公开(公告)号：US20240345841A1

公开(公告)日：2024-10-17

申请号：US18751604

申请日：2024-06-24

Applicant: Intel Corporation

Inventor： UTKARSH Y. KAKAIYA ,  RAJESH SANKARAN ,  GILBERT NEIGER ,  PHILIP LANTZ ,  SANJAY K. KUMAR

IPC: G06F9/34 ,  G06F9/30 ,  G06F12/109

CPC classification number: G06F9/34 ,  G06F9/30098 ,  G06F12/109 ,  G06F2212/657

Abstract: In one embodiment, a processor comprises: a first configuration register to store a pointer to a process address space identifier (PASID) table; and an execution circuit coupled to the first configuration register. The execution circuit, in response to a first instruction, is to obtain command data from a first location identified in a source operand of the first instruction, obtain a PASID table handle from the command data, access a first entry of the PASID table using the pointer from the first configuration register and the PASID table handle to obtain a PASID value, insert the PASID value into the command data, and send the command data to a device coupled to the processor. Other embodiments are described and claimed.

公开(公告)号：US20210240475A1

公开(公告)日：2021-08-05

申请号：US17124813

申请日：2020-12-17

Applicant: Intel Corporation

Inventor： ELIEZER WEISSMANN ,  MARK CHARNEY ,  MICHAEL MISHAELI ,  ROBERT VALENTINE ,  ITAI RAVID ,  JASON W. BRANDT ,  GILBERT NEIGER ,  BARUCH CHAIKIN ,  EFRAIM ROTEM

IPC: G06F9/30 ,  G06F9/38

Abstract: Systems, methods, and apparatuses relating to instructions to reset software thread runtime property histories in a hardware processor are described. In one embodiment, a hardware processor includes a hardware guide scheduler comprising a plurality of software thread runtime property histories; a decoder to decode a single instruction into a decoded single instruction, the single instruction having a field that identifies a model-specific register; and an execution circuit to execute the decoded single instruction to check that an enable bit of the model-specific register is set, and when the enable bit is set, to reset the plurality of software thread runtime property histories of the hardware guide scheduler.

公开(公告)号：US20160378688A1

公开(公告)日：2016-12-29

申请号：US14752227

申请日：2015-06-26

Applicant: Intel Corporation

Inventor： CARLOS V. ROZAS ,  MONA VIJ ,  REBEKAH M. LESLIE-HURD ,  KRYSTOF C. ZMUDZINSKI ,  SOMNATH CHAKRABARTI ,  FRANCIS X. MCKEEN ,  VINCENT R. SCARLATA ,  SIMON P. JOHNSON ,  ILYA ALEXANDROVICH ,  GILBERT NEIGER ,  VEDVYAS SHANBHOGUE ,  ITTAI ANATI

IPC: G06F12/14 ,  G06F9/30 ,  G06F21/60

CPC classification number: G06F12/1408 ,  G06F8/41 ,  G06F9/30145 ,  G06F9/45558 ,  G06F21/53 ,  G06F21/602 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2212/1052

Abstract: A processor includes a decode unit to decode an instruction that is to indicate a page of a protected container memory, and a storage location outside of the protected container memory. An execution unit, in response to the instruction, is to ensure that there are no writable references to the page of the protected container memory while it has a write protected state. The execution unit is to encrypt a copy of the page of the protected container memory. The execution unit is to store the encrypted copy of the page to the storage location outside of the protected container memory, after it has been ensured that there are no writable references. The execution unit is to leave the page of the protected container memory in the write protected state, which is also valid and readable, after the encrypted copy has been stored to the storage location.

Abstract translation: 处理器包括解码单元，用于解码指示受保护的容器存储器的页面的指令以及受保护的容器存储器之外的存储位置。 执行单元响应于该指令，是确保在受保护的容器存储器具有写保护状态时不存在对受保护的容器存储器的页的可写引用。 执行单元是加密受保护的容器存储器的页面的副本。 在确保没有可写入引用之后，执行单元将页面的加密副本存储到受保护的容器存储器外部的存储位置。 执行单元将保护的容器存储器的页面保留在写保护状态中，该保护状态在加密的副本已被存储到存储位置之后也是有效和可读的。

公开(公告)号：US20160371191A1

公开(公告)日：2016-12-22

申请号：US15250787

申请日：2016-08-29

Applicant: Intel Corporation

Inventor： CARLOS V. ROZAS ,  ILYA ALEXANDROVICH ,  ITTAI ANATI ,  ALEX BERENZON ,  MICHAEL A. GOLDSMITH ,  BARRY E. HUNTLEY ,  ANTON IVANOV ,  SIMON P. JOHNSON ,  REBEKAH M. LESLIE-HURD ,  FRANCIS X. MCKEEN ,  GILBERT NEIGER ,  RINAT RAPPOPORT ,  SCOTT D. RODGERS ,  UDAY R. SAVAGAONKAR ,  VINCENT R. SCARLATA ,  VEDVYAS SHANBHOGUE ,  WESLEY H. SMITH ,  WILLIAM C. WOOD

IPC: G06F12/0875 ,  G06F12/1027

Abstract: Instructions and logic provide advanced paging capabilities for secure enclave page caches. Embodiments include multiple hardware threads or processing cores, a cache to store secure data for a shared page address allocated to a secure enclave accessible by the hardware threads. A decode stage decodes a first instruction specifying said shared page address as an operand, and execution units mark an entry corresponding to an enclave page cache mapping for the shared page address to block creation of a new translation for either of said first or second hardware threads to access the shared page. A second instruction is decoded for execution, the second instruction specifying said secure enclave as an operand, and execution units record hardware threads currently accessing secure data in the enclave page cache corresponding to the secure enclave, and decrement the recorded number of hardware threads when any of the hardware threads exits the secure enclave.

Abstract translation: 说明和逻辑为安全的飞地页面缓存提供了高级分页功能。 实施例包括多个硬件线程或处理核心，用于存储分配给由硬件线程可访问的安全空间的共享页面地址的安全数据的高速缓存。 解码级将指定所述共享页地址的第一指令解码为操作数，并且执行单元标记对应于共享页地址的飞地页高速缓存映射的条目，以阻止所述第一或第二硬件线程中的任一个的新转换的创建 访问共享页面。 第二指令被解码以执行，第二指令指定所述安全飞地作为操作数，并且执行单元记录当前访问与安全飞地相对应的飞地页面高速缓存中的安全数据的硬件线程，并且当任何 的硬件线程退出安全飞地。

公开(公告)号：US20160110298A1

公开(公告)日：2016-04-21

申请号：US14519648

申请日：2014-10-21

Applicant: Intel Corporation

Inventor： DAVID A. KOUFATY ,  GILBERT NEIGER ,  RAJESH M. SANKARAN ,  ANDREW V. ANDERSON ,  SUBRAMANYA R. DULLOOR ,  WERNER HAAS ,  JOSEPH NUZMAN

IPC: G06F12/14 ,  G06F21/62

CPC classification number: G06F12/1466 ,  G06F21/52 ,  G06F2212/1052

Abstract: A processing system includes a processing core to execute a task and a memory management unit, coupled to the core. The memory management unit includes a storage unit to store a page table entry including one or more identifiers of memory frames, a protection key, and an access mode bit indicating whether the one or more memory frames are accessible according to a user mode or according to a supervisor mode, a first permission register including a plurality of fields, each field comprising a set of bits reflecting a set of memory access permissions under the user mode, and a second permission register storing a plurality of fields, each field comprising a set of bits reflecting a set of memory access permissions under the supervisor mode.

Abstract translation: 处理系统包括执行任务的处理核心和耦合到核心的存储器管理单元。 存储器管理单元包括：存储单元，用于存储包括存储器帧的一个或多个标识符的页表项，保护密钥和指示一个或多个存储器帧是否可根据用户模式访问的访问模式位，或者根据 管理员模式，包括多个字段的第一允许寄存器，每个字段包括反映用户模式下的一组存储器访问许可的位数，以及存储多个字段的第二许可寄存器，每个字段包括一组 在管理员模式下反映一组内存访问权限的位。