-
91.发明授权Entering a secured computing environment using multiple authenticated code modules 有权使用多个经过身份验证的代码模块进入安全的计算环境公开(公告)号:US09202015B2
公开(公告)日:2015-12-01
申请号:US12650579
申请日:2009-12-31
申请人: Sham M. Datta , Ernie F. Brickell , Mohan J. Kumar
发明人: Sham M. Datta , Ernie F. Brickell , Mohan J. Kumar
CPC分类号: G06F21/00 , G06F21/57 , G06F21/572 , G06F21/71 , G06F2221/2149 , G06F2221/2153
摘要: Systems, apparatuses, and methods, and for entering a secured system environment using multiple authenticated code modules are disclosed. In one embodiment, a processor includes a decoder and control logic. The decoder is to decode a secured enter instruction. The control logic is to find an entry corresponding to the processor in a match table in a master authenticated code module and to read a master header and an individual authenticated code module from the master authenticated code module in response to decoding the secured enter instruction.
摘要翻译: 公开了系统,装置和方法以及使用多个认证代码模块输入安全系统环境。 在一个实施例中,处理器包括解码器和控制逻辑。 解码器是对安全的输入指令进行解码。 控制逻辑是在主认证代码模块的匹配表中找到与处理器相对应的条目,并且响应于对安全的进入指令进行解码,从主认证代码模块读取主标题和单独的认证代码模块。
-
92.发明申请公开(公告)号:US20140188829A1
公开(公告)日:2014-07-03
申请号:US13728451
申请日:2012-12-27
IPC分类号: G06F17/30
CPC分类号: G06F16/21
摘要: Technologies to generate an error record are described herein. A method includes performing a scan of one or more error logs to identify a source of data in response to an attempt to access the data, determining whether an amount of time to complete the scan will exceed a threshold value, and generating a notice that the error record will be deferred based on the determination. A system includes a data collector to scan one or more error logs to identify a source of data in response to an attempt to access the data, a controller to determine whether an amount of time to scan the error logs to identify the source of data will exceed a threshold value, and a signal generator to generate a signal indicating that the error record is to be deferred based on the determination.
摘要翻译: 本文描述了生成错误记录的技术。 一种方法包括:响应于访问数据的尝试,执行一个或多个错误日志的扫描以识别数据源,确定完成扫描的时间量是否将超过阈值,以及生成通知 错误记录将根据确定推迟。 系统包括数据收集器,用于扫描一个或多个错误日志以响应于访问数据的尝试来识别数据源;控制器,用于确定扫描错误日志以识别数据源的时间量是否将 超过阈值,以及信号发生器,用于基于该确定产生指示错误记录被延迟的信号。
-
公开(公告)号:US20130212406A1
公开(公告)日:2013-08-15
申请号:US13837640
申请日:2013-03-15
申请人: Shamanna M. Datta , Mohan J. Kumar
发明人: Shamanna M. Datta , Mohan J. Kumar
IPC分类号: G06F21/60
摘要: A technique to verify firmware. One embodiment of the invention uses a processor's micro-code to verify a system's firmware, such that the firmware can be included in a trusted chain of code along with the operating system.
摘要翻译: 验证固件的技术。 本发明的一个实施例使用处理器的微代码来验证系统的固件,使得固件可以与操作系统一起被包括在可信赖的代码链中。
-
公开(公告)号:US08473945B2
公开(公告)日:2013-06-25
申请号:US11967779
申请日:2007-12-31
申请人: Sham M. Datta , Mohan J. Kumar , Maheeh Natu
发明人: Sham M. Datta , Mohan J. Kumar , Maheeh Natu
IPC分类号: G06F9/455
CPC分类号: G06F9/30087 , G06F9/45533
摘要: Apparatuses, methods, and systems for enabling system management mode in a secure system are disclosed. In one embodiment, a processor includes sub-operating-system mode logic, virtual machine logic, and control logic. The sub-operating-system mode logic is to support a sub-operating-system mode. The virtual machine logic is to support virtualization. The control logic is to prevent virtualization from being enabled when the sub-operating-system mode is disabled.
摘要翻译: 公开了一种用于在安全系统中启用系统管理模式的装置,方法和系统。 在一个实施例中,处理器包括子操作系统模式逻辑,虚拟机逻辑和控制逻辑。 子操作系统模式逻辑是支持子操作系统模式。 虚拟机逻辑是支持虚拟化。 控制逻辑是防止在禁用子操作系统模式时启用虚拟化。
-
公开(公告)号:US08429418B2
公开(公告)日:2013-04-23
申请号:US11355697
申请日:2006-02-15
申请人: Shamanna M. Datta , Mohan J. Kumar
发明人: Shamanna M. Datta , Mohan J. Kumar
IPC分类号: G06F21/00
摘要: A technique to verify firmware. One embodiment of the invention uses a processor's micro-code to verify a system's firmware, such that the firmware can be included in a trusted chain of code along with the operating system.
摘要翻译: 验证固件的技术。 本发明的一个实施例使用处理器的微代码来验证系统的固件,使得固件可以与操作系统一起被包括在可信赖的代码链中。
-
公开(公告)号:US20110179311A1
公开(公告)日:2011-07-21
申请号:US12971868
申请日:2010-12-17
IPC分类号: G06F11/00
CPC分类号: G06F11/3676
摘要: In some embodiments a request is received to perform an error injection or a memory migration, a mode is entered that blocks requests from agents other than a current processor core or thread, the error is injected or the memory is migrated, and the mode that blocks requests from the agents other than the current processor core or thread is exited. Other embodiments are described and claimed.
摘要翻译: 在一些实施例中,接收到执行错误注入或存储器迁移的请求,输入阻止来自除当前处理器核心或线程以外的代理的请求的模式,注入错误或存储器迁移的模式以及阻止 来自除当前处理器核心或线程之外的代理的请求退出。 描述和要求保护其他实施例。
-
公开(公告)号:US20110055469A1
公开(公告)日:2011-03-03
申请号:US12550737
申请日:2009-08-31
申请人: Mahesh S. Natu , Thanunathan Rangarajan , Gautam B. Doshi , Shammanna M. Datta , Baskaran Ganesan , Mohan J. Kumar , Rajesh S. Parthasarathy , Frank Binns , Rajesh Nagaraja Murthy , Robert C. Swanson
发明人: Mahesh S. Natu , Thanunathan Rangarajan , Gautam B. Doshi , Shammanna M. Datta , Baskaran Ganesan , Mohan J. Kumar , Rajesh S. Parthasarathy , Frank Binns , Rajesh Nagaraja Murthy , Robert C. Swanson
IPC分类号: G06F12/06
CPC分类号: G06F13/24 , G06F9/30101 , G06F9/3017 , G06F9/30189 , G06F9/3851 , G06F9/461 , G11C7/1072 , G11C11/40615
摘要: In one embodiment, the present invention includes a processor that has an on-die storage such as a static random access memory to store an architectural state of one or more threads that are swapped out of architectural state storage of the processor on entry to a system management mode (SMM). In this way communication of this state information to a system management memory can be avoided, reducing latency associated with entry into SMM. Embodiments may also enable the processor to update a status of executing agents that are either in a long instruction flow or in a system management interrupt (SMI) blocked state, in order to provide an indication to agents inside the SMM. Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,本发明包括具有诸如静态随机存取存储器之类的片上存储器的处理器,用于存储在进入系统时从处理器的架构状态存储器交换的一个或多个线程的架构状态 管理模式(SMM)。 以这种方式,可以避免该状态信息与系统管理存储器的通信,减少与进入SMM相关联的延迟。 实施例还可以使处理器更新处于长指令流或处于系统管理中断(SMI)阻塞状态中的执行代理的状态,以向SMM内的代理提供指示。 描述和要求保护其他实施例。
-
98.发明授权Apparatus and method for enumeration of processors during hot-plug of a compute node 有权在计算节点的热插拔期间枚举处理器的装置和方法公开(公告)号:US07822900B2
公开(公告)日:2010-10-26
申请号:US12271725
申请日:2008-11-14
申请人: Shivnandan D. Kaushik , James B. Crossland , Mohan J. Kumar , Linda J. Rankin , David J. O'Shea
发明人: Shivnandan D. Kaushik , James B. Crossland , Mohan J. Kumar , Linda J. Rankin , David J. O'Shea
IPC分类号: G06F13/00
CPC分类号: G06F13/4081
摘要: An apparatus and method for enumeration of processors during hot-plug of a compute node are described. The method includes the enumeration, in response to a hot-plug reset, of one or more processors. The enumeration is provided to a system architecture operating system in which a compute node is hot-plugged. Once enumeration is complete, the compute node is started in response to an operating system activation request. Accordingly, once device enumeration, as well as resource enumeration are complete, the one or more processors of the processor memory node are activated, such that the operating system may begin utilizing the processors of the hot-plugged compute node.
摘要翻译: 描述了在计算节点的热插拔期间枚举处理器的装置和方法。 该方法包括响应于热插拔复位的一个或多个处理器的枚举。 枚举被提供给其中计算节点被热插拔的系统架构操作系统。 枚举完成后,响应于操作系统激活请求启动计算节点。 因此,一旦设备枚举以及资源枚举完成,处理器存储器节点的一个或多个处理器被激活,使得操作系统可以开始利用热插拔的计算节点的处理器。
-
99.发明申请公开(公告)号:US20090249050A1
公开(公告)日:2009-10-01
申请号:US12056452
申请日:2008-03-27
申请人: Sham M. Datta , Mohan J. Kumar , Ernest Brickell
发明人: Sham M. Datta , Mohan J. Kumar , Ernest Brickell
IPC分类号: G06F9/24
CPC分类号: G06F21/57
摘要: Embodiments of the invention provide systems and methods associated with a measurement engine in a server platform. In one such embodiment of the invention, the measurement engine hardware verifies/authenticates its own firmware and then system initialization firmware by measuring such firmware and storing measurement results in a register that is not spoofable by malicious code. In this instance, the measurement engine holds the host CPU complex in a reset state until the measurement engine has verified the system initialization firmware. In another such embodiment of the invention, the measurement engine hardware also measures firmware associated with one or more system service processors and stores such measurement results in a register. In this case, the measurement engine holds the system service processors and the host CPU complex in reset until the measurements are completed. Other embodiments are described.
摘要翻译: 本发明的实施例提供了与服务器平台中的测量引擎相关联的系统和方法。 在本发明的一个这样的实施例中,测量引擎硬件通过测量这样的固件来验证/认证其自己的固件,然后验证其自身的固件,并将测量结果存储在恶意代码不能欺骗的寄存器中。 在这种情况下,测量引擎将主机复合体保持在复位状态,直到测量引擎已经验证了系统初始化固件。 在本发明的另一个这样的实施例中,测量引擎硬件还测量与一个或多个系统服务处理器相关联的固件并将这样的测量结果存储在寄存器中。 在这种情况下,测量引擎将系统服务处理器和主机CPU复合体保持在复位状态,直到测量完成。 描述其他实施例。
-
100.发明申请APPARATUS AND METHOD FOR ENUMERATION OF PROCESSORS DURING HOT-PLUG OF A COMPUTE NODE 有权在计算机节点热插拔过程中进行处理器的设计和方法公开(公告)号:US20090106471A1
公开(公告)日:2009-04-23
申请号:US12271725
申请日:2008-11-14
申请人: Shivnandan D. Kaushik , James B. Crossland , Mohan J. Kumar , Linda J. Rankin , David J. O'Shea
发明人: Shivnandan D. Kaushik , James B. Crossland , Mohan J. Kumar , Linda J. Rankin , David J. O'Shea
IPC分类号: G06F13/00
CPC分类号: G06F13/4081
摘要: An apparatus and method for enumeration of processors during hot-plug of a compute node are described. The method includes the enumeration, in response to a hot-plug reset, of one or more processors. The enumeration is provided to a system architecture operating system in which a compute node is hot-plugged. Once enumeration is complete, the compute node is started in response to an operating system activation request. Accordingly, once device enumeration, as well as resource enumeration are complete, the one or more processors of the processor memory node are activated, such that the operating system may begin utilizing the processors of the hot-plugged compute node.
摘要翻译: 描述了在计算节点的热插拔期间枚举处理器的装置和方法。 该方法包括响应于热插拔复位的一个或多个处理器的枚举。 枚举被提供给其中计算节点被热插拔的系统架构操作系统。 枚举完成后,响应于操作系统激活请求启动计算节点。 因此,一旦设备枚举以及资源枚举完成,处理器存储器节点的一个或多个处理器被激活,使得操作系统可以开始利用热插拔的计算节点的处理器。
-
-
-
-
-
-
-
-
-
搜索结果
109 条记录 (耗时 0.032 秒)