NVIDIA Corporation
Storing secure state information in translation lookaside buffer cache lines

Abstract:

One embodiment of the present invention includes a memory management unit (MMU) that is configured to efficiently process requests to access memory that includes protected regions. Upon receiving an initial request via a virtual address (VA), the MMU translates the VA to a physical address (PA) based on page table entries (PTEs) and gates the response based on page-specific secure state information. To thwart software-based attempts to illicitly access the protected regions, the secure state information is not stored in page tables. However, to expedite subsequent requests, after the MMU identifies the PTE and the corresponding secure state information, the MMU stores both the PTE and the secure state information as a cache line in a translation lookaside buffer. Advantageously, the disclosed embodiments protect data in the protected regions from security risks associated with software-based protection schemes without incurring the performance degradation associated with hardware-based "carve-out" memory protection schemes.