Realm Management Extensions
With the increasing trend of moving on-premise workloads to the cloud and increased usage of private/personal data for compute/ML, the requirements for enhanced private computation for data processed in untrusted/shared environments is rising. Arm’s Confidential Compute Architecture (CCA) caries such computations in a hardware-based secure environment, even protected from privileged software.
Realm Management Extensions (RME) is one of the key hardware changes introduced as part of CCA. Along with other components of CCA, RME enables support for trusted, dynamic, and attestable execution regions.
The salient features of RME are:
- New physical address spaces: In addition to existing Secure and Non-Secure Physical Address Spaces (PAS), RME supports two new physical address spaces called Root and Realm for the Arm Processing Elements (PE). Through this hardware isolation, RME facilitates the confidential compute of the data in these execution environments (realms).
- New cache maintenance operations: New Cache Maintenance Operations (CMOs) help with the dynamic movement of memory granules (pages) across these realms. The Granule Protection Table (GPT) determines the current PAS for a page. The point in the system at which updates to a location in one PAS are visible to all other PAS is termed as a Point of Physical Aliasing (PoPA).
CMOs may target more than one PAS to ensure that data written earlier is fully visible to other intended PAS at PoPA.
- Remote invalidation: RME requires the ability to remotely cache invalidated memory mapped as non-snoopable. This enables cache maintenance of the non-snoopable locations by a PE, which is different to the one that caused allocation in the cache.
- Updates to DVM operations: Additional DVM operations and fields are introduced to cater to the following requirements of Arm v9.2 architecture:
- To support the new PAS
- To support TLB invalidation for GPT caching, as the PAS association with memory pages info contained in GPT is cacheable within TLBs
- Updates to MPAM: MPAM defines independent part ID spaces for each PAS. Prior to CHI-F, this was single bit field corresponding to Secure, non-secure PAS. With the two new Realm and Root PAS, this is now a two-bit field to encode MPAM Space (MPAMSP).
WriteNoSnpDef is a single copy 64-byte atomic write request which can be rejected by the completer. The transaction flows are similar to the WriteNoSnp transaction. One of the typical use cases of this transaction is where a gathered 64-byte data is sent as atomic write to shared queues within an accelerator. The completer can reject the write request and issue a Defer response to the requester which is an indication that the write could not be processed but might be successful if issued at a later point in time. The requester can later repeat the write request.
Page Based Hardware Attributes (PBHA)
PBHA values are obtained from page tables during address translations. These four-bit values are propagated through the memory system with transactions and can be used to control hardware system components. For predictable results, it is expected that all the translations to a given physical address (PA) provide the same PBHA value.
Memory Tagging Enhancements (MTE)
Permitted TagOp settings are updated for ReadOnceMakeInvalid, ReadOnceCleanInvalid and MakeReadUnique Transactions.