Technologies disclosed herein provide cryptographic computing with cryptographically encoded pointers in multi-tenant environments. An example method comprises executing, by a trusted runtime, first instructions to generate a first address key for a private memory region in the memory and generate a first cryptographically encoded pointer to the private memory region in the memory. Generating the first cryptographically encoded pointer includes storing first context information associated with the private memory region in first bits of the first cryptographically encoded pointer and performing a cryptographic algorithm on a slice of a first linear address of the private memory region based, at least in part, on the first address key and a first tweak, the first tweak including the first context information. The method further includes permitting a first tenant in the multi-tenant environment to access the first address key and the first cryptographically encoded pointer to the private memory region.

A serial peripheral interface (SPI) communication system includes a memory configured with a start register address and an end register address that define a register address range for a data operation; a chip select terminal configured to receive a chip select signal comprising an active and idle signal levels that define a plurality of chip select frames; a serial data input terminal configured to receive a master out, slave in (MOSI) signal, wherein the MOSI signal includes configuration information received in a first chip select frame of the data operation, wherein the configuration information includes an operation command bit indicating whether the data operation is a write operation or a read out operation and an auto-incrementation control bit indicating whether automatic register address incrementation across chip select frames is enabled or disabled; and a serial data output terminal configured to transmit a master in, slave out (MISO) signal.

A processing device is configured to process an initial set of command types. A command extension module and a digital signature are received. The digital signature is generated based on the command extension module using a private key of a key pair. The command extension module, once installed by the processing device, enables the processing device to process a new command type that is not included in the initial set of command types. The digital signature is verified using a public key of the key pair. Based on a successful verification of the digital signature, the command extension module is temporarily installed by loading the command extension module in a volatile memory device.

Briefly, an encryption/decryption algorithm providing for consistent encryption entropy and encryption/decryption performance that is independent of the type of input data.

A parallel processing apparatus includes: a first node including a storage unit that stores a program, the first node being activated when the program loaded from the storage unit is executed; a second node activated when the program loaded from the storage unit of the first node is executed; and a control unit configured to execute a setting process for setting a state where the program may be loaded to each of the first node and the second node, wherein the control unit starts the setting process on the second node after a predetermined time elapses since start of the setting process on the first node, and wherein the predetermined time is a time at which an activation completion timing of the first node is aligned with a completion timing of the setting process on the second node.

Systems, apparatuses, and methods for efficient parallel execution of multiple work units in a processor by reducing a number of memory accesses are disclosed. A computing system includes a processor core with a parallel data architecture. The processor core executes a software application with matrix operations. The processor core supports the broadcast of shared data to multiple compute units of the processor core. A compiler or other code assigns thread groups to compute units based on detecting shared data among the compute units. Rather than send multiple read accesses to a memory subsystem for the shared data, the processor core generates a single access request. The single access request includes information to identify the multiple compute units for receiving the shared data when broadcasted by the processor core.

Aspects of the present disclosure relate an apparatus comprising fetch circuitry and instruction storage circuitry. The fetch circuitry is to fetch instructions for execution by execution circuitry. The instruction storage circuitry is to store temporary copies of fetched instructions. The fetch circuitry is configured to preferentially fetch instructions from the instruction storage circuitry. The instruction storage circuitry is configured to, responsive to a storage condition being met, begin storing copies of consecutive fetched instructions, the storage condition indicating a utility of a current fetched instruction; and to, responsive to determining that a number of said stored consecutive instructions has reached a storage threshold, cease storing copies of subsequent fetched instructions.

An apparatus has processing circuitry, an instruction decoder, and capability registers, each capability register to store a capability comprising a pointer and constraint metadata for constraining valid use of the pointer/capability. In response to a capability-generating address calculating instruction specifying an offset value, a reference capability register is selected as one of a program counter capability register and a further capability register. A result capability is generated for which the pointer of the result capability indicates a window address identifying a selected window within an address space, the selected window being offset from a reference window by a number of windows determined based on the offset value of the capability-generating address calculating instruction. The reference window comprises the window comprising an address indicated by the pointer of the reference capability register.

A circuit enabling device includes a processor configured to, when multiple predetermined setting values are written in a register in predetermined order, enable a module corresponding to the multiple predetermined setting values and the predetermined order, the multiple predetermined setting values being determined in advance for each of a multiple modules, the register being used to enable the multiple modules individually, the multiple modules being included in a user-specific circuit, the user-specific circuit including a general-purpose circuit and a user circuit, the user circuit including the multiple modules.

A processing device is configured to process an initial set of command types. A command extension module and a digital signature are received. The digital signature is generated based on the command extension module using a private key of a key pair. The command extension module, once installed by the processing device, enables the processing device to process a new command type that is not included in the initial set of command types. The digital signature is verified using a public key of the key pair. Based on a successful verification of the digital signature, the command extension module is temporarily installed by loading the command extension module in a volatile memory device.