Abstract: In general, one aspect disclosed features a media-capture device, comprising: one or more sensors; a hardware processor; and a non-transitory machine-readable storage medium encoded with instructions executable by the hardware processor to perform a method comprising: initiating acquisition of one or more sensor data samples representing analog phenomena captured by the one or more sensors; receiving the one or more sensor data samples; encoding the one or more sensor data samples; generating a to-be-signed data structure comprising at least one of: the one or more encoded sensor data samples, or one or more cryptographic hashes of the one or more encoded sensor data samples; generating a cryptographic hash of the to-be-signed data structure; determining whether a time-stamping server is reachable over a network connection by the media capture device; and configuring a second data structure based on the determination of whether the time-stamping server is reachable.

Abstract: A media-capture device initiates acquisition of sensor data samples representing analog phenomena; encodes the samples; generates a to-be-signed data structure comprising the encoded samples and/or cryptographic hashes of the samples; generates a cryptographic hash of the to-be-signed data structure; transmits a time-stamping request to a time-stamping server, the time-stamping request comprises the cryptographic hash of the to-be-signed data structure, wherein the time-stamping server generates a signed time-stamp; generates a digital signature using the to-be-signed data structure, the signed time-stamp, a private cryptographic key, and a signed certificate for the corresponding public cryptographic key; and generates a second data structure comprising the samples, the to-be-signed data structure, and the digital signature.

Abstract: In general, one aspect disclosed features a media-capture device, comprising: one or more sensors; a hardware processor; and a non-transitory machine-readable storage medium encoded with instructions executable by the hardware processor to perform a method comprising: initiating acquisition of one or more sensor data samples representing analog phenomena captured by the one or more sensors; receiving the one or more sensor data samples; encoding the one or more sensor data samples; generating a to-be-signed data structure comprising at least one of: the one or more encoded sensor data samples, or one or more cryptographic hashes of the one or more encoded sensor data samples; generating a cryptographic hash of the to-be-signed data structure; determining whether a time-stamping server is reachable over a network connection by the media capture device; and configuring a second data structure based on the determination of whether the time-stamping server is reachable.

Abstract: In general, one aspect disclosed features a media-capture device, comprising: one or more sensors; a hardware processor; and a non-transitory machine-readable storage medium encoded with instructions executable by the hardware processor to perform a method comprising: initiating acquisition of one or more sensor data samples representing analog phenomena captured by the one or more sensors; receiving the one or more sensor data samples; encoding the one or more sensor data samples; generating a to-be-signed data structure comprising at least one of: the one or more encoded sensor data samples, or one or more cryptographic hashes of the one or more encoded sensor data samples; generating a cryptographic hash of the to-be-signed data structure; determining whether a time-stamping server is reachable over a network connection by the media capture device; and configuring a second data structure based on the determination of whether the time-stamping server is reachable.

Abstract: A media-capture device initiates acquisition of sensor data samples representing analog phenomena; encodes the samples; generates a to-be-signed data structure comprising the encoded samples and/or cryptographic hashes of the samples; generates a cryptographic hash of the to-be-signed data structure; transmits a time-stamping request to a time-stamping server, the time-stamping request comprises the cryptographic hash of the to-be-signed data structure, wherein the time-stamping server generates a signed time-stamp; generates a digital signature using the to-be-signed data structure, the signed time-stamp, a private cryptographic key, and a signed certificate for the corresponding public cryptographic key; and generates a second data structure comprising the samples, the to-be-signed data structure, and the digital signature.

Abstract: Systems, methods, and computer programs are disclosed for optimizing headless virtual memory management in a system on chip (SoC) with global translation lookaside buffer shootdown. The SoC comprises an application processor configured to execute a headful virtual machine and one or more SoC processing devices configured to execute a corresponding headless virtual machine. The method comprises issuing a virtual machine mapping command with a headless virtual machine having a first virtual machine identifier. In response to the virtual machine mapping command, a current value stored in a hardware register in the application processor is saved. The first virtual machine identifier associated with the headless virtual machine is loaded into the hardware register. A translation lookaside buffer (TLB) invalidate command is issued while the first virtual machine identifier is loaded in the hardware register.

Abstract: Exemplary features pertain to establishing an Exclusive Execution Environment domain that Trusted Execution Zone components are forbidden to access. In one example, a system-on-a-chip (SoC) is equipped with a Reduced Instruction Set Computing (RISC) processor along with an application DSP (ADSP) and/or Graphics Processing Unit (GPU), where the ADSP and/or GPU is configured to provide and enforce the Exclusive Execution Environment domain. By forbidding access to Trusted Execution Zone components, security can be enhanced, especially within minimally-equipped devices that do not have the resources to implement a full Trust Execution Environment, such as low-power devices associated with the Internet of Things (IoT). Among other features, the systems and methods described herein allow application clients to build exclusive execution environments and claim exclusive access to buffer objects and hardware resource groups. Method and apparatus examples are provided.

Abstract: In the various aspects, virtualization techniques may be used to improve performance and reduce the amount of power consumed by selectively enabling a hypervisor operating on a computing device during sandbox sessions. In the various aspects, a high-level operating system may allocate memory such that its intermediate physical addresses are equal to the physical addresses. When the hypervisor is disabled, the hypervisor may suspend second stage translations from intermediate physical addresses to physical addresses. During a sandbox session, the hypervisor may be enabled and resume performing second stage translations.

Abstract: Systems, methods, and computer programs are disclosed for reducing memory power consumption. An exemplary method comprises configuring a power saving memory balloon associated with a volatile memory. Memory allocations are steered to the power saving memory balloon. In response to initiating a memory power saving mode, data is migrated from the power saving memory balloon. A power saving feature is executed on the power saving memory balloon while in the memory power saving mode.

Abstract: Systems, methods, and computer programs are disclosed for reducing memory power consumption. An exemplary method comprises configuring a power saving memory balloon associated with a volatile memory. Memory allocations are steered to the power saving memory balloon. In response to initiating a memory power saving mode, data is migrated from the power saving memory balloon. A power saving feature is executed on the power saving memory balloon while in the memory power saving mode.

Abstract: One feature pertains to an apparatus that includes a memory circuit, a system memory-management unit (SMMU), and a processing circuit. The memory circuit stores an executable program associated with a client. The SMMU enforces memory access control policies for the memory circuit, and includes a plurality of micro-translation lookaside buffers (micro-TLBs), macro-TLB, and a page walker circuit. The plurality of micro-TLBs include a first micro-TLB that enforces memory access control policies for the client. The processing circuit loads memory address translations associated with the executable program into the first micro-TLB, and initiates isolation mode for the first micro-TLB causing communications between the first micro-TLB and the macro-TLB and between the first micro-TLB and the page walker circuit to be severed. The first micro-TLB continues to enforce memory access control policies for the client while in isolation mode.

Abstract: Systems for a method for monolithic workload scheduling in a portable computing device (“PCD”) having a hypervisor are disclosed. An exemplary method comprises instantiating a primary virtual machine at a first exception level, wherein the primary virtual machine comprises a monolithic scheduler configured to allocate workloads within and between one or more guest virtual machines in response to one or more interrupts, instantiating a secure virtual machine at the first exception level and instantiating one or more guest virtual machines at the first exception level as well. When an interrupt is received at a hypervisor associated with a second exception level, the interrupt is forwarded to the monolithic scheduler along with hardware usage state data and guest virtual machine usage state data. The monolithic scheduler may, in turn, generate one or more context switches which may comprise at least one intra-VM context switch and at least one inter-VM context switch.

Abstract: Hardware-based translation lookaside buffer (TLB) invalidation techniques are disclosed. A host system is configured to exchange data with a peripheral component interconnect express PCIE) endpoint (EP). A memory management unit (MMU), which is a hardware element, is included in the host system to provide address translation according to at least one TLB. In one aspect, the MMU is configured to invalidate the at least one TLB in response to receiving at least one TLB invalidation command from the PCIE EP. In another aspect, the PCIE EP is configured to determine that the at least one TLB needs to be invalidated and provide the TLB invalidation command to invalidate the at least one TLB. By implementing hardware-based TLB invalidation in the host system, it is possible to reduce TLB invalidation delay, thus leading to increased data throughput, reduced power consumption, and improved user experience.

Abstract: Exemplary features pertain to establishing an Exclusive Execution Environment domain that Trusted Execution Zone components are forbidden to access. In one example, a system-on-a-chip (SoC) is equipped with a Reduced Instruction Set Computing (RISC) processor along with an application DSP (ADSP) and/or Graphics Processing Unit (GPU), where the ADSP and/or GPU is configured to provide and enforce the Exclusive Execution Environment domain. By forbidding access to Trusted Execution Zone components, security can be enhanced, especially within minimally-equipped devices that do not have the resources to implement a full Trust Execution Environment, such as low-power devices associated with the Internet of Things (IoT). Among other features, the systems and methods described herein allow application clients to build exclusive execution environments and claim exclusive access to buffer objects and hardware resource groups. Method and apparatus examples are provided.

Abstract: In an aspect, an apparatus obtains, at one or more hardware configuration interfaces, a physical page number associated with a secure resource, a domain identifier, and at least one memory attribute. The one or more hardware configuration interfaces may be in communication with a resource protection unit that manages access to the secure resource. The apparatus configures, by the one or more hardware configuration interfaces, a page table entry in a page table maintained at the resource protection unit, where the page table entry is configured to include the physical page number associated with the secure resource, the domain identifier, and the at least one memory attribute. The resource protection unit processes a resource access transaction when an access permission for the resource access transaction is determined in the page table.

Abstract: Aspects include computing devices, apparatus, and methods for accelerating distributive virtual memory (DVM) message processing in a computing device. DVM message interceptors may be positioned in various locations within a DVM network of a computing device so that DVM messages may be intercepted before reaching certain DVM destinations. A DVM message interceptor may receive a broadcast DVM message from first DVM source. The DVM message interceptor may determine whether a preemptive DVM message response should be returned to the DVM source on behalf of the DVM destination. When certain criteria are met, the DVM message interceptor may generate a preemptive DVM message response to the broadcast DVM message, and send the preemptive DVM message response to the DVM source.

Abstract: Disclosed are methods and apparatus for memory management in shared virtual memory (SVM) systems. The methods and apparatus provide SVM access control on a per master basis through the assignment of a first classification identifier (ID) upon reception of a memory access request from a memory master. The assigned first classification ID assigned to the memory request is compared with a second classification ID stored in at least one page table entry of a page table used to manage the SVM system. The page table entry (PTE) corresponds to one or more memory locations of the SVM being requested in the memory access request. SVM system access operations for the memory access request are then denied if the first classification ID does not match the second classification ID, thereby providing added per master access control for the SVM system.

Abstract: Hardware-based translation lookaside buffer (TLB) invalidation techniques are disclosed. A host system is configured to exchange data with a peripheral component interconnect express (PCIe) endpoint (EP). A memory management unit (MMU), which is a hardware element, is included in the host system to provide address translation according to at least one TLB. In one aspect, the MMU is configured to invalidate the at least one TLB in response to receiving at least one TLB invalidation command from the PCIe EP. In another aspect, the PCIe EP is configured to determine that the at least one TLB needs to be invalidated and provide the TLB invalidation command to invalidate the at least one TLB. By implementing hardware-based TLB invalidation in the host system, it is possible to reduce TLB invalidation delay, thus leading to increased data throughput, reduced power consumption, and improved user experience.

Abstract: Aspects include computing devices, apparatus, and methods for accelerating distributive virtual memory (DVM) message processing in a computing device. DVM message interceptors may be positioned in various locations within a DVM network of a computing device so that DVM messages may be intercepted before reaching certain DVM destinations. A DVM message interceptor may receive a broadcast DVM message from first DVM source. The DVM message interceptor may determine whether a preemptive DVM message response should be returned to the DVM source on behalf of the DVM destination. When certain criteria are met, the DVM message interceptor may generate a preemptive DVM message response to the broadcast DVM message, and send the preemptive DVM message response to the DVM source.

Abstract: Disclosed is a method for protecting virtual machine data at a peripheral subsystem connected to at least one processor configured to host a plurality of virtual machines. In the method, context information, including a virtual machine identifier (VMID), is received. The VMID is unique to one of the plurality of virtual machines. A storage bank of a plurality of storage banks is selected based on the VMID included in the received context information. Each storage bank of the plurality of storage banks uses a same bus address range. A data bus is connected to the selected storage bank.