems, methods, and apparatuses relating to microarchitectural mechanisms for the prevention of side-channel attacks are disclosed herein. In one embodiment, a processor includes a core having a plurality of physical contexts to execute a plurality of threads, a plurality of structures shared by the plurality of threads, a context mapping structure to map context signatures to respective physical contexts of the plurality of physical contexts, each physical context to identify and differentiate state of the plurality of structures, and a context manager circuit to, when one or more of a plurality of fields that comprise a context signature is changed, search the context mapping structure for a match to another context signature, and when the match is found, a physical context associated with the match is set as an active physical context for the core.

公开(公告)号：US12130915B2

公开(公告)日：2024-10-29

申请号：US17590470

申请日：2022-02-01

Applicant: Intel Corporation

Inventor： Robert S. Chappell ,  Jared W. Stark, IV ,  Joseph Nuzman ,  Stephen Robinson ,  Jason W. Brandt

IPC: G06F9/30 ,  G06F9/38 ,  G06F9/48 ,  G06F12/0802 ,  G06F21/55 ,  G06F21/62

CPC classification number: G06F21/556 ,  G06F9/30116 ,  G06F9/30123 ,  G06F9/30196 ,  G06F9/3806 ,  G06F9/3808 ,  G06F9/3842 ,  G06F9/3844 ,  G06F9/4881 ,  G06F12/0802 ,  G06F21/62

Abstract: Systems, methods, and apparatuses relating to microarchitectural mechanisms for the prevention of side-channel attacks are disclosed herein. In one embodiment, a processor core includes an instruction fetch circuit to fetch instructions; a branch target buffer comprising a plurality of entries that each include a thread identification (TID) and a privilege level bit; and a branch predictor, coupled to the instruction fetch circuit and the branch target buffer, to predict a target instruction corresponding to a branch instruction based on at least one entry of the plurality of entries in the branch target buffer, and cause the target instruction to be fetched by the instruction fetch circuit.

公开(公告)号：US20230342156A1

公开(公告)日：2023-10-26

申请号：US18138591

申请日：2023-04-24

Applicant: Intel Corporation

Inventor： Jason W. Brandt ,  Deepak K. Gupta ,  Rodrigo Branco ,  Joseph Nuzman ,  Robert S. Chappell ,  Sergiu Ghetie ,  Wojciech Powiertowski ,  Jared W. Stark, IV ,  Ariel Sabba ,  Scott J. Cape ,  Hisham Shafi ,  Lihu Rappoport ,  Yair Berger ,  Scott P. Bobholz ,  Gilad Holzstein ,  Sagar V. Dalvi ,  Yogesh Bijlani

IPC: G06F9/38 ,  G06F9/30

CPC classification number: G06F9/3844 ,  G06F9/30101

Abstract: Methods and apparatuses relating to mitigations for speculative execution side channels are described. Speculative execution hardware and environments that utilize the mitigations are also described. For example, three indirect branch control mechanisms and their associated hardware are discussed herein: (i) indirect branch restricted speculation (IBRS) to restrict speculation of indirect branches, (ii) single thread indirect branch predictors (STIBP) to prevent indirect branch predictions from being controlled by a sibling thread, and (iii) indirect branch predictor barrier (IBPB) to prevent indirect branch predictions after the barrier from being controlled by software executed before the barrier.

公开(公告)号：US11663006B2

公开(公告)日：2023-05-30

申请号：US17340632

申请日：2021-06-07

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Barry E. Huntley ,  Baiju V. Patel ,  Deepak K. Gupta

IPC: G06F9/30 ,  G06F9/46 ,  G06F21/52

CPC classification number: G06F9/3004 ,  G06F9/30134 ,  G06F9/461 ,  G06F21/52

Abstract: Methods and apparatuses relating to switching of a shadow stack pointer are described. In one embodiment, a hardware processor includes a hardware decode unit to decode an instruction, and a hardware execution unit to execute the instruction to: pop a token for a thread from a shadow stack, wherein the token includes a shadow stack pointer for the thread with at least one least significant bit (LSB) of the shadow stack pointer overwritten with a bit value of an operating mode of the hardware processor for the thread, remove the bit value in the at least one LSB from the token to generate the shadow stack pointer, and set a current shadow stack pointer to the shadow stack pointer from the token when the operating mode from the token matches a current operating mode of the hardware processor.

公开(公告)号：US11635965B2

公开(公告)日：2023-04-25

申请号：US16177028

申请日：2018-10-31

Applicant: Intel Corporation

Inventor： Jason W. Brandt ,  Deepak K. Gupta ,  Rodrigo Branco ,  Joseph Nuzman ,  Robert S. Chappell ,  Sergiu D. Ghetie ,  Wojciech Powiertowski ,  Jared W. Stark, IV ,  Ariel Sabba ,  Scott J. Cape ,  Hisham Shafi ,  Lihu Rappoport ,  Yair Berger ,  Scott P. Bobholz ,  Gilad Holzstein ,  Sagar V. Dalvi ,  Yogesh Bijlani

IPC: G06F9/38 ,  G06F9/30

Abstract: Methods and apparatuses relating to mitigations for speculative execution side channels are described. Speculative execution hardware and environments that utilize the mitigations are also described. For example, three indirect branch control mechanisms and their associated hardware are discussed herein: (i) indirect branch restricted speculation (IBRS) to restrict speculation of indirect branches, (ii) single thread indirect branch predictors (STIBP) to prevent indirect branch predictions from being controlled by a sibling thread, and (iii) indirect branch predictor barrier (IBPB) to prevent indirect branch predictions after the barrier from being controlled by software executed before the barrier.

公开(公告)号：US11556341B2

公开(公告)日：2023-01-17

申请号：US17341068

申请日：2021-06-07

Applicant: Intel Corporation

Inventor： Ravi Sahita ,  Deepak Gupta ,  Vedvyas Shanbhogue ,  David Hansen ,  Jason W. Brandt ,  Joseph Nuzman ,  Mingwei Zhang

IPC: G06F9/30 ,  G06F9/38 ,  G06F12/14

Abstract: Systems, methods, and apparatuses relating to instructions to compartmentalize memory accesses and execution (e.g., non-speculative and speculative) are described. In one embodiment, a compartment manager circuit is to determine, when a compartment control register of a hardware processor core is set to an enable value, that a first subset of code requested for execution on the hardware processor core in user privilege is within a first compartment of memory, load a first compartment descriptor for the first compartment into one or more registers of the hardware processor core from the memory, check if the first compartment is marked in the first compartment descriptor, within the one or more registers of the hardware processor core, as a management compartment, and, when the first compartment is marked in the first compartment descriptor as the management compartment, allowing the first subset of the code within the first compartment to load a second compartment descriptor for a second compartment of the memory into the one or more registers of the hardware processor core from the memory, switching execution from the first subset of code within the first compartment to a second subset of code in user privilege within the second compartment, allowing speculative memory accesses for the second subset of code only within the second compartment, and preventing a memory access outside of the second compartment for the second subset of code as indicated by the second compartment descriptor stored within the one or more registers of the hardware processor core.

公开(公告)号：US20220413860A1

公开(公告)日：2022-12-29

申请号：US17358098

申请日：2021-06-25

Applicant: Intel Corporation

Inventor： Kameswar Subramaniam ,  Jason W. Brandt

IPC: G06F9/30 ,  G06F9/38

Abstract: In one embodiment, a processor includes: a plurality of registers; a front end circuit to fetch and decode a non-serializing register write instruction, the non-serializing register write instruction to cause a value to be stored in a first register of the plurality of registers; and an execution circuit coupled to the front end circuit. The execution circuit, in response to the non-serializing register write instruction, is to determine an amount of serialization for the non-serializing register write instruction and execute the non-serializing register write instruction according to the amount of serialization. Other embodiments are described and claimed.