US 11,853,424 B2
Processor that mitigates side channel attacks by refraining from allocating an entry in a data TLB for a missing load address when the load address misses both in a data cache memory and in the data TLB and the load address specifies a location without a valid address translation or without permission to read from the location
John G. Favor, San Francisco, CA (US); and Srivatsan Srinivasan, Cedar Park, TX (US)
Assigned to Ventana Micro Systems Inc., Cupertino, CA (US)
Filed by Ventana Micro Systems Inc., San Jose, CA (US)
Filed on Oct. 6, 2020, as Appl. No. 17/064,553.
Prior Publication US 2022/0108013 A1, Apr. 7, 2022
Int. Cl. G06F 21/56 (2013.01); G06F 21/57 (2013.01); G06F 21/54 (2013.01); G06F 21/79 (2013.01); G06F 9/30 (2018.01); G06F 12/0895 (2016.01); G06F 12/1045 (2016.01); G06F 12/0811 (2016.01)
CPC G06F 21/566 (2013.01) [G06F 9/30043 (2013.01); G06F 9/30047 (2013.01); G06F 12/0811 (2013.01); G06F 12/0895 (2013.01); G06F 12/1063 (2013.01); G06F 21/54 (2013.01); G06F 21/577 (2013.01); G06F 21/79 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A microprocessor for mitigating side channel attacks, comprising:
a memory subsystem having a virtually-indexed, virtually-tagged data cache memory (VIVTDCM) and a data translation lookaside buffer (DTLB);
wherein the VIVTDCM includes a plurality of entries, each entry comprising a virtual address, cache line data corresponding to the virtual address, and a permission to read a physical address corresponding to the virtual address;
wherein the DTLB includes a plurality of entries, each entry comprising a virtual address, a corresponding physical address, and a corresponding permission to read the corresponding physical address;
wherein the memory subsystem is configured to receive a load operation that specifies a load address comprising a particular virtual address;
wherein the processor is configured to perform speculative execution of instructions;
wherein the processor is configured to execute instructions out of program order;
and wherein the memory subsystem is configured to, in response to executing the load operation and detecting that the load address is not present in the VIVTDCM or the DTLB:
perform a page table walk to retrieve the corresponding physical address that corresponds to the particular virtual address and corresponding permission to read the corresponding physical address;
detect a condition in response to the page table walk in which the corresponding physical address cannot be retrieved or the corresponding permission does not provide the permission to read the corresponding physical address;
and in response to detection of the condition:
allocate an entry of the plurality of entries of the VIVTDCM in the VIVTDCM that includes an indication of the condition but without corresponding cache line data;
and refrain from allocating an entry into any translation lookaside buffer (TLB) including refraining from allocating an entry in the DTLB for the corresponding physical address of the particular virtual address of the load address,
whereby a side channel attack enabled by speculative execution is mitigated by the refrain from allocating the entry in the DTLB.