US 11,816,227 B2
Interrupting export of memory regions
Gareth Rhys Stockwell, Cambridge (GB); Jason Parker, Sheffield (GB); Djordje Kovacevic, Hitchin (GB); and Matthew Lucien Evans, Cambridge (GB)
Assigned to Arm Limited, Cambridge (GB)
Appl. No. 16/624,474
Filed by ARM LIMITED, Cambridge (GB)
PCT Filed Jun. 11, 2018, PCT No. PCT/GB2018/051582
§ 371(c)(1), (2) Date Dec. 19, 2019,
PCT Pub. No. WO2019/002815, PCT Pub. Date Jan. 3, 2019.
Claims priority of application No. 1710344 (GB), filed on Jun. 28, 2017.
Prior Publication US 2020/0117809 A1, Apr. 16, 2020
Int. Cl. G06F 21/60 (2013.01); G06F 9/455 (2018.01); G06F 9/48 (2006.01); G06F 12/14 (2006.01); G06F 21/79 (2013.01)
CPC G06F 21/602 (2013.01) [G06F 9/45558 (2013.01); G06F 9/4812 (2013.01); G06F 12/1491 (2013.01); G06F 21/79 (2013.01); G06F 2009/45583 (2013.01); G06F 2009/45587 (2013.01); G06F 2212/1052 (2013.01)] 18 Claims
OG exemplary drawing
 
1. Apparatus for processing data comprising:
memory access circuitry to enforce ownership rights of a plurality of memory regions within a first memory, a given owning process from among a plurality of processes having access to given owned data stored within a given memory region from among said plurality of memory regions;
wherein said memory access circuitry is responsive to a first export command for said given memory region received from a first export command source to perform a first export operation to encrypt said given owned data to form given encrypted data and to store said given encrypted data in a second memory;
said memory access circuitry is responsive to a second export command for said given memory region received from a second export command source while said first export operation is being performed to determine whether said second export command source has higher priority position within a control hierarchy than said first export command source;
when said second export command source has a higher priority:
to interrupt said first export operation for encrypting said given owned data and storing said given encrypted data in the second memory,
to store a partially-completed state of said first export operation in a buffer, and to perform a second export operation specified by said second export command, wherein the partially-completed state comprises partially-encrypted data, and
to store metadata associated with said partially-completed state of said first export operation in said buffer;
when said second export operation having the higher priority is completed:
to verify, by said memory access circuitry, said metadata associated with said partially-completed state of said first export operation; and
to restore, by said memory access circuitry in response to said metadata being verified, the partially-completed state of said first export operation and resume said first export operation; and
when said second export command source has a lower priority:
to continue to perform said first export operation for encrypting said given owned data and storing said given encrypted data in the second memory, and
to block performing of said second export operation until completion of said first export operation;
wherein prior to the performing of said first export operation, said memory access circuitry is configured to determine whether the buffer, pointed by a generated pointer, is not empty, indicating that said first export operation was previously interrupted, and when the buffer is not empty, to resume said first export operation.