Method and system for using processor enclaves and cache partitioning to assist a software cryptoprocessor

US 10,049,048 B1
Filed: 10/01/2014
Issued: 08/14/2018
Est. Priority Date: 10/01/2013
Status: Active Grant

First Claim

Patent Images

1. A method for ensuring security of an application, comprising:

loading a main portion of the application into a processor cache of a processor; and

under control of the application, logically partitioning the processor cache to create an enclave partition within an enclave and a main partition not within the enclave such that loading of a cache line into the enclave partition will not result in an eviction from the main partition due to the enclave partition serving as a backing store for the main partition, wherein the enclave partition serving as the backing store for the main partition comprises performing at least one read operation, for data, in a sequence comprising;

securely loading the data into the enclave partition; and

in response, copying a version of the data from the enclave partition into the main partition not within the enclave;

wherein the enclave;

comprises hardware-enforced protected region of an address space of a memory, andforms an extension of the address space.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A processor cache is logically partitioned into a main partition, located in the cache itself, and an enclave partition, located within an enclave, that is, a hardware-enforced protected region of an address space of a memory. This extends the secure address space usable by and for an application such as a software cryptoprocessor that is to execute only in secure regions of cache or memory.

Citations

20 Claims

1. A method for ensuring security of an application, comprising:
- loading a main portion of the application into a processor cache of a processor; and
  
  under control of the application, logically partitioning the processor cache to create an enclave partition within an enclave and a main partition not within the enclave such that loading of a cache line into the enclave partition will not result in an eviction from the main partition due to the enclave partition serving as a backing store for the main partition, wherein the enclave partition serving as the backing store for the main partition comprises performing at least one read operation, for data, in a sequence comprising;
  
  securely loading the data into the enclave partition; and
  
  in response, copying a version of the data from the enclave partition into the main partition not within the enclave;
  
  wherein the enclave;
  
  comprises hardware-enforced protected region of an address space of a memory, andforms an extension of the address space.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as in claim 1, further comprising:
    - encrypting, using an encryption agent that is installed to be resident in the cache and that is functionally between the processor and memory, data or code that is stored in the main partition before being written to memory; and
      
      decrypting, using the encryption agent, data or code that is stored in the main partition after being read from memory.
  - 3. The method as in claim 1, further comprising aggregating virtual address space regions associated with at least one of a plurality of enclaves.
  - 4. The method as in claim 3, further comprising:
    - exposing the enclave partition as the secure backing store, addressed by a block number;
      
      translating the block number to a corresponding enclave and location within the enclave'"'"'s address space;
      
      mapping a portion of non-enclave, cache-resident physical memory into the enclave address space; and
      
      during input or output block operations, copying data block-wise into or out of the enclave.
  - 5. The method as in claim 1, further comprising partitioning the cache by specifying a way mask for a current-executing context, the way mask indicating a subset of set-associative cache ways allocatable by the currently-executing context.
  - 6. The method as in claim 5, further comprising specifying a plurality of disjoint way masks, each of the plurality of disjoint way masks corresponding to a different context, whereby different portions of the cache are allocated to different contexts.
  - 7. The method as in claim 1, wherein the logical partitioning of the processor cache comprises:
    - setting a first way mask configured to specify the enclave partition to be used for enclave entry; and
      
      setting a second way mask configured to specify the main partition to be used for enclave exit;
      
      whereby the first and second way masks cause, when cache conflicts occur caused by accessing lines of enclave memory, eviction of only other lines also associated with the enclave memory, without displacing any cache lines from the main partition.

8. A non-transitory computer-readable storage medium storing instructions that, when executed by one or more processors, causing the one or more processors to:
- load a portion of a software cryptoprocessor into a processor cache; and
  
  under control of the software cryptoprocessor, logically partition the processor cache to create an enclave partition within an enclave and a main partition not within the enclave,such that loading of a cache line into the enclave partition will not result in an eviction from the main partition due to performing at least one read operation, for data, in a sequence comprising;
  
  using a first way mask to securely load the data into the enclave partition; and
  
  in response, using a second way mask to copy a version of the data from the enclave partition into the main partition not within the enclave;
  
  wherein the enclave comprises a hardware-enforced protected region of an address space of a memory and forms an extension of the address space.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-readable storage medium as in claim 8, further storing instructions defining an encryption agent to be resident in the cache, functionally between the processor and memory, wherein the encryption agent is configured to encrypt data or code that is written to memory and to decrypt data or code before it is passed from memory to the one or more processors.
  - 10. The computer-readable storage medium as in claim 8, further storing instructions that, upon execution by the one or more processors, cause the one or more processors to aggregate virtual address space regions associated with at least one of a plurality of enclaves.
  - 11. The computer-readable storage medium as in claim 10, further storing instructions that, upon execution by the one or more processors, causing the one or more processors to:
    - expose the enclave partition as a secure backing store, addressed by a block number; and
      
      use the enclave partition as the secure backing store by;
      
      translating the block number to a corresponding enclave and location within the enclave'"'"'s address space;
      
      mapping a portion of non-enclave, cache-resident physical memory into the enclave address space; and
      
      during input or output block operations, copying data block-wise into or out of the enclave.
  - 12. The computer-readable storage medium as in claim 8, wherein the logical partitioning of the cache includes specifying at least the first way mask or the second way mask for a current-executing context, and wherein the first way mask or second way mask indicates a subset of set-associative cache ways allocatable by the currently-executing context.
  - 13. The computer-readable storage medium as in claim 8, further storing instructions that, upon execution by the one or more processors, cause the one or more processors to specify a plurality of disjoint way masks, including at least the first way mask or the second way mask, each of the plurality of disjoint way masks corresponding to a different context, whereby different portions of the cache are allocated to different contexts.
  - 14. The computer-readable storage medium as in claim 8, wherein the first way mask or second way mask specifies a particular hardware register or memory location used for writing, upon a context switch.

15. A computer program product having a non-transitory computer-readable storage medium storing computer-executable code configured to:
- load a main portion of a software application into a processor cache of a processor, wherein, upon the loading, the processor is under control of the software application; and
  
  logically partition the processor cache to create an enclave partition within an enclave and a main partition not within the enclave, wherein the enclave partition serves as a backing store for the main partition such that loading of a cache line into the enclave partition will not result in an eviction from the main partition, and wherein the enclave comprises a hardware-enforced protected region of an address space of a memory and forms an extension of the address space usable for the software application.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer program product as in claim 15, wherein an encryption agent is:
    - installed to be resident in the cache,functionally between the processor and memory,configured to encrypt data or code that is written to memory, andconfigured to decrypt data or code before it is passed from memory to the processor.
  - 17. The computer program product as in claim 15, further configured to aggregate virtual address space regions associated with at least one of a plurality of enclaves.
  - 18. The computer program product as in claim 17, further configured to:
    - expose the secure backing store, addressed by a block number;
      
      translate the block number to a corresponding enclave and location within the enclave'"'"'s address space;
      
      map a portion of non-enclave, cache-resident physical memory into the enclave address space; and
      
      during input or output block operations, copy data into or out of the secure backing store.
  - 19. The computer program product as in claim 15, wherein the logical partition of the processor cache is performed, by specifying a way mask for a current-executing context, the way mask indicating a subset of set-associative cache ways allocatable by the currently-executing context.
  - 20. The computer program product as in claim 15, wherein the logical partitioning of the processor cache comprises:
    - setting a way mask configured to specify the enclave partition to be used for enclave entry and configured to specify the main partition to be used for enclave exit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Inventors
Horovitz, Oded, Weis, Stephen A., Rihan, Sahil, Waldspurger, Carl A.
Primary Examiner(s)
Leung, Robert B

Application Number

US14/504,203
Publication Number

US 20180217941A1
Time in Patent Office

1,413 Days
Field of Search
US Class Current
CPC Class Codes

G06F 12/0848   Partitioned cache, e.g. sep...

G06F 12/0871   Allocation or management of...

G06F 12/1408   by using cryptography for d...

G06F 12/1441   for a range

G06F 12/145   the protection being virtua...

G06F 21/602   Providing cryptographic fac...

G06F 21/74   operating in dual or compar...

G06F 2212/1052   Security improvement

G06F 2212/152   Virtualized environment, e....

G06F 2212/282   Partitioned cache

G06F 2212/402   Encrypted data

Method and system for using processor enclaves and cache partitioning to assist a software cryptoprocessor

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for using processor enclaves and cache partitioning to assist a software cryptoprocessor

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links