Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.

Abstract: An apparatus and method for efficient process-based compartmentalization.

Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.

Abstract: An apparatus and method for efficient process-based compartmentalization.

Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.

Abstract: Implementations described provide hardware support for the co-existence of restricted and non-restricted encryption keys on a computing system. Such hardware support may comprise a processor having a core, a hardware register to store a bit range to identify a number of bits, of physical memory addresses, that define key identifiers (IDs) and a partition key ID identifying a boundary between non-restricted and restricted key IDs. The core may allocate at least one of the non-restricted key IDs to a software program, such as a hypervisor. The core may further allocate a restricted key ID to a trust domain whose trust computing base does not comprise the software program. A memory controller coupled to the core may allocate a physical page of a memory to the trust domain, wherein data of the physical page of the memory is to be encrypted with an encryption key associated with the restricted key ID.

Abstract: An apparatus and method for efficient process-based compartmentalization.

Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.

Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.

Abstract: Embodiments of the invention are generally directed to systems, methods, and apparatuses for linear to physical address translation with support for page attributes. In some embodiments, a system receives an instruction to translate a memory pointer to a physical memory address for a memory location. The system may return the physical memory address and one or more page attributes. Other embodiments are described and claimed.

Abstract: A processor includes a processor core. A register of the core is to store: a bit range for a number of address bits of physical memory addresses used for key identifiers (IDs), and a first key ID to identify a boundary between non-restricted key IDs and restricted key IDs of the key identifiers. A memory controller is to: determine, via access to bit range and the first key ID in the register, a key ID range of the restricted key IDs within the physical memory addresses; access a processor state that a first logical processor of the processor core executes in an untrusted domain mode; receive a memory transaction, from the first logical processor, including an address associated with a second key ID; and generate a fault in response to a determination that the second key ID is within a key ID range of the restricted key IDs.

Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.

Abstract: A memory subsystem includes link encryption for the system memory data bus. The memory controller can provide encryption for data at rest and link protection. The memory controller can optionally provide link encryption. Thus, the system can provide link protection for the data in transit. The memory module can include a link decryption engine that can decrypt link encryption if it is used, and performs a link integrity check with a link integrity tag associated with the link protection. The memory devices can then store the encrypted protected data and ECC data from the link decryption engine after link protection verification.

Abstract: An apparatus and method for efficient process-based compartmentalization.

Abstract: A processor includes a processor core. A register of the core is to store: a bit range for a number of address bits of physical memory addresses used for key identifiers (IDs), and a first key ID to identify a boundary between non-restricted key IDs and restricted key IDs of the key identifiers. A memory controller is to: determine, via access to bit range and the first key ID in the register, a key ID range of the restricted key IDs within the physical memory addresses; access a processor state that a first logical processor of the processor core executes in an untrusted domain mode; receive a memory transaction, from the first logical processor, including an address associated with a second key ID; and generate a fault in response to a determination that the second key ID is within a key ID range of the restricted key IDs.

Abstract: Embodiments of the invention are generally directed to systems, methods, and apparatuses for linear to physical address translation with support for page attributes. In some embodiments, a system receives an instruction to translate a memory pointer to a physical memory address for a memory location. The system may return the physical memory address and one or more page attributes. Other embodiments are described and claimed.

Abstract: An apparatus and method for efficient process-based compartmentalization.

Abstract: An apparatus and method for efficient process-based compartmentalization.

Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.

Abstract: Systems, methods, and apparatuses relating to performing hashing operations on packed data elements are described.