User mode heap swapping
First Claim
1. A computing apparatus, comprising:
- a processor to provide a trusted execution instruction set;
a memory having an enclave portion, wherein the enclave is accessible only via the trusted execution instruction set;
a swap file; and
one or more logic elements comprising a memory management engine operable to;
allocate a buffer within the enclave;
receive a scope directive to indicate that the buffer is in scope; and
protect the buffer from swapping to the swap file while the buffer is in scope.
10 Assignments
0 Petitions
Accused Products
Abstract
In an example, there is disclosed a computing apparatus, including a processor, including a trusted execution instruction set; a memory having an enclave portion, wherein the enclave is accessible only via the trusted execution instruction set; a swap file; and a memory management engine operable to: allocate a buffer within the enclave; receive a scope directive to indicate that the buffer is in scope; and protect the buffer from swapping to the swap file while the buffer is in scope. There is further disclosed an method of providing a memory management engine, and one or more computer-readable storage mediums having stored thereon executable instructions for providing the memory management engine.
14 Citations
25 Claims
-
1. A computing apparatus, comprising:
-
a processor to provide a trusted execution instruction set; a memory having an enclave portion, wherein the enclave is accessible only via the trusted execution instruction set; a swap file; and one or more logic elements comprising a memory management engine operable to; allocate a buffer within the enclave; receive a scope directive to indicate that the buffer is in scope; and protect the buffer from swapping to the swap file while the buffer is in scope. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. One or more tangible, non-transitory computer-readable storage mediums having stored thereon executable instructions for providing a memory management engine for a memory enclave accessible only via a trusted execution instruction set, the memory management engine operable to:
-
allocate a buffer within the enclave; receive a scope directive to indicate that the buffer is in scope; and
protect the buffer from swapping to a swap file while the buffer is in scope. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A method of providing a memory management engine for a memory enclave accessible only via a trusted execution instruction set, comprising:
-
allocating a buffer within the enclave; receiving a scope directive to indicate that the buffer is in scope; and protecting the buffer from swapping to a swap file while the buffer is in scope. - View Dependent Claims (25)
-
Specification