In one embodiment, an encoded pointer is constructed from a stack pointer that includes offset. The encoded pointer includes the offset value and ciphertext that is based on encrypting a portion of a decorated pointer that includes a maximum offset value. Stack data is encrypted based on the encoded pointer, and the encoded pointer is stored in a stack pointer register of a processor. To access memory, a decoded pointer is constructed based on decrypting the ciphertext of the encoded pointer and the offset value. Encrypted stack data is accessed based on the decoded pointer, and the encrypted stack is decrypted based on the encoded pointer.

An apparatus has tag checking circuitry responsive to a target address to: identify a guard tag stored in a memory system in association with a block of one or more memory locations, the block containing a target memory location identified by the target address, perform a tag check based on the guard tag and an address tag associated with the target address, and in response to detecting a mismatch in the tag check, perform an error response action. The apparatus also has tag mapping storage circuitry to store mapping information indicative of a mapping between guard tag values and corresponding address tag values. The tag checking circuitry remaps at least one of the guard tag and the address tag based on the mapping information stored by the tag mapping storage circuitry to generate a remapped tag for use in the tag check.

A method for operating a computing device for a control unit of a motor vehicle. The computing device including a processor core, and is configured to control an exchange of data between a connectivity zone and a security zone. The security zone includes at least one component which is necessary to drive the vehicle and has an elevated relevance with regard to safety. The connectivity zone including at least one component whose operation requires communication outside of the vehicle but is not required to drive the vehicle and does not have an elevated relevance with regard to safety. At least one first program executable by the computing device is assigned to a non-trustworthy zone, and at least one further program is assigned to a trustworthy zone. The component of the connectivity zone is assigned to the non-trustworthy zone, and the component of the security zone being assigned to the trustworthy zone.

A memory module includes a device memory configured to store data and including a first memory area and a second memory area, and a controller including an accelerator circuit. The controller is configured to control the device memory, transmit a command to exclude the first memory area from the system memory map to a host processor in response to a mode change request, and modify a memory configuration register to exclude the first memory area from the memory configuration register. The accelerator circuit is configured to use the first memory area to perform an acceleration operation.

In examples there is a computing device comprising a processor, the processor having a memory management unit. The computing device also has a memory that stores instructions that, when executed by the processor, cause the memory management unit to receive a memory access instruction comprising a virtual memory address; translate the virtual memory address to a physical memory address of the memory, and obtain permission information associated with the physical memory address. Responsive to the permission information indicating that metadata is permitted to be associated with the physical memory address, a check is made of a metadata summary table stored in the physical memory to check whether metadata is compatible with the physical memory address. Responsive to the check being unsuccessful, a trap is sent to system software of the computing device in order to trigger dynamic allocation of physical memory for storing metadata associated with the physical memory address.

Disclosed embodiments relate to encoded inline capabilities. In one example, a system includes a trusted execution environment (TEE) to partition an address space within a memory into a plurality of compartments each associated with code to execute a function, the TEE further to assign a message object in a heap to each compartment, receive a request from a first compartment to send a message block to a specified destination compartment, respond to the request by authenticating the request, generating a corresponding encoded capability, conveying the encoded capability to the destination compartment, and scheduling the destination compartment to respond to the request, and subsequently, respond to a check capability request from the destination compartment by checking the encoded capability and, when the check passes, providing a memory address to access the message block, and, otherwise, generating a fault, wherein each compartment is isolated from other compartments.

Systems, apparatuses, and methods related to a computer system having a page table entry containing security settings for calls from predefined domains are described. The page table entry can be used to map a virtual memory address to a physical memory address. In response to a call to execute a routine identified using the virtual memory address, a security setting corresponding to the execution domain from which the call initiates can be extracted from the page table entry to determine whether a security measure is to be used. For example, a shadow stack structure can be used to protect the private stack content of the routine from being access by a caller and/or to protect the private stack content of the caller from being access by the callee.

Apparatuses for address expansion and methods of address expansion are disclosed. Memory region definitions are stored, each comprising attribute data relevant to a respective memory region. In response to reception of a first address a region identifier indicative of a memory region to which the first address belongs is provided. Cache storage stores data in association with an address tag and in response to a cache miss a data retrieval request is generated. Address expansion circuitry is responsive to the data retrieval request to initiate a lookup for attribute data relevant to the memory region to which the first address belongs. The address expansion circuitry expands the first address in dependence on a base address forming part of the attribute data to generate an expanded second address, wherein the expanded second address is part of greater address space than the first address.

Provided is a method for executing a security related process comprising at least a first operation and a subsequent programming operation of a memory area in a first memory row of a first memory of a system and using as input security data stored in said second memory of said system, wherein said first memory is a non-volatile memory and said system comprises a first memory charge pump. The method comprises, when the execution of said security related process is triggered: opening (S2) the first memory row, charging (S3) said first memory charge pump, performing (S4) said first operations of the security related process, based on said security data from the second memory, and performing (S5) said programming operation of said memory area in said opened first memory row using said charged charge pump.

An example memory subsystem includes a memory component and a processing device, operatively coupled to the memory component. The processing device is configured to receive a plurality of logical-to-physical (L2P) records, wherein an L2P record of the plurality of L2P records maps a logical block address to a physical address of a memory block on the memory component; determine a sequential assist value specifying a number of logical block addresses that are mapped to consecutive physical addresses sequentially following the physical address specified by the L2P record; generate a security token encoding the sequential assist value; and associate the security token with the L2P record.