公开(公告)号：US12137161B2

公开(公告)日：2024-11-05

申请号：US17548146

申请日：2021-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Ali Ghassan Saidi ,  Adi Habusha

IPC: H04L9/08 ,  G06F9/455 ,  G06F21/72

Abstract: A host device may include an interconnect, a host memory, and a set of processor cores. A processor core may execute a VM assigned to a cryptographic key and may send a request to access a physical address in the host memory toward the interconnect. An enforcer device may receive the request and extract a key identifier from the request. The enforcer device may determine whether to allow the request to access the physical address via the interconnect based on the key identifier and a list of allowed keys stored on the enforcer device. If the enforcer device determines to not allow the request to access, the enforcer device may modify the physical address and/or the key identifier of the request.

公开(公告)号：US20230188338A1

公开(公告)日：2023-06-15

申请号：US17548146

申请日：2021-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Ali Ghassan Saidi ,  Adi Habusha

IPC: H04L9/08 ,  G06F9/455 ,  G06F21/72

CPC classification number: H04L9/0891 ,  G06F9/45558 ,  G06F21/72 ,  G06F2009/45587 ,  G06F2009/45579

Abstract: A host device may include an interconnect, a host memory, and a set of processor cores. A processor core may execute a VM assigned to a cryptographic key and may send a request to access a physical address in the host memory toward the interconnect. An enforcer device may receive the request and extract a key identifier from the request. The enforcer device may determine whether to allow the request to access the physical address via the interconnect based on the key identifier and a list of allowed keys stored on the enforcer device. If the enforcer device determines to not allow the request to access, the enforcer device may modify the physical address and/or the key identifier of the request.

公开(公告)号：US10768965B1

公开(公告)日：2020-09-08

申请号：US15969684

申请日：2018-05-02

Applicant: Amazon Technologies, Inc.

Inventor： Adi Habusha ,  Ali Ghassan Saidi

IPC: G06F12/02 ,  G06F9/455 ,  G06F12/1036

Abstract: Systems and methods are provided to reduce the number of redundant copy operations performed as part of a live migration of a virtual machine executing a guest. A hypervisor can queue the copy operations in a processing engine. While pre-copying for the live migration of the VM, the guest may continue to write to the pages. In one embodiment, the processing engine may clear a dirty page just before performing the copy operation of the modified page to a target device, thus extending the window of time to capture any future writes to that page.

公开(公告)号：US11809349B1

公开(公告)日：2023-11-07

申请号：US17304240

申请日：2021-06-16

Applicant: Amazon Technologies, Inc.

Inventor： Ali Ghassan Saidi ,  Adi Habusha ,  Itai Avron ,  Tzachi Zidenberg ,  Ofer Naaman

IPC: G06F13/24 ,  G06F11/07 ,  G06F9/455

CPC classification number: G06F13/24 ,  G06F9/45558 ,  G06F11/0712 ,  G06F2009/45579 ,  G06F2201/815 ,  G06F2213/24

Abstract: An interposer circuit is used between an interrupt controller and a processor core to facilitate direct injection of a virtual interrupt into a guest executing on the processor core, even though the interrupt controller does not support the direct injection. The interposer circuit can convert a command received from the interrupt controller for a physical interrupt into another command for a virtual interrupt to make the processor core believe that the processor core has received a virtual interrupt even though the interrupt controller is not able to provide the virtual interrupt. The virtual interrupt can be directly injected into the processor core without the intervention of a hypervisor executing on the processor core.

公开(公告)号：US11620233B1

公开(公告)日：2023-04-04

申请号：US16588898

申请日：2019-09-30

Applicant: Amazon Technologies, Inc.

Inventor： Adi Habusha ,  Ali Ghassan Saidi ,  Tzachi Zidenberg

IPC: G06F12/00 ,  G06F12/1009 ,  G06F12/1027 ,  G06F12/0891 ,  G06F3/06 ,  G06F9/30

Abstract: An integrated circuit for offloading a page migration operation from a host processor is provided. The integrated circuit is configured to: receive, from the host processor, a request to perform the page migration operation from a first physical address to a second physical address; and based on the request, perform the page migration operation. The page migration operation comprises: performing a copy operation of data from the first physical address to the second physical address, and updating a page table entry based on the second physical address, to enable the host processor to access the data from the second physical address based on the updated page table entry.

公开(公告)号：US11307882B1

公开(公告)日：2022-04-19

申请号：US16584765

申请日：2019-09-26

Applicant: Amazon Technologies, Inc.

Inventor： Tzachi Zidenberg ,  Ali Ghassan Saidi ,  Leonid Koilis ,  Noam Bashari

IPC: G06F17/40 ,  G06F9/455

Abstract: Techniques for obtaining the performance of an integrated circuit design are disclosed. One such technique may retrieve, from a data store, a set of snapshots of a virtual machine of a host system taken during execution of a performance test. For each snapshot in the set of snapshots, the snapshot can be loaded onto a virtual machine running on an emulator that is emulating the integrated circuit design. The virtual machine can be executed for a reduced runtime, and the performances measured during execution of the snapshots can be used to derive the performance of the integrated circuit design.

公开(公告)号：US10592281B1

公开(公告)日：2020-03-17

申请号：US15719352

申请日：2017-09-28

Applicant: Amazon Technologies, Inc.

Inventor： Ali Ghassan Saidi

IPC: G06F9/48 ,  G06F9/455

Abstract: A wait optimizer circuit can be coupled to a processor to monitor an entry of a virtual CPU (vCPU) into a wait mode to acquire a ticket lock. The wait optimizer can introduce an amount of delay, while the vCPU is in the wait mode, with an assumption that the spinlock may be resolved before sending a wake up signal to the processor for rescheduling. The wait optimizer can also record a time stamp only for a first entry of the vCPU from a plurality of entries into the wait mode within a window of time. The time stamps for vCPUs contending for the same ticket lock can be used by a hypervisor executing on the processor for rescheduling the vCPUs.