Data processing system and method for accessing data in the data processing system
US-2022114002-A1 · Apr 14, 2022 · US
Techniques and technologies to address malicious single-stepping and zero-stepping of trusted execution environments
US2022012369A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2022012369-A1 |
| Application number | US-202117485077-A |
| Country | US |
| Kind code | A1 |
| Filing date | Sep 24, 2021 |
| Priority date | Sep 24, 2021 |
| Publication date | Jan 13, 2022 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In one embodiment, an apparatus comprises a processing circuitry to detect an occurrence of at least one of a single-stepping event or a zero-stepping event in an execution thread on an architecturally protected enclave and in response to the occurrence, implement at least one mitigation process to inhibit further occurrences of the at least one of a single-stepping event or a zero-stepping event in the architecturally protected enclave.
First claim
Opening claim text (preview).
What is claimed is: 1 . An apparatus comprising a processing circuitry to: detect an occurrence of at least one of a single-stepping event or a zero-stepping event in an execution thread on an architecturally protected enclave; and in response to the occurrence, implement at least one mitigation process to inhibit further occurrences of the at least one of a single-stepping event or a zero-stepping event in the architecturally protected enclave. 2 . The apparatus of claim 1 , comprising circuitry to: implement a counter to monitor forward progress of the compute process which is to execute in the architecturally protected enclave; and generate an error signal when the counter indicates that the forward progress is less than a threshold. 3 . The apparatus of claim 1 , comprising circuitry to: monitor a frequency of fault events in the execution thread on the architecturally protected enclave; monitor a number instructions that execute between an occurrence of fault events in the execution thread on the architecturally protected enclave; and generate an error signal when a frequency of the fault events is greater than a threshold. 4 . The apparatus processor of claim 1 , comprising circuitry to: detect a page fault within a locked region of a computer-readable memory in the architecturally protected enclave; and in response to the page fault, generate an error signal. 5 . The apparatus of claim 1 , comprising circuitry to: implement a counter to monitor a number of asynchronous enclave exit (AEX) events that occur in the architecturally protected enclave; and generate an error signal when the number of asynchronous enclave exit (AEX) events is greater than a threshold. 6 . The apparatus of claim 1 , comprising circuitry to: determine one or more memory addresses to be accessed by one or more instructions to be executed by the architecturally protected enclave following an asynchronous enclave exit (AEX) event on the architecturally protected enclave; and initiate a prefetch operation to access the one or more memory addresses. 7 . The apparatus of claim 1 , comprising circuitry to: initiate a branch speculation process for the execution thread to warm up a cache memory. 8 . A method comprising: detecting an occurrence of at least one of a single-stepping event or a zero-stepping event in an execution thread on an architecturally protected enclave; and in response to the occurrence, implementing at least one mitigation process to inhibit further occurrences of the at least one of a single-stepping event or a zero-stepping event in the architecturally protected enclave. 9 . The method of claim 8 , further comprising: implementing a counter to monitor forward progress of the compute process which is to execute in the architecturally protected enclave; and generating an error signal when the counter indicates that the forward progress is less than a threshold. 10 . The method of claim 8 , further comprising: monitoring a frequency of fault events in the execution thread on the architecturally protected enclave; monitoring a number instructions that execute between an occurrence of fault events in the execution thread on the architecturally protected enclave; and generating an error signal when a frequency of the fault events is greater than a threshold. 11 . The method of claim 8 , further comprising: detecting a page fault within a locked region of a computer-readable memory in the architecturally protected enclave; and in response to the page fault, generating an error signal. 12 . The method of claim 8 , further comprising: implementing a counter to monitor a number of asynchronous enclave exit (AEX) events that occur in the architecturally protected enclave; and generating an error signal when the number of asynchronous enclave exit (AEX) events is greater than a threshold. 13 . The method of claim 8 , further comprising: determining one or more memory addresses to be accessed by one or more instructions to be executed by the architecturally protected enclave following an asynchronous enclave exit (AEX) event on the architecturally protected enclave; and initiating a prefetch operation to access the one or more memory addresses. 14 . The method of claim 8 , further comprising: initiating a branch speculation process for the execution thread to warm up a cache memory. 15 . A non-transitory machine readable medium that stores code that when executed by a machine causes the machine to: detect an occurrence of at least one of a single-stepping event or a zero-stepping event in an execution thread on an architecturally protected enclave; and in response to the occurrence, implement at least one mitigation process to inhibit further occurrences of the at least one of a single-stepping event or a zero-stepping event in the architecturally protected enclave. 16 . The non-transitory machine readable medium of claim 15 , comprising code that when executed by a machine causes the machine to: implement a counter to monitor forward progress of the compute process which is to execute in the architecturally protected enclave; and generate an error signal when the counter indicates that the forward progress is less than a threshold. 17 . The non-transitory machine readable medium of claim 15 , comprising code that when executed by a machine causes the machine to: monitor a frequency of fault events in the execution thread on the architecturally protected enclave; monitor a number instructions that execute between an occurrence of fault events in the execution thread on the architecturally protected enclave; and generate an error signal when a frequency of the fault events is greater than a threshold. 18 . The non-transitory machine readable medium of claim 15 , comprising code that when executed by a machine causes the machine to: detect a page fault within a locked region of a computer-readable memory in the architecturally protected enclave; and in response to the page fault, generate an error signal. 19 . The non-transitory machine readable medium of claim 15 , comprising code that when executed by a machine causes the machine to: implement a counter to monitor a number of asynchronous enclave exit (AEX) events that occur in the architecturally protected enclave; and generate an error signal when the number of asynchronous enclave exit (AEX) events is greater than a threshold. 20 . The non-transitory machine readable medium of claim 15 , comprising code that when executed by a machine causes the machine to: determine one or more memory addresses to be accessed by one or more instructions to be executed by the architecturally protected enclave following an asynchronous enclave exit (AEX) event on the architecturally protected enclave; and initiate a prefetch operation to access the one or more memory addresses. 21 . The non-transitory machine readable medium of claim 15 , comprising code that when executed by a machine causes the machine to: initiate a branch speculation process for the execution thread to warm up a cache memory.
Assignees
Inventors
Classifications
Monitoring involving counting · CPC title
involving event detection and direct action · CPC title
during program execution, e.g. stack integrity {; Preventing unwanted data erasure; Buffer overflow} · CPC title
with multilevel cache hierarchies · CPC title
for multiprocessing or multitasking · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2022012369A1 cover?
- In one embodiment, an apparatus comprises a processing circuitry to detect an occurrence of at least one of a single-stepping event or a zero-stepping event in an execution thread on an architecturally protected enclave and in response to the occurrence, implement at least one mitigation process to inhibit further occurrences of the at least one of a single-stepping event or a zero-stepping eve…
- Who is the assignee on this patent?
- Intel Corp
- What technology area does this patent fall under?
- Primary CPC classification G06F21/577. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Jan 13 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).