Intel Corporation
SECURE ADDRESS TRANSLATION SERVICES USING CRYPTOGRAPHICALLY PROTECTED HOST PHYSICAL ADDRESSES

Abstract:

Embodiments are directed to providing a secure address translation service. An embodiment of a system includes a memory for storage of data, an Input/Output Memory Management Unit (IOMMU) coupled to the memory via a host-to-device link the IOMMU to perform operations, comprising receiving an address translation request from a remote device via a host-to-device link, wherein the address translation request comprises a virtual address (VA), determining a physical address (PA) associated with the virtual address (VA), generating an encrypted physical address (EPA) using at least the physical address (PA) and a cryptographic key, and sending the encrypted physical address (EPA) to the remote device via the host-to-device link.