Each PIPT L2 cache entry is uniquely identified by a set index and a way and holds a generational identifier (GENID). The L2 detects a miss of a physical memory line address (PMLA). An L2 set index is obtained from the PMLA. The L2 picks a way for replacement, increments the GENID held in the entry in the picked way of the selected set, and forms a physical address proxy (PAP) for the PMLA with the obtained set index and the picked way. The PAP uniquely identifies the picked L2 entry. The L2 forms a generational PAP (GPAP) for the PMLA with the PAP and the incremented GENID. A load/store unit makes available the GPAP as a proxy of the PMLA for comparisons with GPAPs of other PMLAs, rather than making comparisons of the PMLA itself with the other PMLAs, to determine whether the PMLA matches the other PMLAs.

A cache memory subsystem includes virtually-indexed L1 and PIPT L2 set-associative caches having an inclusive allocation policy such that: when a first copy of a memory line specified by a physical memory line address (PMLA) is allocated into an L1 entry, a second copy of the line is also allocated into an L2 entry; when the second copy is evicted, the first copy is also evicted. For each value of the PMLA, the second copy can be allocated into only one L2 set, and an associated physical address proxy (PAP) for the PMLA includes a set index and way number that uniquely identifies the entry. For each value of the PMLA there exist two or more different L1 sets into which the first copy can be allocated, and when the L2 evicts the second copy, the L1 uses the PAP of the PMLA to evict the first copy.

A L2 cache is set associative, has N ways, and is inclusive of a virtual L1 cache such that when the virtual address misses in the L1: a portion of the virtual address is translated into a physical memory line address (PMLA), the PMLA is allocated into an L2 entry, and a physical address proxy (PAP) for the PMLA is allocated into an L1 entry. The PAP for the PMLA includes a set and a way that uniquely identify the L2 entry. The L2 receives a physical memory line address for allocation, uses a set index portion of the PMLA, and for each L2 way, forms a PAP corresponding to the way. The L1, for each PAP, generates a corresponding indicator of whether the PAP is L1 resident. The L2 selects, for replacement, a way whose indicator indicates the PAP is not resident in the L1.

A microprocessor includes a physically-indexed physically-tagged second-level set-associative cache. A set index and a way uniquely identifies each entry. A load/store unit, during store/load instruction execution: detects that a first and second portions of store/load data are to be written/read to/from different first and second lines of memory specified by first and second store physical memory line addresses, writes to a store/load queue entry first and second store physical address proxies (PAPs) for first and second store physical memory line addresses (and all the store data in store execution case). The first and second store PAPs comprise respective set indexes and ways that uniquely identifies respective entries of the second-level cache that holds respective copies of the respective first and second lines of memory. The entries of the store queue are absent storage for holding the first and second store physical memory line addresses.

A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

There is provided an apparatus for receiving a request from a master to access an input address. Coarse grain access circuitry stores and provides a reference to an area of an output address space in dependence on the input address. One or more fine grain access circuits, each store and provide a reference to a sub-area in the area of the output address space in dependence on the input address. The apparatus forwards the request from the coarse grain access circuitry to one of the one fine grain access circuits in dependence on the input address.

An apparatus and method for efficient process-based compartmentalization. For example, one embodiment of a processor comprises: execution circuitry to execute instructions and process data; memory management circuitry coupled to the execution circuitry, the memory management circuitry to manage access to a system memory by a plurality of related processes using one or more process-specific translation structures and one or more shared translation structures to be shared by the related processes; and one or more control registers to store a process-specific base address pointer associated with a first process of the plurality of related processes and to store a shared base address pointer to identify the shared translation structures; wherein the memory management circuitry is to use the process-specific base address pointer in combination with a first linear address provided by the first process to walk the process-specific translation structures to identify any permissions and/or physical address associated with the first linear address, wherein if permissions are identified, the memory management circuitry is to use the permissions in place of any permissions specified in the shared translation structures.

Systems, methods, and circuitries are disclosed for a per-process memory encryption system. At least one translation lookaside buffer (TLB) is configured to encode key identifiers for keys in one or more bits of either the virtual memory address or the physical address. The process state memory configured to store a first process key table for a first process that maps key identifiers to unique keys and a second process key table that maps the key identifiers to different unique keys. The active process key table memory configured to store an active key table. In response to a request for data corresponding to a virtual memory address, the at least one TLB is configured to provide a key identifier for the data to the active process key table to cause the active process key table to return the unique key mapped to the key identifier.

Systems, methods, and circuitries are disclosed for a per-process memory encryption system. At least one translation lookaside buffer (TLB) is configured to encode key identifiers for keys in one or more bits of either the virtual memory address or the physical address. The process state memory configured to store a first process key table for a first process that maps key identifiers to unique keys and a second process key table that maps the key identifiers to different unique keys. The active process key table memory configured to store an active key table. In response to a request for data corresponding to a virtual memory address, the at least one TLB is configured to provide a key identifier for the data to the active process key table to cause the active process key table to return the unique key mapped to the key identifier.