Invalidation of permission information stored by another processor

The invention claimed is: 1 . An apparatus, comprising: primary processor circuitry that includes an execution pipeline; and secondary processor circuitry that includes: translation lookaside buffer circuitry that includes multiple entries configured to store translation information, wherein a given entry includes first-level permission information; permission circuitry configured to store second-level permission information specified by the primary processor circuitry; and wherein: the secondary processor circuitry is configured to determine whether a given memory access is permitted based on both the first-level permission information and the second-level permission information; the primary processor circuitry is configured to send, based on execution of a remote-permission-table-invalidate instruction by the execution pipeline, a permission invalidate command to the secondary processor circuitry; and the secondary processor circuitry is configured to, in response to the permission invalidate command, invalidate one or more entries in the permission circuitry that store second-level permission information. 2 . The apparatus of claim 1 , further comprising: memory circuitry configured to store second-level permission information specified by the primary processor circuitry; wherein the permission circuitry is configured to store second-level permission information retrieved from the memory circuitry. 3 . The apparatus of claim 2 , wherein the secondary processor circuitry is configured to perform direct memory address (DMA) operations to the memory circuitry. 4 . The apparatus of claim 1 , wherein the primary processor circuitry is configured to execute secure software to generate the second-level permission information. 5 . The apparatus of claim 1 , wherein a given entry of the permission circuitry includes second-level permission information for a region of memory that is greater in size than the size of memory access operations that the secondary processor circuitry is configured to perform. 6 . The apparatus of claim 5 , wherein: the permission circuitry is a direct mapped cache; and the secondary processor circuitry is configured to index into the permission circuitry based on a set of upper bits of a given memory address. 7 . The apparatus of claim 1 , wherein the secondary processor circuitry is configured to perform the permission invalidation without executing any instructions on the secondary processor circuitry. 8 . The apparatus of claim 1 , wherein: the secondary processor circuitry further includes power management circuitry configured to place the secondary processor circuitry in a low-power state; and the apparatus is configured to guarantee, when operating in a low-power state, the invalidation of the one or more entries in permission circuitry. 9 . The apparatus of claim 8 , wherein: the secondary processor circuitry further includes buffer circuitry configured to store, when operating in the low-power state, the permission invalidate command; and the secondary processor circuitry is configured to retrieve and perform the permission invalidate command in response to exiting the low-power state. 10 . The apparatus of claim 1 , wherein: the primary processor circuitry is further configured to send a barrier command in conjunction with the permission invalidate command, wherein the barrier command ensures completion of older memory access operations that access at least one entry specified by the invalidate command to determine respective access permission. 11 . The apparatus of claim 1 , wherein: the permission invalidate command is included in a packet transmitted on a communication fabric, wherein the packet includes at least the following: information that specifies one or more addresses whose corresponding permissions are to be invalidated; and an identifier of the secondary processor circuitry. 12 . The apparatus of claim 1 , wherein the apparatus is a computing device that further includes: a display; and network interface circuitry. 13 . A method, comprising: storing, by secondary processor circuitry, first-level permission information; storing, in permission circuitry of the secondary processor circuitry, second-level permission information; determining, by the secondary processor circuitry, whether a given memory access is permitted based on both the first-level permission information and the second-level permission information; sending, by primary processor circuitry based on execution of a remote-permission-table-invalidate instruction, a permission invalidate command to the secondary processor circuitry; and invalidating, by the secondary processor circuitry in response to the permission invalidate command, one or more entries in the permission circuitry that store second-level permission information. 14 . The method of claim 13 , wherein: the permission invalidate command is included in a packet transmitted on a communication fabric, wherein the packet includes at least the following: information that specifies one or more addresses whose corresponding permissions are to be invalidated; and an identifier of the secondary processor circuitry. 15 . The method of claim 13 , further comprising: sending, by the primary processor circuitry, a barrier command in conjunction with the permission invalidate command, wherein the barrier command ensures completion of older memory access operations that access at least one entry specified by the invalidate command to determine respective access permission. 16 . The method of claim 13 , further comprising: storing, in buffer circuitry of the secondary processor circuitry, the permission invalidate command when the secondary processor circuitry is in a low-power state; and retrieving and performing, by the secondary processor circuitry in response to exiting the low-power state, the stored permission invalidate command. 17 . A non-transitory computer-readable medium having instructions of a hardware description programming language stored thereon that, when processed by a computing system, program the computing system to generate a computer simulation model, wherein the model represents a hardware circuit that includes: primary processor circuitry that includes an execution pipeline; and secondary processor circuitry that includes: translation lookaside buffer circuitry that includes multiple entries configured to store translation information, wherein a given entry includes first-level permission information; permission circuitry configured to store second-level permission information specified by the primary processor circuitry; and wherein: the secondary processor circuitry is configured to determine whether a given memory access is permitted based on both the first-level permission information and the second-level permission information; the primary processor circuitry is configured to send, based on execution of a remote-permission-table-invalidate instruction by the execution pipeline, a permission invalidate command to the secondary processor circuitry; and the secondary processor circuitry is configured to, in response to the permission invalidate command, invalidate one or more entries in the permission circuitry. 18 . The non-transitory computer-readable medium of claim 17 , wherein the hardware circuit further includes: memory circuitry configured to store second-level permission information specified by the primary processor circuitry; wherein the permission circuitry is