Search

US-20260127065-A1 - TECHNOLOGIES FOR PREVENTING FAULT EXCEPTION PROBING

US20260127065A1US 20260127065 A1US20260127065 A1US 20260127065A1US-20260127065-A1

Abstract

The present application relates to devices and components, including apparatus, systems, and methods for scheduling delivery and execution of page fault or permission fault exceptions. A memory management unit may receive a virtual address associated with an execution mode and initiate a virtual-to-physical translation operation. The MMU may detect a first condition associated with a search of the virtual address in a translation lookaside buffer (TLB). In response to the detection of the first condition, MMU may start a timer. MMU may detect a fault exception associated with the translation operation of the virtual address and determine that a second condition is satisfied. In response to detecting the second condition, the MMU or the reorder buffer exception monitor may deliver the fault exception based on the timer.

Inventors

  • John Ingalls
  • Perrine Peresse
  • Cyril Bresch

Assignees

  • SiFive, Inc.

Dates

Publication Date
20260507
Application Date
20241105

Claims (20)

  1. 1 . A method comprising: receiving a virtual address associated with an execution mode; detecting a first condition associated with a search of the virtual address in a translation lookaside buffer (TLB); starting a timer based on said detecting the first condition; detecting a fault exception associated with a translation operation of the virtual address; determining that a second condition is satisfied, wherein the second condition is associated with the execution mode; and delivering the fault exception upon expiration of the timer to delay delivery of the fault exception.
  2. 2 . The method of claim 1 , wherein said detecting the first condition comprises: detecting a TLB miss; or detecting a TLB hit.
  3. 3 . The method of claim 1 , wherein a value of the timer is programmable.
  4. 4 . The method of claim 1 , wherein a value of the timer is contained in a register.
  5. 5 . The method of claim 1 , wherein the timer is based on a global high-resolution timer or a cycle counter.
  6. 6 . The method of claim 1 , further comprising: determining that adding a random value to a value of the timer is allowed.
  7. 7 . The method of claim 6 , further comprising: adding the random value to the value of the timer.
  8. 8 . An integrated circuit comprising: a memory management unit; a timer; and processing circuitry coupled with the memory management unit and the timer to: receive a virtual address associated with an execution mode; detect a first condition associated with a search of the virtual address in a translation lookaside buffer (TLB); start a timer based on the detection of the first condition; detect a fault exception associated with a translation operation of the virtual address; determine that a second condition is satisfied, wherein the second condition is associated with the execution mode; and deliver the fault exception upon expiration of the timer to delay delivery of the fault exception.
  9. 9 . The integrated circuit of claim 8 , wherein to detect the first condition the processing circuitry is to: detect a TLB miss; or detect a TLB hit.
  10. 10 . The integrated circuit of claim 8 , wherein a value of the timer is programmable.
  11. 11 . The integrated circuit of claim 8 , wherein a value of the timer is stored in a register.
  12. 12 . The integrated circuit of claim 8 , wherein the timer is based on a global high-resolution timer or a cycle counter.
  13. 13 . The integrated circuit of claim 8 , further comprising: determining that adding a random value to a value of the timer is allowed.
  14. 14 . The integrated circuit of claim 13 , further comprising: adding the random value to the value of the timer.
  15. 15 . A computer system comprising: memory to store computer-executable instructions; and an integrated circuit to access the memory and execute the computer-executable instructions to: receive a virtual address associated with an execution mode; detect a first condition associated with a search of the virtual address in a translation lookaside buffer (TLB); start a timer based on the detection of the first condition; detect a fault exception associated with a translation operation of the virtual address; determine that a second condition is satisfied, wherein the second condition is associated with the execution mode; and deliver the fault exception upon expiration of the timer to delay delivery of the fault exception.
  16. 16 . The computer system of claim 15 , wherein to detect the first condition the integrated circuit is to: detect a TLB miss; or detect a TLB hit.
  17. 17 . The computer system of claim 15 , wherein a value of the timer is programmable.
  18. 18 . The computer system of claim 15 , wherein a value of the timer is stored in a register.
  19. 19 . The computer system of claim 15 , further comprising: determining that adding a random value to a value of the timer is allowed; and adding the random value to the value of the timer.
  20. 20 . The computer system of claim 15 , wherein the timer is based on a global high-resolution timer or a cycle counter.

Description

TECHNICAL FIELD This application relates generally to processing circuitry and, in particular, to memory management unit (MMU) micro-architecture for preventing table lookaside buffer (TLB) probing. BACKGROUND Side-channel attacks exploit indirect information leakage to gain unauthorized access to sensitive data. Unlike traditional attacks that target software vulnerabilities or cryptographic weaknesses, side-channel attacks focus on the physical and timing characteristics of a system. These characteristics include power consumption, electromagnetic emissions, or the time to execute certain operations. For example, an attacker might deduce secret keys or other sensitive information by carefully measuring the time it takes to execute cryptographic algorithms. This attack is particularly insidious because it often bypasses traditional security mechanisms. One common type of side-channel attack is the cache timing attack, where an attacker exploits the differences in access times between cached and non-cached data. Techniques like Flush+Reload and Prime+Probe are used to manipulate and observe the state of the cache. In a Flush+Reload attack, the attacker flushes a shared cache line and then measures the time it takes to reload it, inferring whether the victim accessed that line. Prime+Probe involves the attacker filling the cache with their data (priming) and then measuring which parts of the cache have been evicted by the victim's access patterns (probing). These attacks can reveal fine-grained details about the victim's operations, including cryptographic keys. Preventing side-channel attacks is desired because they threaten the confidentiality and integrity of sensitive information. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 illustrates a compute system in accordance with some embodiments. FIG. 2 illustrates aspects of the compute system in accordance with some embodiments. FIG. 3 illustrates a block diagram of a memory management unit in accordance with some embodiments. FIG. 4 illustrates another block diagram of page table entry walk cache operation in accordance with some embodiments. FIG. 5 illustrates a finite state machine of a page table walker in accordance with some embodiments. FIG. 6 illustrates a finite state machine of a unified translation look-aside buffer operation in accordance with some embodiments. FIG. 7 illustrates a flow diagram in accordance with some embodiments. FIG. 8 illustrates a block diagram of an example of a multi-chip package in accordance with some embodiments FIG. 9 illustrates a block diagram of an example of a computing system in accordance with some embodiments. DETAILED DESCRIPTION The following detailed description refers to the accompanying drawings. The same reference numbers may be used in different drawings to identify the same or similar elements. In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular structures, architectures, interfaces, and techniques to provide a thorough understanding of the various aspects of various embodiments. However, it will be apparent to those skilled in the art having the benefit of the present disclosure that the various aspects of the various embodiments may be practiced in other examples that depart from these specific details. In certain instances, descriptions of well-known devices, circuits, and methods are omitted so as not to obscure the description of the various embodiments with unnecessary detail. For the purposes of the present document, the phrases “A/B” and “A or B” mean (A), (B), or (A and B); and the phrase “based on A” means “based at least in part on A,” for example, it could be “based solely on A” or it could be “based in part on A.” When an application issues a memory access request, it initiates a series of interactions within the processing core and Memory Management Unit (MMU). The processing core first receives the virtual address (a virtual memory address) from the application and passes it to the MMU. Among other things, MMU is responsible for translating the virtual address into a physical address (physical memory address). This translation allows the processing unit to access the correct location in physical memory. The virtual address allows programs to use memory without being directly involved with the actual physical layout of the memory. The physical address is the actual address in the physical memory where the data or instructions are stored. The MMU begins by checking the translation lookaside buffer (TLB), a specialized cache that stores recent virtual-to-physical address translations. Each entry in the TLB may include a virtual page number (VPN), a corresponding physical page number (PPN), access control bits the specify permission (such as read, write, and execute), a valid bit indicating if the entry is usable, or a tag used for quick identification in associative TLBs. The TLB may be fully associative, set-associative,