Embodiments are directed to trusted local memory management in a virtualized GPU. An embodiment of an apparatus includes one or more processors including a trusted execution environment (TEE); a GPU including a trusted agent; and a memory, the memory including GPU local memory, the trusted agent to ensure proper allocation/deallocation of the local memory and verify translations between graphics physical addresses (PAs) and PAs for the apparatus, wherein the local memory is partitioned into protection regions including a protected region and an unprotected region, and wherein the protected region to store a memory permission table maintained by the trusted agent, the memory permission table to include any virtual function assigned to a trusted domain, a per process graphics translation table to translate between graphics virtual address (VA) to graphics guest PA (GPA), and a local memory translation table to translate between graphics GPAs and PAs for the local memory.

A cache and memory coherent system includes multiple processing chips each hosting a different subset of a shared memory space and one or more routing tables defining access routes between logical addresses of the shared memory space and endpoints that each correspond to a select one of the multiple processing chips. The system further includes a coherent mesh fabric that physically couples together each pair of the multiple processing chips, the coherent mesh fabric being configured to execute routing logic for updating the one or more routing tables responsive to identification of a first processing chip of the multiple processing chips hosting a defective hardware component, the update to the routing tables being effective to remove all access routes having endpoints corresponding to the first processing chip.

A throttling engine throttles access to a high latency hybrid memory. A request is received for partition mapping of a virtual address for an R/W memory page. An entry is added to a partition page table that maps a virtual address to a physical address and comprises access information that is R/W. A throttled flag is set in an entry of a partition page extension table. The throttle entry corresponds to the entry. The access information is saved in an original access part of the partition page extension table, and the access information is replaced with an R value. Upon application fault receipt, a throttling test is performed on an address of the application fault. If the throttling test is false, the fault is passed through to an operating system fault handler and the throttling fault stage is ended, otherwise, a delay is implemented for slowing access to the memory.

Embodiments are directed to providing a secure address translation service. An embodiment of a system includes a memory device to store memory data in a plurality of physical pages shared by a plurality of devices, a first table to map each page of memory to an associated bundle identifier (ID) that identifies one or more devices having access to a page of memory, a second table to map each bundle ID to page access permissions that define access to one or more pages associated with a bundle ID and a translation agent to receive requests from the plurality of devices to perform memory operations on the memory and determine page access permissions for requests received from the plurality of devices using the first table and the second table.

Operating system deactivation of write protection for a storage block is provided absent quiescing of processors in a multi-processor computing environment. The process includes receiving an address translation protection exception interrupt resulting from an attempted write access by a processor to a storage block, and determining by the operating system whether write protection for the storage block is active. Based on write protection for the storage block not being active, the operating system issues an instruction to clear or modify translation lookaside buffer entries of the processor associated with the storage block, absent waiting for an action by another processor of multiple processors of the computing environment, to facilitate write access to the storage block proceeding at the processor.

Aspects of managing Translation Lookaside Buffer (TLB) units are described herein. The aspects may include a memory management unit (MMU) that includes one or more TLB units and a control unit. The control unit may be configured to identify one from the one or more TLB units based on a stream identification (ID) included in a received virtual address and, further, to identify a frame number in the identified TLB unit. A physical address may be generated by the control unit based on the frame number and an offset included in the virtual address.

A virtualized system is provided. The virtualized system includes: a memory device; a processor configured to provide a virtualization environment; a direct memory access device configured to perform a function of direct memory access to the memory device; and a memory management circuit configured to manage a core access of the processor to the memory device and a direct access of the direct memory access device to the memory device. The processor is further configured to provide: a plurality of guest operating systems that run independently from each other on a plurality of virtual machines of the virtualization environment; and a hypervisor configured to control the plurality of virtual machines in the virtualization environment and control the memory management circuit to block the direct access when a target guest operating system controlling the direct memory access device, among the plurality of guest operating systems is rebooted.

Operating system deactivation of write protection for a storage block is provided absent quiescing of processors in a multi-processor computing environment. The process includes receiving an address translation protection exception interrupt resulting from an attempted write access by a processor to a storage block, and determining by the operating system whether write protection for the storage block is active. Based on write protection for the storage block not being active, the operating system issues an instruction to clear or modify translation lookaside buffer entries of the processor associated with the storage block, absent waiting for an action by another processor of multiple processors of the computing environment, to facilitate write access to the storage block proceeding at the processor.

A guest operating system (OS) of a virtual machine (VM) receives a first request from an application to enable memory deduplication for a memory page associated with the application, identifies a mergeable memory range for memory space of the guest OS, where the mergeable memory rage is associated with guest OS memory pages to be deduplicated, and maps, in a page table of the guest OS, a page table entry for the memory page to a memory address within the mergeable memory range. The guest OS causes a hypervisor to enable deduplication for the memory page responsive to detecting an access of the memory page by the application.

Methods and systems are provided for performing lossy dropping and ECN marking in a flow-based network. The system can maintain state information of individual packet flows, which can be set up or released dynamically based on injected data. Each flow can be provided with a flow-specific input queue upon arriving at a switch. Packets of a respective flow are acknowledged after reaching the egress point of the network, and the acknowledgement packets are sent back to the ingress point of the flow along the same data path. As a result, each switch can obtain state information of each flow and perform per-flow packet dropping and ECN marking.