INSTRUCTIONS AND LOGIC TO PROVIDE ADVANCED PAGING CAPABILITIES FOR SECURE ENCLAVE PAGE CACHES

摘要

Instructions and logic provide advanced paging capabilities for secure enclave page caches. Embodiments include multiple hardware threads or processing cores, a cache to store secure data for a shared page address allocated to a secure enclave accessible by the hardware threads. A decode stage decodes a first instruction specifying said shared page address as an operand, and execution units mark an entry corresponding to an enclave page cache mapping for the shared page address to block creation of a new translation for either of said first or second hardware threads to access the shared page. A second instruction is decoded for execution, the second instruction specifying said secure enclave as an operand, and execution units record hardware threads currently accessing secure data in the enclave page cache corresponding to the secure enclave, and decrement the recorded number of hardware threads when any of the hardware threads exits the secure enclave.

主权项

1. A processor comprising:
a first hardware thread and a second hardware thread; an enclave page cache to store secure data in a cache line for a shared page address allocated to a corresponding secure enclave accessible by said first and second hardware threads; a decode stage to decode a first instruction for execution by said processor, the first instruction specifying said shared page address as an operand; and one or more execution units, responsive to the decoded first instruction, to:
mark an entry corresponding to an enclave page cache mapping for the shared page address to block creation of a new translation for either of said first or second hardware threads to access secure data corresponding to the shared page address.