| 发明名称 |
STORING SECURE STATE INFORMATION IN TRANSLATION LOOKASIDE BUFFER CACHE LINES |
| 摘要 |
One embodiment of the present invention includes a memory management unit (MMU) that is configured to efficiently process requests to access memory that includes protected regions. Upon receiving an initial request via a virtual address (VA), the MMU translates the VA to a physical address (PA) based on page table entries (PTEs) and gates the response based on page-specific secure state information. To thwart software-based attempts to illicitly access the protected regions, the secure state information is not stored in page tables. However, to expedite subsequent requests, after the MMU identifies the PTE and the corresponding secure state information, the MMU stores both the PTE and the secure state information as a cache line in a translation lookaside buffer. Advantageously, the disclosed embodiments protect data in the protected regions from security risks associated with software-based protection schemes without incurring the performance degradation associated with hardware-based “carve-out” memory protection schemes. |
| 申请公布号 |
US2017097896(A1) |
申请公布日期 |
2017.04.06 |
| 申请号 |
US201514874244 |
申请日期 |
2015.10.02 |
| 申请人 |
NVIDIA CORPORATION |
发明人 |
MOLNAR Steven E.;DEMING James Leroy;WOODMANSEE Michael A. |
| 分类号 |
G06F12/10;G06F12/06 |
主分类号 |
G06F12/10 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A system configured to manage access requests to protected regions of memory, the system comprising:
a memory that includes a page table having a plurality of page table entries; and a memory management unit coupled to the memory and configured to:
receive a first request to translate a first virtual memory addresses to a first physical memory address;select a first page table entry included in the plurality of page table entries based on the first virtual memory address;translate the first virtual memory address to the first physical memory address based on the first page table entry;determine first secure state information based on the first physical memory address;store the first page table entry and the first secure state information in a first data cache line included in a first translation lookaside buffer associated with a first client; andgenerate a first memory access response based on the first page table entry and the first secure state information. |
| 地址 |
Santa Clara CA US |
