The disclosed computer-implemented method may include (1) receiving, from an external host processor via a cache-coherent interconnect, a request to access a host address of a coherent memory space of the external host processor, (2) when the request is to read data from the host address, (a) performing an in-line transformation on the data to generate second data and (b) writing the second data to the physical address of the device-attached physical memory mapped to the host address, and (3) when the request is to read data from the host address, (a) reading the data from the physical address of the device-attached physical memory mapped to the host address, (b) performing a reversing in-line transformation on the data to generate second data, and (c) returning the second data to the external host processor via the cache-coherent interconnect. Various other methods, systems, and computer-readable media are also disclosed.

Aspects of a storage device are provided that allow a controller to leverage cache to minimize occurrence of HMB address overlaps between different HMB requests. The storage device may include a cache and a controller coupled to the cache. The controller may store in the cache, in response to a HMB read request, first data from a HMB at a first HMB address. The controller may also store in the cache, in response to an HMB write request, second data from the HMB at a second HMB address. The controller may refrain from processing subsequent HMB requests in response to an overlap of the first HMB address with an address range including the second HMB address, and the controller may resume processing the subsequent HMB requests after the first data is stored. As a result, turnaround time delays for HMB requests may be reduced and performance may be improved.

Technologies disclosed herein provide cryptographic computing. An example processor includes a core to execute an instruction, where the core includes a register to store a pointer to a memory location and a tag associated with the pointer. The tag indicates whether the pointer is at least partially immutable. The core also includes circuitry to access the pointer and the tag associated with the pointer, determine whether the tag indicates that the pointer is at least partially immutable. The circuitry is further, based on a determination that the tag indicates the pointer is at least partially immutable, to obtain a memory address of the memory location based on the pointer, use the memory address to access encrypted data at the memory location, and decrypt the encrypted data based on a key and a tweak, where the tweak including one or more bits based, at least in part, on the pointer.

Encryption of a BIOS using a programmable logic device (PLD) is described. A PLD may include a static random-access memory area including programmable logic in a Lookup Table to receive a request to authenticate a basic input/output system (BIOS) executing on a processor coupled to the PLD. The PLD may calculate a hash value of a message associated with the BIOS using a Secure Hash Algorithm (SHA). The PLD may also include a random-access memory area including a first embedded random access memory block (EBR) to store a first portion of a 256-bit message digest associated with the message, a fifth portion of the 256-bit message digest, and second, third, fourth, sixth, seventh, and eighth EBRs to store second, third, fourth, sixth, seventh, and eighth portions of the 256-bit message digest, respectively.

In one example in accordance with the present disclosure, a method may include retrieving, at a memory management unit (MMU), encrypted data from a memory via direct memory access and determining, at the MMU, a peripheral that is the intended recipient of the encrypted data. The method may also include accessing an application key used for transmission between an application and the peripheral, wherein the application key originates from the application and decrypting, at the MMU, the encrypted data using the application key and transmitting the decrypted data to the peripheral.

Encrypted memory access using page table attributes is disclosed. One example is a memory system including a memory controller at a memory interface. The memory controller includes an encryptor to control a plurality of memory access keys respectively associated with memory regions, where each memory region is allocated to a respective client, and an access manager to receive an access request from a client, the access request including a client access key to access a memory element. The access manager looks up a memory access key from a page table attribute associated with a physical address of the memory element, and determines if the access request is valid by comparing the client access key with the memory access key associated with the memory region that includes the memory element. Based on the determination and a mode of operation, the access manager provides a response to the access request.

Embodiments are generally directed apparatuses, methods, techniques and so forth to select two or more processing units of the plurality of processing units to process a workload, and configure a circuit switch to link the two or more processing units to process the workload, the two or more processing units each linked to each other via paths of communication and the circuit switch.

A replaceable item for a host device includes a non-volatile memory and logic. The non-volatile memory stores passwords or authentication values, and/or a cryptographic key. The logic permits retrieval of a predetermined maximum number of the passwords from the non-volatile memory to authenticate the replaceable item within the host device. The predetermined maximum number of the passwords is less than the total number of the passwords.

In a system executing a program, a method comprises detecting one or more input/output calls associated with the program and re-randomizing memory associated with the program in response to the one or more input/output calls. A related system is also described.

Techniques and logic are presented for encrypting and decrypting applications and related data within a multi-processor system to prevent tampering. The decryption and encryption may be performed either between a system bus and a processor's individual L1 cache memory or between a processor's instruction and execution unit and their respective L1 caches. The logic may include one or more linear feedback shift registers (LFSRs) that may be used for generation of unique sequential address related codes to perform the decryption of instructions and transformation logic that may be used for generation of equivalent offset address related codes to perform decryption and encryption of data. The logic may also be programmable and may be used for test purposes.