What technology area does this patent fall under?

Primary CPC classification G06F12/1416. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Feb 09 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

System protecting caches from side-channel attacks

US10915466B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10915466-B2
Application number	US-201916286821-A
Country	US
Kind code	B2
Filing date	Feb 27, 2019
Priority date	Mar 5, 2018
Publication date	Feb 9, 2021
Grant date	Feb 9, 2021

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Caches may be vulnerable to side-channel attacks, such as Spectre and Meltdown, that involve speculative execution of instructions, revealing information about a cache that the attacker is not permitted to access. Access permission may be stored in the cache, such as in an entry of a cache table or in the region information for a cache table. Optionally, the access permission may be re-checked if the access permission changes while a memory instruction is pending. Optionally, a random index value may be stored in a cache and used, at least in part, to identify a memory location of a cacheline. Optionally, cachelines that are involved in speculative loads for memory instructions may be marked as speculative. On condition of resolving the speculative load as non-speculative, the cacheline may be marked as non-speculative; and on condition of resolving the speculative load as mis-speculated, the cacheline may be removed from the cache.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for accessing data in a cache of a device, the method comprising: storing a random index value in a buffer; storing a cacheline in the cache at a location that is based at least in part on the random index value; storing in the buffer an access permission for the cacheline; for a memory instruction that involves the cacheline, determining whether the memory instruction is permitted to access the cacheline based at least in part on the access permission for the cacheline; and on condition of determining that the memory instruction is not permitted to access the cacheline, refraining from changing the cache. 2. The method of claim 1 , further comprising: on condition of changing the access permission for the cacheline, invalidating the cacheline in the cache. 3. The method of claim 1 , wherein, the buffer includes a cache table that includes a cache table entry that identifies a region of the cacheline in a memory of the device, and storing the access permission for the cacheline includes storing the access permission in the cache table entry for the cacheline. 4. The method of claim 1 , wherein, the buffer includes a cache table including a cache table entry that identifies a region of the cacheline in a memory of the device and region information for the cache table, and storing the access permission for the cacheline includes storing the access permission in the region information for the cache table. 5. The method of claim 1 , further comprising: on condition of changing the access permission of the cacheline after determining that a pending memory instruction is permitted to access the cacheline, redetermining whether the pending memory instruction is permitted to access the cacheline based at least in part on the access permission. 6. The method of claim 1 , further comprising: on condition of determining that the memory instruction is permitted to access the cacheline, accessing the cacheline by determining the location of the cacheline based at least in part on the random index value. 7. The method of claim 6 , further comprising: changing the random index value periodically with a selected rate. 8. The method of claim 7 , further comprising: on condition of changing the random index value to a new random index value, moving the cacheline to a new location that is based at least in part on the new random index value. 9. The method of claim 6 , further comprising: on condition of removing the cacheline from the cache, changing the random index value. 10. The method of claim 1 , further comprising: on condition of storing the cacheline as a speculative load for the memory instruction, marking the cacheline as speculative; on condition of resolving the speculative load for the memory instruction as non-speculative, marking the cacheline as non-speculative; and on condition of resolving the speculative load for the memory instruction as mis-speculated, removing the cacheline from the cache. 11. A system comprising: a cache storing a cacheline; and at least one processor configured to, store a random index value in a buffer; store the cacheline in the cache at a location that is based at least in part on the random index value; store in the buffer an access permission for the cacheline; for a memory instruction that involves the cacheline, determine whether the memory instruction is permitted to access the cacheline based at least in part on the access permission for the cacheline; and on condition of determining that the memory instruction is not permitted to access the cacheline, refrain from changing the cache. 12. The system of claim 11 , wherein, the buffer includes a cache table that includes a cache table entry that identifies a region of the cacheline in a memory, and the at least one processor configured to store the access permission in the cache table entry for the cacheline. 13. The system of claim 11 , wherein, the buffer includes a cache table including a cache table entry that identifies a region of the cacheline in a memory and region information for the cache table, and the at least one processor configured to store the access permission in the region information for the cache table. 14. The system of claim 11 , wherein the at least one processor is further configured to, on condition of changing the access permission for the cacheline, invalidate the cacheline in the cache. 15. The system of claim 11 , wherein the at least one processor is further configured to, ; and on condition of determining that the memory instruction is permitted to access the cacheline, access the cacheline by determining the location of the cacheline based at least in part on the random index value. 16. The system of claim 15 , wherein the at least one processor is further configured to change the random index value periodically with a selected rate. 17. The system of claim 16 , wherein the at least one processor is further configured to, on condition of changing the random index value to a new random index value, move the cacheline to a new location that is based at least in part on the new random index value. 18. The system of claim 15 , wherein the at least one processor is further configured to, on condition of removing the cacheline from the cache, change the random index value. 19. The system of claim 11 , wherein the at least one processor is further configured to, on condition of storing the cacheline as a speculative load for the memory instruction, mark the cacheline as speculative; on condition of resolving the speculative load for the memory instruction as non-speculative, mark the cacheline as non-speculative; and on condition of resolving the speculative load for the memory instruction as mis-speculated, remove the cacheline from the cache. 20. A non-transitory computer-readable storage medium comprising instructions that, when executed by a processor, cause the processor to perform operations including, storing a random index value in a buffer; storing a cacheline in the cache at a location that is based at least in part on the random index value; storing in a buffer an access permission for a cacheline stored in a cache; for a memory instruction that involves the cacheline, determining whether the memory instruction is permitted to access the cacheline based at least in part on the access permission for the cacheline; and on condition of determining that the memory instruction is not permitted to access the cacheline, refraining from changing the cache.

Assignees

Samsung Electronics Co Ltd

Inventors

Classifications

G06F21/78
to assure secure storage of data (address-based protection against unauthorised use of memory G06F12/14; record carriers for use with machines and with at least a part designed to carry digital markings G06K19/00) · CPC title
G06F12/1416Primary
by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights (G06F12/1458 takes precedence) · CPC title
G06F12/1045
associated with a data cache · CPC title
G06F12/0897
with two or more cache hierarchy levels (with multilevel cache hierarchies G06F12/0811) · CPC title
G06F12/1475Primary
in a virtual system, e.g. with translation means · CPC title

Patent family

Related publications grouped by family.

View patent family 65685221

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10915466B2 cover?: Caches may be vulnerable to side-channel attacks, such as Spectre and Meltdown, that involve speculative execution of instructions, revealing information about a cache that the attacker is not permitted to access. Access permission may be stored in the cache, such as in an entry of a cache table or in the region information for a cache table. Optionally, the access permission may be re-checked …
Who is the assignee on this patent?: Samsung Electronics Co Ltd
What technology area does this patent fall under?: Primary CPC classification G06F12/1416. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Feb 09 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).