Embodiments of methods and apparatuses for defending against speculative side-channel analysis on a computer system are disclosed. In an embodiment, a processor includes a decoder, a cache, address translation circuitry, a cache controller, and a memory controller. The decoder is to decode an instruction. The instruction is to specify a first address associated with a data object, the first address having a first memory tag. The address translation circuitry is to translate the first address to a second address, the second address to identify a memory location of the data object. The comparator is to compare the first memory tag and a second memory tag associated with the second address. The cache controller is to detect a cache miss associated with the memory location. The memory controller is to, in response to the comparator detecting a match between the first memory tag and the second memory tag and the cache controller detecting the cache miss, load the data object from the memory location into the cache. Other embodiments include encryption of memory tags together with addresses.

A data processing system includes support for sub-page granular memory tags. The data processing system comprises at least one core, a memory controller responsive to the core, random access memory (RAM) responsive to the memory controller, and a memory protection module in the memory controller. The memory protection module enables the memory controller to use a memory tag value supplied as part of a memory address to protect data stored at a location that is based on a location value supplied as another part of the memory address. The data processing system also comprises an operating system (OS) which, when executed in the data processing system, manages swapping a page of data out of the RAM to non-volatile storage (NVS) by using a memory tag map (MTM) to apply memory tags to respective subpages within the page being swapped out. Other embodiments are described and claimed.

Embodiments for defending against speculative side-channel analysis on a computer system are disclosed. In embodiments, a processor includes a decoder, a cache, address translation circuitry, a cache controller, and a memory controller. The decoder decodes an instruction. The instruction specifies a first address associated with a data object, the first address having a first memory tag. The address translation circuitry translates the first address to a second address, the second address to identify a memory location of the data object. The comparator compares the first memory tag and a second memory tag associated with the second address. The cache controller detects a cache miss associated with the memory location. The memory controller, in response to the comparator detecting a match between the first memory tag and the second memory tag and the cache controller detecting the cache miss, loads the data object from the memory location into the cache.

There is provided a data processing apparatus and method of data processing. The data processing apparatus comprises storage circuitry to store a hierarchy of page tables comprising an intermediate level page table. Each entry of the intermediate level page table comprises base address information of a next level page table and control information indicating whether an addressing function has been applied to reorder physical storage locations of entries of the next level page table. Address translation circuitry is provided to perform address translations in response to receipt of a virtual address by performing a lookup in a next level page table dependent on the base address information and a page table index from the virtual address. When the control information indicates that the addressing function has been applied, the lookup is performed at a modified storage location generated by applying the addressing function to the page table index.

This application discloses a cache address mapping method and a related device. The method includes: obtaining a binary file, the binary file including a first hot section; obtaining alignment information of a second hot section, the second hot section is a hot section that has been loaded into a cache, and the alignment information includes a set index of a last cache set occupied by the second hot section; and performing an offset operation on the first hot section based on the alignment information. According to embodiments of the present invention, a problem of a conflict miss of a cache in an N-way set associative structure can be resolved without increasing physical hardware overheads, thereby improving a cache hit rate.

A first master receives a first virtual address in a virtual memory, the first virtual address in the virtual memory corresponding, according to a mapping function, to a first physical address of a first physical memory bank which is to be accessed by the first master. The first master accesses the first physical address to perform a first memory operation in the first memory bank. A second master receives a second virtual address in a virtual memory, the second virtual address in the virtual memory corresponding, according to the mapping function, to a second physical address of a second physical memory bank which is to be accessed by the second master. Concurrently with access by the first master to the first physical address, the second master accesses the second physical address to perform a second memory operation in the second physical memory bank.

Embodiments of methods and apparatuses for defending against speculative side-channel analysis on a computer system are disclosed. In an embodiment, a processor includes a decoder, a cache, address translation circuitry, a cache controller, and a memory controller. The decoder is to decode an instruction. The instruction is to specify a first address associated with a data object, the first address having a first memory tag. The address translation circuitry is to translate the first address to a second address, the second address to identify a memory location of the data object. The comparator is to compare the first memory tag and a second memory tag associated with the second address. The cache controller is to detect a cache miss associated with the memory location. The memory controller is to, in response to the comparator detecting a match between the first memory tag and the second memory tag and the cache controller detecting the cache miss, load the data object from the memory location into the cache. Other embodiments include encryption of memory tags together with addresses.

Disclosed are a method and a device for increasing the performance of processes through cache splitting in a computing device using a plurality of cores. According to the present invention, a cache splitting method for performing a cache splitting in a computing device comprises the steps of: identifying, among a plurality of processes being executed, a process generating a cache flooding; and controlling the process generating the cache flooding such that the process uses a cache of a limited size.

An improved architectural means to address processor cache attacks based on speculative execution defines a new memory type that is both cacheable and inaccessible by speculation. Speculative execution cannot access and expose a memory location that is speculatively inaccessible. Such mechanisms can disqualify certain sensitive data from being exposed through speculative execution. Data which must be protected at a performance cost may be specifically marked. If the processor is told where secrets are stored in memory and is forbidden from speculating on those memory locations, then the processor will ensure the process trying to access those memory locations is privileged to access those locations before reading and caching them. Such countermeasure is effective against attacks that use speculative execution to leak secrets from a processor cache.

Methods and apparatus for providing for a cache replacement policy for page caches for storage having a first memory tier having regions and virtual memory having mmaps of ones of the regions in the first memory tier. In an embodiment, the cache replacement policy includes setting a color hint to a first one of the cached pages, wherein the color hint includes a value indicating hotness of the first one of the cached pages.