Apparatus and method including an ownership table for indicating owner processes for blocks of physical addresses of a memory

Abstract

A data processing apparatus comprises processing circuitry to execute a plurality of processes. An ownership table comprises one or more entries each indicating, for a corresponding block of physical addresses, which of the processes is an owner process that has exclusive control of access to the corresponding block of physical addresses. A new process may be prevented from becoming an owner process until after successful completion of destructive overwriting. Ownership protection circuitry may detect a mismatch between an expected attribute, which is dependent on information in a page table entry, and an attribute specified in the ownership table. Each entry in the ownership table, for example, may indicate a level of encryption to be applied. Access control circuitry such as a memory management unit (MMU) may also determine whether an access request satisfies access permissions. The ownership table may also specify whether a higher privilege level process is allowed to access a block of physical addresses. A descriptor table may be used to store process state identifiers, where the process states may include invalid, prepare and execute states. The processes may comprise a hypervisor and/or a virtual machine (VM).