Obscuring memory access patterns in conjunction with deadlock detection or avoidance
First Claim
1. A computer-implemented method comprising:
- loading data into locations of a memory and executing one or more monitor instruction for the locations;
determining that the data at a target location of the locations must be accessed for a cryptographic calculation;
determining, in response to the determination that the data at the target location must be accessed, whether the data at one or more of the locations has been evicted by access of another thread;
reading the data from the memory responsive to a determination that the data at the one or more of the locations has been evicted by an access of another thread; and
performing a cryptographic calculation with the data at the target location;
wherein determining whether the data at the one or more of the locations has been evicted further comprises polling of a status bit to determine whether the data at any of the locations has been evicted by the access of the other thread.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, apparatus and systems for memory access obscuration are provided. A first embodiment provides memory access obscuration in conjunction with deadlock avoidance. Such embodiment utilizes processor features including an instruction to enable monitoring of specified cache lines and an instruction that sets a status bit responsive to any foreign access (e.g., write or eviction due to a read) to the specified lines. A second embodiment provides memory access obscuration in conjunction with deadlock detection. Such embodiment utilizes the monitoring feature, as well as handler registration. A user-level handler may be asynchronously invoked responsive to a foreign write to any of the specified lines. Invocation of the handler more frequently than expected indicates that a deadlock may have been encountered. In such case, a deadlock policy may be enforced. Other embodiments are also described and claimed.
19 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
loading data into locations of a memory and executing one or more monitor instruction for the locations; determining that the data at a target location of the locations must be accessed for a cryptographic calculation; determining, in response to the determination that the data at the target location must be accessed, whether the data at one or more of the locations has been evicted by access of another thread; reading the data from the memory responsive to a determination that the data at the one or more of the locations has been evicted by an access of another thread; and performing a cryptographic calculation with the data at the target location; wherein determining whether the data at the one or more of the locations has been evicted further comprises polling of a status bit to determine whether the data at any of the locations has been evicted by the access of the other thread. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An article comprising:
-
a non-transitory tangible storage medium having a plurality of machine accessible instructions; wherein, when the instructions are executed by a processor, the instructions provide for; loading data into specified locations of a memory and executing one or more monitor instruction for the specified locations; determining whether the data at any of the specified locations has been evicted by an access of another thread by polling a status bit; reading the data from all of the specified locations of the memory responsive to determining that the data at one or more of the specified locations has been evicted by the access of the other thread; and reading the data from only a portion of interest of the specified locations of the memory responsive to determining that none of the data at the specified locations has been evicted. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system, comprising:
-
a memory resource coupled to a first thread unit and a second thread unit; the first thread unit including in its instruction set architecture one or more instructions to monitor specified locations of the memory resource; wherein the instruction set architecture of the first thread unit further includes an instruction to set a status bit responsive to an access, by the second thread unit, to any of the specified locations; and wherein the memory resource is further to store code that includes instructions for the first thread unit (i) to read all of the specified locations in response to a first value of the status bit indicating that one of the specified locations has been accessed and (ii) to read only a portion of interest of the specified locations in response to a second value of the status bit indicating that none of the specified locations has been accessed. - View Dependent Claims (18, 19, 20)
-
Specification