Arithmetic processing apparatus and control method for arithmetic processing apparatus
US-2019347102-A1 · Nov 14, 2019 · US
Apparatuses, methods, and systems for instructions to compartmentalize code
US11029957B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-11029957-B1 |
| Application number | US-202016833478-A |
| Country | US |
| Kind code | B1 |
| Filing date | Mar 27, 2020 |
| Priority date | Mar 27, 2020 |
| Publication date | Jun 8, 2021 |
| Grant date | Jun 8, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems, methods, and apparatuses relating to instructions to compartmentalize memory accesses and execution (e.g., non-speculative and speculative) are described. In one embodiment, a compartment manager circuit is to determine, when a compartment control register of a hardware processor core is set to an enable value, that a first subset of code requested for execution on the hardware processor core in user privilege is within a first compartment of memory, load a first compartment descriptor for the first compartment into one or more registers of the hardware processor core from the memory, check if the first compartment is marked in the first compartment descriptor, within the one or more registers of the hardware processor core, as a management compartment, and, when the first compartment is marked in the first compartment descriptor as the management compartment, allowing the first subset of the code within the first compartment to load a second compartment descriptor for a second compartment of the memory into the one or more registers of the hardware processor core from the memory, switching execution from the first subset of code within the first compartment to a second subset of code in user privilege within the second compartment, allowing speculative memory accesses for the second subset of code only within the second compartment, and preventing a memory access outside of the second compartment for the second subset of code as indicated by the second compartment descriptor stored within the one or more registers of the hardware processor core.
First claim
Opening claim text (preview).
What is claimed is: 1. A hardware processor comprising: a decoder to decode instructions into decoded instructions; an execution circuit to execute the decoded instructions to generate one or more memory accesses to memory; and a compartment manager circuit to: determine, when a compartment control register of a processor core is set to an enable value, that a first subset of code requested for execution on the processor core in user privilege is within a first compartment of the memory, load a first compartment descriptor for the first compartment into one or more registers of the processor core from the memory, check if the first compartment is marked in the first compartment descriptor, within the one or more registers of the processor core, as a management compartment, and when the first compartment is marked in the first compartment descriptor as the management compartment, allow the first subset of the code within the first compartment to load a second compartment descriptor for a second compartment of the memory into the one or more registers of the processor core from the memory, switch execution from the first subset of code within the first compartment to a second subset of code in user privilege within the second compartment, allow speculative memory accesses for the second subset of code only within the second compartment, and prevent a memory access outside of the second compartment for the second subset of code as indicated by the second compartment descriptor stored within the one or more registers of the processor core, wherein the second compartment, as indicated by the second compartment descriptor, comprises a plurality of non-continuous slices in a single address space in the memory. 2. The hardware processor of claim 1 , wherein the compartment manager circuit is to switch execution from the first subset of code in user privilege to the second subset of code in user privilege without switching the processor core to supervisor privilege. 3. The hardware processor of claim 1 , wherein the decoder is to decode a first instruction into a decoded first instruction and the execution circuit is to execute the decoded first instruction to load a pointer for the second compartment descriptor into a compartment pointer register of the processor core and set a compartment mode register of the processor core to an outside mode that causes the processor core to prevent memory accesses within the second compartment of the memory. 4. The hardware processor of claim 3 , wherein the decoder is to decode a second instruction into a decoded second instruction and the execution circuit is to execute the decoded second instruction to store the pointer for the second compartment descriptor from the compartment pointer register of the processor core to memory without altering any value in the compartment mode register. 5. The hardware processor of claim 3 , wherein, for a request from the first compartment marked as the management compartment, the decoder is to decode a second instruction into a decoded second instruction and the execution circuit is to execute the decoded second instruction to load the second compartment descriptor from a location specified by the pointer in the compartment pointer register into the one or more registers of the processor core and set the compartment mode register of the processor core to an inside mode that causes the processor core to only allow memory accesses within the second compartment of the memory. 6. The hardware processor of claim 5 , wherein, for a request from the second compartment, the decoder is to decode a third instruction into a decoded third instruction and the execution circuit is to execute the decoded third instruction to remove the second compartment descriptor from the one or more registers of the processor core and set the compartment mode register of the processor core to the outside mode that causes the processor core to prevent memory accesses within the second compartment of the memory. 7. The hardware processor of claim 3 , wherein, for a request from the first compartment marked as the management compartment, the decoder is to decode a second instruction into a decoded second instruction and the execution circuit is to execute the decoded second instruction to load the second compartment descriptor from a location specified by the pointer in the compartment pointer register into the one or more registers of the processor core and set the compartment mode register of the processor core to an inside mode that causes the processor core to only allow memory accesses within the second compartment of the memory and to memory that is not marked as a compartment. 8. The hardware processor of claim 1 , wherein the decoder is to decode an instruction into a decoded instruction and the execution circuit is to execute the decoded instruction to remove the second compartment from the memory. 9. A method comprising: determining, when a compartment control register of a hardware processor core is set to an enable value, that a first subset of code requested for execution on the hardware processor core in user privilege is within a first compartment of memory; loading a first compartment descriptor for the first compartment into one or more registers of the hardware processor core from the memory; checking if the first compartment is marked in the first compartment descriptor, within the one or more registers of the hardware processor core, as a management compartment; and when the first compartment is marked in the first compartment descriptor as the management compartment, allowing the first subset of the code within the first compartment to load a second compartment descriptor for a second compartment of the memory into the one or more registers of the hardware processor core from the memory, switching execution from the first subset of code within the first compartment to a second subset of code in user privilege within the second compartment, allowing speculative memory accesses for the second subset of code only within the second compartment, and preventing a memory access outside of the second compartment for the second subset of code as indicated by the second compartment descriptor stored within the one or more registers of the hardware processor core, wherein the second compartment, as indicated by the second compartment descriptor, comprises a plurality of non-continuous slices in a single address space in the memory. 10. The method of claim 9 , wherein the switching execution is switching execution from the first subset of code in user privilege to the second subset of code in user privilege without switching the hardware processor core to supervisor privilege. 11. The method of claim 9 , further comprising decoding a first instruction into a decoded first instruction with a decoder of the hardware processor core, and executing the decoded first instruction with an execution circuit of the hardware processor core to load a pointer for the second compartment descriptor into a compartment pointer register of the hardware processor core and set a compartment mode register of the hardware processor core to an outside mode that causes the hardware processor core to prevent memory accesses within the second compartment of the memory. 12. The method of claim 11 , further comprising decoding a second instruction into a decoded second instruction with the decoder of the hardware processor core, and executing the decoded second instruction with the execution circuit of the hardware processor core to store the pointer for the second compartment descriptor from the compartment pointer register of the hardware processor core to memory wit
Assignees
Inventors
Classifications
Energy efficient computing, e.g. low power processors, power management or thermal management · CPC title
by executing in a restricted environment, e.g. sandbox or secure virtual machine · CPC title
- G06F9/30145Primary
Instruction analysis, e.g. decoding, instruction word fields · CPC title
Execution means for microinstructions irrespective of the microinstruction function, e.g. decoding of microinstructions and nanoinstructions; timing of microinstructions; programmable logic arrays; delays and fan-out problems · CPC title
Register arrangements · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11029957B1 cover?
- Systems, methods, and apparatuses relating to instructions to compartmentalize memory accesses and execution (e.g., non-speculative and speculative) are described. In one embodiment, a compartment manager circuit is to determine, when a compartment control register of a hardware processor core is set to an enable value, that a first subset of code requested for execution on the hardware process…
- Who is the assignee on this patent?
- Intel Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F9/30145. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 08 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).