Abstract: Embodiments of processors, methods, and systems for a processor core supporting processor identification instruction spoofing are described. In an embodiment, a processor includes an instruction decoder and processor identification instruction spoofing logic. The processor identification spoofing logic is to respond to a processor identification instruction by reporting processor identification information from a processor identification spoofing data structure. The processor identification spoofing data structure is to include processor identification information of one or more other processors.

Abstract: Implementations described provide hardware support for the co-existence of restricted and non-restricted encryption keys on a computing system. Such hardware support may comprise a processor having a core, a hardware register to store a bit range to identify a number of bits, of physical memory addresses, that define key identifiers (IDs) and a partition key ID identifying a boundary between non-restricted and restricted key IDs. The core may allocate at least one of the non-restricted key IDs to a software program, such as a hypervisor. The core may further allocate a restricted key ID to a trust domain whose trust computing base does not comprise the software program. A memory controller coupled to the core may allocate a physical page of a memory to the trust domain, wherein data of the physical page of the memory is to be encrypted with an encryption key associated with the restricted key ID.

Abstract: Techniques for controlling bandwidth in a core are described. An exemplary core includes a memory bandwidth monitor per thread local to the core, each thread's local bandwidth monitor to at least allocate bandwidth for memory requests originating from the thread according to a class of service level stored in a field of quality of service (QoS) model-specific register (MSR), the class of service level pointed to by a class of service field in a platform quality of service MSR; and execution resources to support execution of at least one thread of the core.

Abstract: Techniques for flexible return and event delivery are described. As an example, an exemplary apparatus includes decoder circuitry to decode a single instruction, the single instruction to include a field for an opcode; and execution circuitry to execute the decoded single instruction according to the opcode to cause a return from an event handler while staying in a most privileged level and establish a return context that was in effect before event delivery.

Abstract: This disclosure is directed to a system for address mapping and translation protection. In one embodiment, processing circuitry may include a virtual machine manager (VMM) to control specific guest linear address (GLA) translations. Control may be implemented in a performance sensitive and secure manner, and may be capable of improving performance for critical linear address page walks over legacy operation by removing some or all of the cost of page walking extended page tables (EPTs) for critical mappings. Alone or in combination with the above, certain portions of a page table structure may be selectively made immutable by a VMM or early boot process using a sub-page policy (SPP). For example, SPP may enable non-volatile kernel and/or user space code and data virtual-to-physical memory mappings to be made immutable (e.g., non-writable) while allowing for modifications to non-protected portions of the OS paging structures and particularly the user space.

Abstract: Technologies for secure device configuration and management include a computing device having an I/O device. A trusted agent of the computing device is trusted by a virtual machine monitor of the computing device. The trusted agent securely commands the I/O device to enter a trusted I/O mode, securely commands the I/O device to set a global lock on configuration registers, receives configuration data from the I/O device, and provides the configuration data to a trusted execution environment. In the trusted I/O mode, the I/O device rejects a configuration command if a configuration register associated with the configuration command is locked and the configuration command is not received from the trusted agent. The trusted agent may provide attestation information to the trusted execution environment. The trusted execution environment may verify the configuration data and the attestation information. Other embodiments are described and claimed.

Abstract: There is disclosed a microprocessor, including: a processing core; and a total memory encryption (TME) engine to provide TME for a first trust domain (TD), and further to: allocate a block of physical memory to the first TD and a first cryptographic key to the first TD; map within an extended page table (EPT) a host physical address (HPA) space to a guest physical address (GPA) space of the TD; create a memory ownership table (MOT) entry for a memory page within the block of physical memory, wherein the MOT table comprises a GPA reverse mapping; encrypt the MOT entry using the first cryptographic key; and append to the MOT entry verification data, wherein the MOT entry verification data enables detection of an attack on the MOT entry.

Abstract: A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

Abstract: Examples include an apparatus which accesses secure pages in a trust domain using secure lookups in first and second sets of page tables. For example, one embodiment of the processor comprises: a decoder to decode a plurality of instructions including instructions related to a trusted domain; execution circuitry to execute a first one or more of the instructions to establish a first trusted domain using a first trusted domain key, the trusted domain key to be used to encrypt memory pages within the first trusted domain; and the execution circuitry to execute a second one or more of the instructions to associate a first process address space identifier (PASID) with the first trusted domain, the first PASID to uniquely identify a first execution context associated with the first trusted domain.

Abstract: Systems, apparatuses, methods, and computer-readable media are provided for reducing or eliminating cryptographic waste for link protection in computer buses. In various embodiments, data packets are encrypted/decrypted in accordance with advanced encryption standard (AES) Galois counter mode (GCM) encryption/decryption. Monotonically increased counter values are used as initialization vectors; and/or accumulated MAC is practiced to reduce or eliminate cryptographic waste. Other related aspects are also described and/or claimed.

Abstract: An apparatus and method for memory management using compartmentalization. For example, one embodiment of a processor comprises: execution circuitry to execute instructions and process data, at least one instruction to generate a system memory access request using a first linear address; and address translation circuitry to perform a first walk operation through a set of one or more address translation tables to translate the first linear address to a first physical address, the address translation circuitry to concurrently perform a second walk operation through a set of one or more linear address metadata tables to identify metadata associated with the linear address, and to use one or more portions of the metadata to validate access by the at least one instruction to the first physical address.

Abstract: Scalable cloning and replication for trusted execution environments is described. An example of a computer-readable storage medium includes instructions for receiving a selection of a point to capture a snapshot of a baseline trust domain (TD) or secure enclave, the TD or secure enclave being associated with a trusted execution environment (TEE) of a processor utilized for processing of a workload; initiating cloning of the TD or secure enclave from a source platform to an escrow platform; generating an escrow key to export the snapshot to the escrow platform; and exporting a state of the TD or secure enclave to the escrow platform, the state being sealed with a sealing key.

Abstract: An integrated circuit includes a core and memory controller coupled to a last level cache (LLC). A first key identifier for a first program is associated with physical addresses of memory that store data of the first program. To flush and invalidate cache lines associated with the first key identifier, the core is to execute an instruction (having the first key identifier) to generate a transaction with the first key identifier. In response to the transaction, a cache controller of the LLC is to: identify matching entries in the LLC by comparison of first key identifier with at least part of an address tag of a plurality of entries in a tag storage structure of the LLC, the matching entries associated with cache lines of the LLC; write back, to the memory, data stored in the cache lines; and mark the matching entries of the tag storage structure as invalid.

Abstract: Techniques for encrypting data using a key generated by a physical unclonable function (PUF) are described. An apparatus according to the present disclosure may include decoder circuitry to decode an instruction and generate a decoded instruction. The decoded instruction includes operands and an opcode. The opcode indicates that execution circuitry is to encrypt data using a key generated by a PUF. The apparatus may further include execution circuitry to execute the decoded instruction according to the opcode to encrypt the data to generate encrypted data using the key generated by the PUF.

Abstract: A processor is described. The processor includes model specific register space that is visible to software above a BIOS level. The model specific register space is to specify a granularity of a processing entity of a lock-step group. The processor also includes logic circuitry to support dynamic entry/exit of the lock-step group's processing entities to/from lock-step mode including: i) termination of lock-step execution by the processing entities before the program code to be executed in lock-step is fully executed; and, ii) as part of the exit from the lock-step mode, restoration of a state of a shadow processing entity of the processing entities as the state existed before the shadow processing entity entered the lock-step mode and began lock-step execution of the program code.

Abstract: A method is described. The method includes executing a memory access instruction for a software process or thread. The method includes creating a memory access request for the memory access instruction having a physical memory address and a first identifier of a realm that the software process or thread execute from. The method includes receiving the memory access request and determining a second identifier of a realm from the physical memory address. The method also includes servicing the memory access request because the first identifier matches the second identifier.

Abstract: Techniques for migration of a source protected virtual machine from a source platform to a destination platform are descried. A method of an aspect includes enforcing that bundles of state, of a first protected virtual machine (VM), received at a second platform over a stream, during an in-order phase of a migration of the first protected VM from a first platform to the second platform, are imported to a second protected VM of the second platform, in a same order that they were exported from the first protected VM. Receiving a marker over the stream marking an end of the in-order phase. Determining that all bundles of state exported from the first protected VM prior to export of the marker have been imported to the second protected VM. Starting an out-of-order phase of the migration based on the determination that said all bundles of the state exported have been imported.

Abstract: Methods and apparatus relating to speculative decompression within processor core caches are described. In an embodiment, decode circuitry decodes a decompression instruction into a first micro operation and a second micro operation. The first micro operation causes one or more load operations to fetch data into a plurality of cachelines of a cache of a processor core. Decompression Engine (DE) circuitry decompresses the fetched data from the plurality of cachelines of the cache of the processor core in response to the second micro operation. The decompression instruction causes the DE circuitry to perform an out-of-order decompression of the plurality of cachelines. Other embodiments are also disclosed and claimed.

Abstract: Methods and apparatus relating to an Application Programming Interface (API) for fine grained low latency decompression within a processor core are described. In an embodiment, a decompression Application Programming Interface (API) receives an input handle to a data object. The data object includes compressed data and metadata. Decompression Engine (DE) circuitry decompresses the compressed data to generate uncompressed data. The DE circuitry decompress the compressed data in response to invocation of a decompression instruction by the decompression API. The metadata comprises a first operand to indicate a location of the compressed data, a second operand to indicate a size of the compressed data, a third operand to indicate a location to which decompressed data by the DE circuitry is to be stored, and a fourth operand to indicate a size of the decompressed data. Other embodiments are also disclosed and claimed.

Abstract: Techniques to allow use of metadata in unused bits of virtual addresses are described. A processor of an aspect includes a decode circuit to decode a memory access instruction. The instruction to indicate one or more memory address operands that are to have address generation information and metadata. An execution circuit coupled with the decode circuit to generate a 64-bit virtual address based on the one or more memory address operands. The 64-bit virtual address having a bit 63, an X-bit address field starting at a bit 0 to store an address generated from the address generation information, and one or more metadata bits to store the metadata. The execution circuit also to perform a canonicality check on the 64-bit virtual address that does not fail due to non-canonical values of the metadata stored in the one or more metadata bits. Other processors, methods, systems, and instructions are disclosed.