INSTRUCTIONS AND LOGIC TO SUSPEND/RESUME MIGRATION OF ENCLAVES IN A SECURE ENCLAVE PAGE CACHE

• Main Authors: MCKEEN FRANCIS X, NEIGER GILBERT, ROZAS CARLOS V, VIJ MONA, ZMUDZINSKI KRYSTOF C, CHAKRABARTI SOMNATH, SCARLATA VINCENT R, JOHNSON SIMON P, ANATI ITTAI, SHANBHOGUE VEDVYAS, ALEXANDROVICH ILYA, LESLIE-HURD REBEKAH M
• Format: Patent
• Language: Chinese; English
• Published: 31.07.2018
• Subjects: CALCULATING; COMPUTING; COUNTING; ELECTRIC DIGITAL DATA PROCESSING; PHYSICS

Instructions and logic support suspending and resuming migration of enclaves in a secure enclave page cache (EPC). An EPC stores a secure domain control structure (SDCS) in storage accessible by an enclave for a management process, and by a domain of enclaves. A second processor checks if a corresponding version array (VA) page is bound to the SDCS, and if so: increments a version counter in the SDCS for the page, performs an authenticated encryption of the page from the EPC using the version counter in the SDCS, and writes the encrypted page to external memory. A second processor checks if acorresponding VA page is bound to a second SDCS of the second processor, and if so: performs an authenticated decryption of the page using a version counter in the second SDCS, and loads the decryptedpage to the EPC in the second processor if authentication passes. 指令和逻辑支持挂起和恢复安全飞地页面高速缓存（EPC）中飞地的迁移。EPC将安全域控制结构（SDCS）存储在由用于管理进程的飞地和由飞地域可访问的存储中。第二处理器检查对应的版本阵列（VA）页面是否被绑定到SDCS，并且如果是的话，则：递增用于页面的SDSC中的版本计数器，使用SDCS中的版本计数器从EPC对页面执行