Remote-key based memory buffer access control mechanism

US 9,372,813 B2
Filed: 03/15/2013
Issued: 06/21/2016
Est. Priority Date: 10/02/2012
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a local node comprising a local memory and at least one coprocessor coupled with the local memory, each coprocessor comprising a register;

a plurality of base secrets, wherein each of the plurality of base secrets is associated with a base secret index, wherein each register is configured to store the plurality of base secrets based on the base secret index;

at least one primary processor configured to execute software instructions that cause the at least one primary processor to change a selected base secret in the registers based on a selected base secret index associated with the selected base secret;

wherein a selected coprocessor selected from the at least one coprocessor is configured to;

receive a first remote key comprising a first base secret index and first validation data generated based on a first base secret, wherein the first remote key is received from a first node requesting access to the local memory;

obtain a validation base secret stored in the register of the selected coprocessor based on the first base secret index;

perform hardware validation on the first validation data based on the validation base secret, wherein hardware validation fails when the base secret associated with the first base secret index has been changed in the register of the selected coprocessor;

grant the first node access to the local memory after successful hardware validation on the first validation data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method implementing revocable secure remote keys is disclosed. A plurality of indexed base secrets is stored in a register of a coprocessor of a local node coupled with a local memory. When it is determined that a selected base secret expired, the base secret stored in the register based on the base secret index is changed, thereby invalidating remote keys generated based on the expired base secret. A remote key with validation data and a base secret index is received from a node requesting access to the local memory. A validation base secret is obtained from the register based on the base secret index. The coprocessor performs hardware validation on the validation data based on the validation base secret. Hardware validation fails if the base secret associated with the base secret index has been changed in the register of the selected coprocessor.

Citations

32 Claims

1. A system comprising:
- a local node comprising a local memory and at least one coprocessor coupled with the local memory, each coprocessor comprising a register;
  
  a plurality of base secrets, wherein each of the plurality of base secrets is associated with a base secret index, wherein each register is configured to store the plurality of base secrets based on the base secret index;
  
  at least one primary processor configured to execute software instructions that cause the at least one primary processor to change a selected base secret in the registers based on a selected base secret index associated with the selected base secret;
  
  wherein a selected coprocessor selected from the at least one coprocessor is configured to;
  
  receive a first remote key comprising a first base secret index and first validation data generated based on a first base secret, wherein the first remote key is received from a first node requesting access to the local memory;
  
  obtain a validation base secret stored in the register of the selected coprocessor based on the first base secret index;
  
  perform hardware validation on the first validation data based on the validation base secret, wherein hardware validation fails when the base secret associated with the first base secret index has been changed in the register of the selected coprocessor;
  
  grant the first node access to the local memory after successful hardware validation on the first validation data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The system of claim 1, wherein the first validation data comprises a hash field generated based on the first base secret.
  - 3. The system of claim 1, wherein the selected coprocessor is further configured to:
    - generate a second remote key comprising a second base secret index and second validation data generated based on a second base secret stored in the register of the selected coprocessor based on the second base secret index;
      
      transmit the second remote key to a second node to grant the second node access to the local memory,wherein the second node is authorized to access a portion of the local memory associated with the second remote key as long as the second base secret remains unchanged.
  - 4. The system of claim 1, wherein the selected coprocessor is further configured to:
    - request access to a remote memory associated with a third node;
      
      receive a third remote key from the third node;
      
      transmit the third remote key to the third node to access the remote memory associated with the third remote node.
  - 5. The system of claim 1, wherein the first remote key is received from a software hypervisor of the first node.
  - 6. The system of claim 1, wherein at least one of the plurality of base secrets is a sliced base secret, wherein each sliced base secret is associated with a set of slices, each slice corresponding a local physical address of the local memory.
  - 7. The system of claim 6:
    - wherein the register of the selected coprocessor is further configured to store slice validation data;
      
      wherein the first base secret is a sliced based secret;
      
      wherein the first remote key further comprises a first slice index identifying a slice associated with the first base secret;
      
      wherein the hardware validation of the first remote key is further based on the first slice index and the slice validation data;
      
      wherein the software instructions further cause the at least one primary processor to modify slice validation data corresponding to a selected slice of a selected sliced base secret to indicate that remote keys associated with the selected slice of a selected sliced base secret are invalid.
  - 8. The system of claim 7, wherein the slice validation data comprises a bit array associated with each sliced base secret, wherein each bit value of each bit array corresponds to the validity of remote keys generated for an associated slice.
  - 9. The system of claim 7, wherein slice validation data associated with a given slice index and a given sliced base secret cannot be changed from invalid to valid without changing the given sliced base secret.
  - 10. The system of claim 7:
    - wherein each register of the at least one coprocessor stores the same slice validation data;
      
      wherein the software instructions further cause the at least one primary processor to update the slice validation data stored on the registers after modifying the slice validation data.
  - 11. The system of claim 1:
    - wherein the first remote key further comprises a cache indicator indicating that a command from the first node should be cached;
      
      wherein the selected coprocessor is further configured to selectively cache the command and associated data from the first node based on the cache indicator.
  - 12. The system of claim 11, wherein selectively caching the command is further based on a local decision to override the cache indicator in the first remote key.
  - 13. The system of claim 1, wherein the first remote key is received in a command block comprising an address field containing the first remote key, and wherein granting the first node access to the local memory comprises executing a command contained in the command block, wherein the command is selected from the group consisting of a copy command, a copy and signal command, a fill command, a store command, a compare and swap command, an atomic add command, an atomic OR command, and an interrupt and sync command.

14. A system comprising:
- a first node comprising a first local memory and a first plurality of coprocessors coupled with the first local memory, each of the first plurality of coprocessors comprising a register;
  
  a first plurality of base secrets associated with the first node, wherein each of the first plurality of base secrets is indexed by a first plurality of base secret indexes, wherein each register of the first plurality of coprocessors is configured to store the first plurality of base secrets based on the first plurality of base secret indexes;
  
  a second node comprising a second local memory and a second plurality of coprocessors coupled with the second local memory, each of the second plurality of coprocessors comprising a register;
  
  wherein the first node further comprises at least one primary processor configured to execute software instructions that cause the at least one primary processor to change an expired base secret in the registers of the first plurality of coprocessors based on a selected base secret index associated with the expired base secret;
  
  wherein a selected first node coprocessor selected from the first plurality of coprocessors is configured to;
  
  generate a first remote key comprising a first base secret index and validation data, wherein the validation data is generated based on a first base secret stored in the register of the selected coprocessor based on the first base secret index;
  
  transmit the first remote key to the second node to grant the second node access to the first local memory, wherein the second node is authorized to access a portion of the first local memory associated with the first remote key as long as the first base secret remains unchanged;
  
  receive the first remote key and a command requiring access to the first local memory from the second node;
  
  obtain a validation base secret stored in the register of the selected first node coprocessor based on the first base secret index;
  
  perform hardware validation of the first remote key based on the validation base secret, wherein hardware validation fails when the base secret associated with the first base secret index has been changed in the register of the selected first node coprocessor;
  
  wherein the selected first node coprocessor is configured to execute the command from the second node after successful hardware validation of the first remote key.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14, wherein the validation data comprises a hash field generated based on the first base secret.
  - 16. The system of claim 14:
    - wherein at least one of the first plurality of base secrets is a sliced base secret;
      
      wherein each sliced base secret is associated with a set of slices, each slice corresponding a local physical address of the local memory;
      
      wherein the register of the selected first node coprocessor is further configured to store slice validation data;
      
      wherein the first base secret is a sliced based secret;
      
      wherein the first remote key further comprises a first slice index identifying a slice associated with the first base secret;
      
      wherein the hardware validation of the first remote key is further based on the first slice index and the slice validation data;
      
      wherein the software instructions further cause the at least one primary processor to modify slice validation data corresponding to a selected slice of a selected sliced base secret to indicate that remote keys associated with the selected sliced of the selected base secret are invalid.
  - 17. The system of claim 16, wherein the slice validation data comprises a bit array associated with each sliced base secret, wherein each bit value of each bit array corresponds to the validity of remote keys generated for an associated slice.
  - 18. The system of claim 16, wherein slice validation data corresponding to a given slice index and a given sliced base secret cannot be changed from invalid to valid without changing the given sliced base secret.
  - 19. The system of claim 14:
    - wherein the first remote key further comprises a cache indicator indicating that the command from the second node should be cached;
      
      wherein the selected first node coprocessor is further configured to selectively cache the command and associated data from the second node based on the cache indicator.

20. A method comprising:
- storing, in each register of at least one coprocessor of a local node, a plurality of base secrets, wherein each of the plurality of base secrets is associated with a base secret index, wherein each register is configured to store the plurality of base secrets based on the base secret index;
  
  wherein the local node comprises at least one primary processor, a local memory and the at least one coprocessor, wherein each coprocessor of the at least one coprocessor is coupled with the local memory and comprises a register;
  
  performing, by a selected coprocessor selected from the at least one coprocessor;
  
  receiving a first remote key comprising a first base secret index and first validation data generated based on a first base secret, wherein the first remote key is received from a first node requesting access to the local memory;
  
  obtaining a validation base secret stored in the register of the selected coprocessor based on the first base secret index;
  
  performing hardware validation on the first validation data based on the validation base secret, wherein hardware validation fails when the base secret associated with the first base secret index has been changed in the register of the selected coprocessor;
  
  granting the first node access to the local memory after successful hardware validation on the first validation data,wherein the at least one primary processor is configured to execute software instructions that cause the at least one primary processor to perform changing a selected base secret in a register of the selected coprocessor based on a selected base secret index associated with the selected base secret;
  
  wherein the method is performed by one or more computing devices.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 21. The method of claim 20, wherein the first validation data comprises a hash field generated based on the first base secret.
  - 22. The method claim 20, further comprising the selected coprocessor performing:
    - generating a second remote key comprising a second base secret index and second validation data generated based on a second base secret stored in the register of the selected coprocessor based on the second base secret index;
      
      transmitting the second remote key to a second node to grant the second node access to the local memory,wherein the second node is authorized to access a portion of the local memory associated with the second remote key as long as the second base secret remains unchanged.
  - 23. The method of claim 20, further comprising the selected coprocessor performing:
    - requesting access to a remote memory associated with a third node;
      
      receiving a third remote key from the third node;
      
      transmitting the third remote key to the third node to access the remote memory associated with the third remote node.
  - 24. The method of claim 20, wherein the first remote key is received from a software hypervisor of the first node.
  - 25. The method of claim 20, wherein at least one of the plurality of base secrets is a sliced base secret, wherein each sliced base secret is associated with a set of slices, each slice corresponding a local physical address of the local memory.
  - 26. The method of claim 25:
    - wherein the register of the selected coprocessor is further configured to store slice validation data;
      
      wherein the first base secret is a sliced based secret;
      
      wherein the first remote key further comprises a first slice index identifying a slice associated with the first base secret;
      
      wherein the hardware validation of the first remote key is further based on the first slice index and the slice validation data;
      
      wherein the software instructions further cause the at least one primary processor to modify slice validation data corresponding to a selected slice of a selected sliced base secret to indicate that remote keys associated with the selected slice of a selected sliced base secret are invalid.
  - 27. The method of claim 26, wherein the slice validation data comprises a bit array associated with each sliced base secret, wherein each bit value of each bit array corresponds to the validity of remote keys generated for an associated slice.
  - 28. The method of claim 26, wherein slice validation data associated with a given slice index and a given sliced base secret cannot be changed from invalid to valid without changing the given sliced base secret.
  - 29. The method of claim 26:
    - wherein each register of the at least one coprocessor stores the same slice validation data;
      
      wherein the software instructions further cause the at least one primary processor to update the slice validation data stored on the registers after modifying the slice validation data.
  - 30. The method of claim 20:
    - wherein the first remote key further comprises a cache indicator indicating that a command from the first node should be cached;
      
      wherein the selected coprocessor is further configured to selectively cache the command and associated data from the first node based on the cache indicator.
  - 31. The method of claim 30, wherein selectively caching the command is further based on a local decision to override the cache indicator in the first remote key.
  - 32. The method of claim 20, wherein the first remote key is received in a command block comprising an address field containing the first remote key, and wherein granting the first node access to the local memory comprises executing a command contained in the command block, wherein the command is selected from the group consisting of a copy command, a copy and signal command, a fill command, a store command, a compare and swap command, an atomic add command, an atomic OR command, and an interrupt and sync command.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Aingaran, Aings, Kapil, Sanjiv, Swart, Garret F., Bridge, William H. Jr., Jairath, Sumti, Johnson, John G.
Primary Examiner(s)
Mackall, Larry

Application Number

US13/839,525
Publication Number

US 20140095805A1
Time in Patent Office

1,194 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 12/0804   with main memory updating G...

G06F 12/082   Associative directories G06...

G06F 12/12   Replacement control

G06F 12/1408   by using cryptography for d...

G06F 12/1475   in a virtual system, e.g. w...

G06F 13/102   where the programme perform...

G06F 13/362   with centralised access con...

G06F 13/4068   Electrical coupling

G06F 15/17331   Distributed shared memory [...

G06F 15/7889   Reconfigurable logic implem...

G06F 16/2237   Vectors, bitmaps or matrices

G06F 16/2453   Query optimisation

G06F 16/24553   of query operations

G06F 16/24558   Binary matching operations

G06F 16/2456   Join operations

G06F 16/24561   Intermediate data storage t...

G06F 16/24569   Query processing with adapt...

G06F 16/273   Asynchronous replication or...

G06F 16/284   Relational databases

G06F 16/9535   Search customisation based ...

G06F 21/6209 : to a single file or object,...

G06F 9/30065 : Loop control instructions; ...

G06F 9/381 : Loop buffering

G06F 9/3851 : from multiple instruction s...

G06F 9/3867 : using instruction pipelines

G06F 9/546 : Message passing systems or ...

H04L 69/14 : Multichannel or multilink p...

Y02D 10/00 : Energy efficient computing,...

View All

Remote-key based memory buffer access control mechanism

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Remote-key based memory buffer access control mechanism

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links