CPC G06F 21/566 (2013.01) [G06F 9/30043 (2013.01); G06F 9/30047 (2013.01); G06F 12/0811 (2013.01); G06F 12/0895 (2013.01); G06F 12/1063 (2013.01); G06F 21/54 (2013.01); G06F 21/577 (2013.01); G06F 21/79 (2013.01)] | 15 Claims |
1. A microprocessor for mitigating side channel attacks, comprising:
a memory subsystem having a virtually-indexed, virtually-tagged data cache memory (VIVTDCM) and a data translation lookaside buffer (DTLB);
wherein the VIVTDCM includes a plurality of entries, each entry comprising a virtual address, cache line data corresponding to the virtual address, and a permission to read a physical address corresponding to the virtual address;
wherein the DTLB includes a plurality of entries, each entry comprising a virtual address, a corresponding physical address, and a corresponding permission to read the corresponding physical address;
wherein the memory subsystem is configured to receive a load operation that specifies a load address comprising a particular virtual address;
wherein the processor is configured to perform speculative execution of instructions;
wherein the processor is configured to execute instructions out of program order;
and wherein the memory subsystem is configured to, in response to executing the load operation and detecting that the load address is not present in the VIVTDCM or the DTLB:
perform a page table walk to retrieve the corresponding physical address that corresponds to the particular virtual address and corresponding permission to read the corresponding physical address;
detect a condition in response to the page table walk in which the corresponding physical address cannot be retrieved or the corresponding permission does not provide the permission to read the corresponding physical address;
and in response to detection of the condition:
allocate an entry of the plurality of entries of the VIVTDCM in the VIVTDCM that includes an indication of the condition but without corresponding cache line data;
and refrain from allocating an entry into any translation lookaside buffer (TLB) including refraining from allocating an entry in the DTLB for the corresponding physical address of the particular virtual address of the load address,
whereby a side channel attack enabled by speculative execution is mitigated by the refrain from allocating the entry in the DTLB.
|