公开(公告)号：US12259963B2

公开(公告)日：2025-03-25

申请号：US17676890

申请日：2022-02-22

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Miriam Menes ,  Ahmad Atamli ,  Ilan Pardo ,  Ariel Shahar ,  Uria Basher

IPC: G06F21/53 ,  G06F9/50 ,  G06F13/28 ,  G06F21/79

Abstract: A confidential computing (CC) apparatus includes a CPU and a peripheral device. The CPU is to run a hypervisor that hosts one or more Trusted Virtual Machines (TVMs). The peripheral device is coupled to the CPU and to an external memory. The CPU includes a TVM-Monitor (TVMM), to perform management operations on the one or more TVMs, to track memory space that is allocated by the hypervisor to the peripheral device in the external memory, to monitor memory-access requests issued by the hypervisor to the memory space allocated to the peripheral device in the external memory, and to permit or deny the memory-access requests, according to a criterion.

公开(公告)号：US20240323133A1

公开(公告)日：2024-09-26

申请号：US18187119

申请日：2023-03-21

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Liran Liss ,  Omri Kahalon ,  Eliav Bar-Ilan

IPC: H04L47/34 ,  H04L47/2483

CPC classification number: H04L47/34 ,  H04L47/2483

Abstract: An accelerator device and system are described, among other things. An illustrative system is disclosed to include a first sequencer programmed to append packets with information identifying a sequence number and an identification of a flow with which each packet is associated. The appended information may be used by a second sequencer to resequence the packets.

公开(公告)号：US20240015130A1

公开(公告)日：2024-01-11

申请号：US17859022

申请日：2022-07-07

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Eitan Zahavi ,  Guy Rozenberg ,  Matty Kadosh ,  Lion Levi ,  Boris Pismenny ,  Alex Netes ,  Miriam Menes ,  Lior Hodaya Bezen ,  Michael Tahar

IPC: H04L61/106 ,  H04L61/5092 ,  H04L61/5061

CPC classification number: H04L61/106 ,  H04L61/5092 ,  H04L61/5061

Abstract: A method for communication includes provisioning each node in a network with a respective set of two or more network addresses. Each node in succession is assigned a respective network address from the respective provisioned set that has not been assigned for use by any preceding node. Upon finding for a given node that all the network addresses in the respective provisioned set were assigned to preceding nodes, the preceding nodes are searched to identify a candidate node having an additional network address in the respective provisioned set, other than the assigned respective network address, that was not yet assigned to any of the nodes. The additional network address is assigned to the candidate node instead of the respective network address that was previously assigned to the candidate node, and the assigning of the network addresses to the nodes in the succession resumes following the candidate node.

公开(公告)号：US11792139B2

公开(公告)日：2023-10-17

申请号：US17582047

申请日：2022-01-24

Applicant: Mellanox Technologies, Ltd.

Inventor： Boris Pismenny ,  Ben Ben Ishay ,  Gal Yefet ,  Gil Kremer ,  Avi Urman ,  Yorai Itzhak Zack ,  Khalid Manaa ,  Liran Liss

IPC: H04L69/22 ,  H04L49/90 ,  H04L49/9057

CPC classification number: H04L49/9057 ,  H04L49/9042 ,  H04L69/22

Abstract: A peripheral device coupled to a host includes a network interface, a packet processor, and a Data Processing Unit (DPU). The packet processor receives from a communication network, via the network interface, packets that originated from a source in an original order and received at the peripheral device in as order different from the original order. The packet processor splits the received packets into headers and payloads, sends the payloads for storage in a host memory and sends the headers without the payloads for storage in a DPU memory, and based on the headers produces a hint indicative of processing to be applied to the headers, by the DPU, for identifying the original order. Based on the hint, the DPU identifies the original order of the packets by applying the processing indicated by the hint to respective headers in the DPU memory, and notifies the host of the original order.

公开(公告)号：US11683266B2

公开(公告)日：2023-06-20

申请号：US17963216

申请日：2022-10-11

Applicant: Mellanox Technologies, Ltd.

Inventor： Boris Pismenny ,  Miriam Menes ,  Idan Burstein ,  Liran Liss ,  Noam Bloch ,  Ariel Shahar

IPC: H04L45/00 ,  H04L45/42 ,  G06F11/10 ,  H04L69/163 ,  H04L69/22

CPC classification number: H04L45/566 ,  G06F11/1004 ,  H04L45/38 ,  H04L45/42 ,  H04L69/163 ,  H04L69/22

Abstract: A system includes a host processor, which has a host memory and is coupled to store data in a non-volatile memory in accordance with a storage protocol. A network interface controller (NIC) receives data packets conveyed over a packet communication network from peer computers containing, in payloads of the data packets, data records that encode data in accordance with the storage protocol for storage in the non-volatile memory. The NIC processes the data records in the data packets that are received in order in each flow from a peer computer and extracts and writes the data to the host memory, and when a data packet arrives out of order, writes the data packet to the host memory without extracting the data and processes the data packets in the flow so as to recover context information for use in processing the data records in subsequent data packets in the flow.

公开(公告)号：US11658803B2

公开(公告)日：2023-05-23

申请号：US17198889

申请日：2021-03-11

Applicant: Mellanox Technologies, Ltd.

Inventor： Boris Pismenny ,  Liran Liss ,  Ilya Lesokhin

IPC: H04L9/06 ,  H04L9/32

CPC classification number: H04L9/0637 ,  H04L9/32 ,  H04L9/3242

Abstract: A method, apparatus, and computer program product for processing a data record including encrypted and decrypted data is described. Various embodiments include receiving a data record including ciphertext and plaintext blocks and determining whether each block in the data record is a ciphertext block or a plaintext block. If a block is a ciphertext block, the ciphertext block is stored into a ciphertext record, decrypted into a plaintext block utilizing a decryption algorithm, and stored in a plaintext record. If the block is a plaintext block, the plaintext block is stored into the plaintext record, encrypted into a ciphertext block utilizing an encryption algorithm, and stored in the ciphertext record. Embodiments described also include authenticating the data record by passing each block of the ciphertext record to an authentication scheme and outputting the plaintext record to a destination application.

公开(公告)号：US12088712B2

公开(公告)日：2024-09-10

申请号：US17699517

申请日：2022-03-21

Applicant: Mellanox Technologies Ltd.

Inventor： Eitan Hirshberg ,  Boris Pismenny ,  Miriam Menes ,  Eilon Greenstein

IPC: H04L9/08

CPC classification number: H04L9/0891 ,  H04L9/0822

Abstract: A method of encrypting a memory transaction include, using a computing device operating a processor, encrypting a set of buffers to be transmitted, each buffer encrypted using an encryption key of a set of encryption keys.

公开(公告)号：US11979340B2

公开(公告)日：2024-05-07

申请号：US17824954

申请日：2022-05-26

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Dotan David Levi ,  Gal Yefet

IPC: H04L65/61 ,  H04L49/552 ,  H04L49/90 ,  H04L49/901 ,  H04L49/9057 ,  H04L65/65 ,  H04W28/04

CPC classification number: H04L49/552 ,  H04L49/901 ,  H04L49/9057 ,  H04L49/9068 ,  H04L65/61 ,  H04L65/65 ,  H04W28/04

Abstract: A method for communication includes mapping transport sequence numbers in headers of data packets received from a network to respective buffers in a memory of a host computer. At least a part of the data from payloads of the received data packets is written directly to the respective buffers.

公开(公告)号：US20220385598A1

公开(公告)日：2022-12-01

申请号：US17824954

申请日：2022-05-26

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Dotan David Levi ,  Gal Yefet

IPC: H04L49/552 ,  H04L49/90 ,  H04L49/9057 ,  H04W28/04 ,  H04L49/901 ,  H04L65/61 ,  H04L65/65

Abstract: A method for communication includes mapping transport sequence numbers in headers of data packets received from a network to respective buffers in a memory of a host computer. At least a part of the data from payloads of the received data packets is written directly to the respective buffers.

公开(公告)号：US20210203610A1

公开(公告)日：2021-07-01

申请号：US17204968

申请日：2021-03-18

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Liran Liss ,  Ilya Lesokhin ,  Haggai Eran ,  Adi Menachem

IPC: H04L12/833 ,  H04L29/06 ,  H04L12/931 ,  H04L29/08 ,  H04L12/851 ,  H04L12/413 ,  H04L12/00

Abstract: Apparatus including a first interface to a host processor, a second interface to transmit and receive data packets having headers and payloads, to and from a packet communication network, a memory holding context information regarding a flow of the data and assigning serial numbers to the data packets in the flow, according to a session-layer protocol, and processing circuitry between the first and second interfaces and having acceleration logic, to decode the data records according to the session-layer protocol, using and updating the context information based on the serial numbers and the data records of the received packets, and processing circuitry writing the decoded data records through the first interface to a host memory. The acceleration logic, upon receiving in a given flow a data packet containing a serial number that is out of order, reconstructs the context information and applies that context information in decoding data records in subsequent data packets in the flow.