Abstract: A processor of an aspect includes a decode unit to decode an instruction. The processor also includes an execution unit coupled with the decode unit. The execution unit, in response to the instruction, is to determine that an attempted change due to the instruction, to a shadow stack pointer of a shadow stack, would cause the shadow stack pointer to exceed an allowed range. The execution unit is also to take an exception in response to determining that the attempted change to the shadow stack pointer would cause the shadow stack pointer to exceed the allowed range. Other processors, methods, systems, and instructions are disclosed.

Abstract: Example methods and systems are directed to isolating memory in trusted execution environments (TEEs). In function-as-a-service (FaaS) environments, a client makes use of a function executing within a TEE on a FaaS server. To minimize the trusted code base (TCB) for each function, each function may be placed in a separate TEE. However, this causes the overhead of creating a TEE to be incurred for each function. As discussed herein, multiple functions may be placed in a single TEE without compromising the data integrity of each function. For example, by using a different extended page table (EPT) for each function, the virtual address spaces of the functions are kept separate and map to different, non-overlapping physical address spaces. Partial overlap may be permitted to allow functions to share some data while protecting other data. Memory for each function may be encrypted using a different encryption key.

Abstract: Systems, methods, and apparatuses relating to processor non-write-back capabilities are described. In one embodiment, a processor includes a plurality of logical processors, a control register comprising a non-write-back lock disable bit, a cache shared by the plurality of logical processors, a bus to couple the cache to a memory to service a memory request for the memory from the plurality of logical processors, and a memory controller to disable a non-write-back lock access of the bus for a read-modify-write type of the memory request issued by a logical processor of the plurality of logical processors when the non-write-back lock disable bit is set to a first value, and implement the non-write-back lock access of the bus for the read-modify-write type of the memory request when the non-write-back lock disable bit is set to a second value.

Abstract: In one embodiment, a processor includes at least one core and an interface circuit to interface the at least one core to additional circuitry of the processor. In response to an in-field self test instruction, at least one core may save state to a low power memory, enter into a diagnostic sleep state and execute an in-field self test in the diagnostic sleep state in which the at least one core appears to be inactive. Other embodiments are described and claimed.

Abstract: Examples include an apparatus which accesses secure pages in a trust domain using secure lookups in first and second sets of page tables. For example, one embodiment of the processor comprises: a decoder to decode a plurality of instructions including instructions related to a trusted domain; execution circuitry to execute a first one or more of the instructions to establish a first trusted domain using a first trusted domain key, the trusted domain key to be used to encrypt memory pages within the first trusted domain; and the execution circuitry to execute a second one or more of the instructions to associate a first process address space identifier (PASID) with the first trusted domain, the first PASID to uniquely identify a first execution context associated with the first trusted domain.

Abstract: Embodiments of processors, methods, and systems for a processor core supporting a heterogenous system instruction set architecture are described. In an embodiment, a processor includes an instruction decoder and an exception generation circuit. The exception generation circuit is to, in response to the instruction decoder receiving an unsupported instruction, generate an exception and report an instruction classification value of the unsupported instruction.

Abstract: There is disclosed a microprocessor, including: a processing core; and a total memory encryption (TME) engine to provide TME for a first trust domain (TD), and further to: allocate a block of physical memory to the first TD and a first cryptographic key to the first TD; map within an extended page table (EPT) a host physical address (HPA) space to a guest physical address (GPA) space of the TD; create a memory ownership table (MOT) entry for a memory page within the block of physical memory, wherein the MOT table comprises a GPA reverse mapping; encrypt the MOT entry using the first cryptographic key; and append to the MOT entry verification data, wherein the MOT entry verification data enables detection of an attack on the MOT entry.

Abstract: A processor includes a processor core and a memory controller coupled to the processor core. The memory controller comprising a cryptographic engine to: detect, in a write request for a cache line, a key identifier (ID) within a physical address of a location in memory; determine that the key ID is a trust domain key ID of a plurality of key IDs; responsive to a determination that the key ID is the trust domain key ID, set an ownership bit of the cache line to indicate the cache line belongs to a trust domain; encrypt the cache line to generate encrypted data; determine a message authentication code (MAC) associated with the cache line; and write the encrypted data, the ownership bit, and the MAC of the cache line to the memory.

Abstract: A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

Abstract: Examples provide a system that includes at least one processor; a cache; a memory; an interface to copy data from a received packet to the memory or the at least one cache; and controller to manage use of at least one region of the cache. In some examples, the controller is to: indicate availability of a cache region reservation feature; receive a request to reserve a region of the cache from a requester; and based on the requested region being permitted to be reserved by the requester, solely allow the requester to write data to at least a portion of the reserved region. In some examples, the controller is to write to a register to indicate availability of a cache region reservation feature. In some examples, the request to reserve a region of the cache from a requester comprises a specification of a number of sets, a number of ways, and a class of service.

Abstract: An apparatus to facilitate security of a shared memory resource is disclosed. The apparatus includes a memory device to store memory data a system agent to receive requests from one or more input/output (I/O) devices to access the memory data memory and trusted translation components having trusted host physical address (HPA) permission tables (HPTs) to validate memory address translation requests received from trusted I/O devices to access pages in memory associated with trusted domains.

Abstract: Embodiments of an invention for virtualization exceptions are disclosed. In one embodiment, a processor includes instruction hardware, control logic, and execution hardware. The instruction hardware is to receive a plurality of instructions, including an instruction to enter a virtual machine. The control logic is to determine, in response to a privileged event occurring within the virtual machine, whether to generate a virtualization exception. The execution hardware is to generate a virtualization exception in response to the control logic determining to generate a virtualization exception.

Abstract: A processor includes a widest set of data registers that corresponds to a given logical processor. Each of the data registers of the widest set have a first width in bits. A decode unit that corresponds to the given logical processor is to decode instructions that specify the data registers of the widest set, and is to decode an atomic store to memory instruction. The atomic store to memory instruction is to indicate data that is to have a second width in bits that is wider than the first width in bits. The atomic store to memory instruction is to indicate memory address information associated with a memory location. An execution unit is coupled with the decode unit. The execution unit, in response to the atomic store to memory instruction, is to atomically store the indicated data to the memory location.

Abstract: Disclosed embodiments relate to improved heterogeneous CPUID spoofing for remote processors. In one example, a system includes multiple processors, including a first processor including configuration circuitry to enable remote processor identification (ID) spoofing; fetch circuitry to fetch an instruction; decode circuitry to decode the instruction having fields to specify an opcode and a context, the opcode indicating execution circuitry is to: when remote processor ID spoofing is enabled, access a processor ID spoofing data structure storing processor ID information for each of the plurality of processors, and report processor ID information for a processor identified by the context; and, when remote processor ID spoofing is not enabled, report processor ID information for the first processor; and execution circuitry to execute the instruction as per the opcode.

Abstract: Implementations describe a computing system that implements a plurality of virtual machines inside a trust domain (TD), enabled via a secure arbitration mode (SEAM) of the processor. A processor includes one or more registers to store a SEAM range of memory, a TD key identifier of a TD private encryption key. The processor is capable of initializing a trust domain resource manager (TDRM) to manage the TD, and a virtual machine monitor within the TD to manage the plurality of virtual machines therein. The processor is further capable of exclusively associating a plurality of memory pages with the TD, wherein the plurality of memory pages associated with the TD is encrypted with a TD private encryption key inaccessible to the TDRM. The processor is further capable of using the SEAM range of memory, inaccessible to the TDRM, to provide isolation between the TDRM and the plurality of virtual machines.

Abstract: Embodiments of processors, methods, and systems for a processor core supporting processor identification instruction spoofing are described. In an embodiment, a processor includes an instruction decoder and processor identification instruction spoofing logic. The processor identification spoofing logic is to respond to a processor identification instruction by reporting processor identification information from a processor identification spoofing data structure. The processor identification spoofing data structure is to include processor identification information of one or more other processors.

Abstract: Disclosed embodiments relate to encoded inline capabilities. In one example, a system includes a trusted execution environment (TEE) to partition an address space within a memory into a plurality of compartments each associated with code to execute a function, the TEE further to assign a message object in a heap to each compartment, receive a request from a first compartment to send a message block to a specified destination compartment, respond to the request by authenticating the request, generating a corresponding encoded capability, conveying the encoded capability to the destination compartment, and scheduling the destination compartment to respond to the request, and subsequently, respond to a check capability request from the destination compartment by checking the encoded capability and, when the check passes, providing a memory address to access the message block, and, otherwise, generating a fault, wherein each compartment is isolated from other compartments.

Abstract: A processing system includes a processing core to execute a virtual machine (VM) comprising a guest operating system (OS) and a memory management unit, communicatively coupled to the processing core, comprising a storage device to store an extended page table entry (EPTE) comprising a mapping from a guest physical address (GPA) associated with the guest OS to an identifier of a memory frame, a first plurality of access right flags associated with accessing the memory frame in a first page mode referenced by an attribute of a memory page identified by the GPA, and a second plurality of access right flags associated with accessing the memory frame in a second page mode referenced by the attribute of the memory page identified by the GPA.

Abstract: Systems, methods, and apparatuses for defending against cross-privilege linear access are described. For example, an implementation of an apparatus comprising privilege level storage to store a current privilege level and address check circuitry coupled to the privilege level storage, wherein the address check circuitry is to determine whether a linear address associated with an instruction is allowed to access a partition of a linear address space of the apparatus based upon a comparison of the current privilege level and a most significant bit of the linear address is described.

Abstract: Techniques and mechanisms for configuring services which variously facilitate data protection. In an embodiment, circuitry coupled to a memory comprises both a first circuit which calculates integrity information based on data, and a second circuit which evaluates data validity based on such integrity information. A configuration of the circuitry provides a combination of one or more services which is specific to a corresponding domain of the memory. With respect to accesses to the corresponding domain, the configuration prevents an access to the first circuit while an access to the second circuit is permitted. In another embodiment, a processor signals the circuitry to transition to another configuration which, with respect to accesses to the corresponding domain, permits access to both the first circuit and the second circuit.