公开(公告)号：US12001842B2

公开(公告)日：2024-06-04

申请号：US18324788

申请日：2023-05-26

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Barry E. Huntley ,  Baiju V. Patel ,  Deepak K. Gupta

IPC: G06F9/30 ,  G06F9/46 ,  G06F21/52

CPC classification number: G06F9/3004 ,  G06F9/30134 ,  G06F9/461 ,  G06F21/52

Abstract: Methods and apparatuses relating to switching of a shadow stack pointer are described. In one embodiment, a hardware processor includes a hardware decode unit to decode an instruction, and a hardware execution unit to execute the instruction to: pop a token for a thread from a shadow stack, wherein the token includes a shadow stack pointer for the thread with at least one least significant bit (LSB) of the shadow stack pointer overwritten with a bit value of an operating mode of the hardware processor for the thread, remove the bit value in the at least one LSB from the token to generate the shadow stack pointer, and set a current shadow stack pointer to the shadow stack pointer from the token when the operating mode from the token matches a current operating mode of the hardware processor.

公开(公告)号：US11995001B2

公开(公告)日：2024-05-28

申请号：US17867306

申请日：2022-07-18

Applicant: Intel Corporation

Inventor： Krystof C. Zmudzinski ,  Siddhartha Chhabra ,  Uday R. Savagaonkar ,  Simon P. Johnson ,  Rebekah M. Leslie-Hurd ,  Francis X. McKeen ,  Gilbert Neiger ,  Raghunandan Makaram ,  Carlos V. Rozas ,  Amy L. Santoni ,  Vincent R. Scarlata ,  Vedvyas Shanbhogue ,  Ilya Alexandrovich ,  Ittai Anati ,  Wesley H. Smith ,  Michael Goldsmith

IPC: G06F12/1009 ,  G06F9/455 ,  G06F12/1027 ,  G06F12/1036 ,  G06F12/1045 ,  G06F12/109 ,  G06F12/14

CPC classification number: G06F12/1009 ,  G06F9/455 ,  G06F9/45558 ,  G06F12/1027 ,  G06F12/1036 ,  G06F12/109 ,  G06F12/1441 ,  G06F2009/45583 ,  G06F12/1045 ,  G06F2212/1016 ,  G06F2212/1052 ,  G06F2212/151 ,  G06F2212/657 ,  G06F2212/684

Abstract: A processor for supporting secure memory intent is disclosed. The processor of the disclosure includes a memory execution unit to access memory and a processor core coupled to the memory execution unit. The processor core is to receive a request to access a convertible page of the memory. In response to the request, the processor core to determine an intent for the convertible page in view of a page table entry (PTE) corresponding to the convertible page. The intent indicates whether the convertible page is to be accessed as at least one of a secure page or a non-secure page.

公开(公告)号：US20230421545A1

公开(公告)日：2023-12-28

申请号：US18345278

申请日：2023-06-30

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Siddhartha Chhabra ,  David J. Harriman ,  Raghunandan Makaram ,  Ioannis T. Schoinas

IPC: H04L9/40 ,  G06F21/60 ,  G06F21/64 ,  G06F13/42

CPC classification number: H04L63/0457 ,  G06F21/606 ,  G06F21/64 ,  H04L9/3242 ,  G06F2213/0026 ,  H04L63/0464 ,  G06F13/4282

Abstract: Methods, systems, and apparatuses associated with a secure stream protocol for a serial interconnect are disclosed. An apparatus comprises a first device comprising circuitry to, using an end-to-end protocol, secure a transaction in a first secure stream based at least in part on a transaction type of the transaction, where the first secure stream is separate from a second secure stream. The first device is further to send the transaction secured in the first secure stream to a second device over a link established between the first device and the second device, where the transaction is to traverse one or more intermediate devices from the first device to the second device. In more specific embodiments, the first secure stream is based on one of a posted transaction type, a non-posted transaction type, or completion transaction type.

公开(公告)号：US20230401309A1

公开(公告)日：2023-12-14

申请号：US18232810

申请日：2023-08-10

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Barry E. Huntley ,  Baiju V. Patel ,  Deepak K. Gupta

IPC: G06F21/52 ,  G06F3/06 ,  G06F12/14 ,  G06F9/30 ,  G06F9/46

CPC classification number: G06F21/52 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/0673 ,  G06F12/1491 ,  G06F9/30101 ,  G06F9/461 ,  G06F9/30134 ,  G06F2212/1052 ,  G06F2221/033 ,  G06F2221/2141

Abstract: A processor implementing techniques for processor extensions to protect stacks during ring transitions is provided. In one embodiment, the processor includes a plurality of registers and a processor core, operatively coupled to the plurality of registers. The plurality of registers is used to store data used in privilege level transitions. Each register of the plurality of registers is associated with a privilege level. An indicator to change a first privilege level of a currently active application to a second privilege level is received. In view of the second privilege level, a shadow stack pointer (SSP) stored in a register of the plurality of registers is selected. The register is associated with the second privilege level. By using the SSP, a shadow stack for use by the processor at the second privilege level is identified.

公开(公告)号：US11743240B2

公开(公告)日：2023-08-29

申请号：US16445019

申请日：2019-06-18

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Siddhartha Chhabra ,  David J. Harriman ,  Raghunandan Makaram ,  Ioannis T. Schoinas

IPC: H04L9/40 ,  G06F21/60 ,  G06F21/64 ,  G06F13/42 ,  H04L9/32

CPC classification number: H04L63/0457 ,  G06F13/4282 ,  G06F21/606 ,  G06F21/64 ,  G06F2213/0026 ,  H04L9/3242 ,  H04L63/0464

Abstract: Methods, systems, and apparatuses associated with a secure stream protocol for a serial interconnect are disclosed. An apparatus comprises a first device comprising circuitry to, using an end-to-end protocol, secure a transaction in a first secure stream based at least in part on a transaction type of the transaction, where the first secure stream is separate from a second secure stream. The first device is further to send the transaction secured in the first secure stream to a second device over a link established between the first device and the second device, where the transaction is to traverse one or more intermediate devices from the first device to the second device. In more specific embodiments, the first secure stream is based on one of a posted transaction type, a non-posted transaction type, or completion transaction type.

公开(公告)号：US11656899B2

公开(公告)日：2023-05-23

申请号：US17404897

申请日：2021-08-17

Applicant: Intel Corporation

Inventor： Sanjay Kumar ,  Rajesh M. Sankaran ,  Gilbert Neiger ,  Philip R. Lantz ,  Jason W. Brandt ,  Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya ,  Kun Tian

IPC: G06F9/455 ,  G06F9/30 ,  G06F12/1045 ,  G06F12/109

CPC classification number: G06F9/45558 ,  G06F9/30138 ,  G06F12/109 ,  G06F12/1063 ,  G06F2009/45579 ,  G06F2212/152

Abstract: Implementations of the disclosure provide a processing device comprising an address translation circuit to intercept a work request from an I/O device. The work request comprises a first ASID to map to a work queue. A second ASID of a host is allocated for the first ASID based on the work queue. The second ASID is allocated to at least one of: an ASID register for a dedicated work queue (DWQ) or an ASID translation table for a shared work queue (SWQ). Responsive to receiving a work submission from the SVM client to the I/O device, the first ASID of the application container is translated to the second ASID of the host machine for submission to the I/O device using at least one of: the ASID register for the DWQ or the ASID translation table for the SWQ based on the work queue associated with the I/O device.

公开(公告)号：US11656805B2

公开(公告)日：2023-05-23

申请号：US17131731

申请日：2020-12-22

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Barry E. Huntley ,  Baiju V. Patel

IPC: H04L29/06 ,  G06F3/06 ,  G06F9/30 ,  G06F21/52 ,  G06F9/38 ,  G06F12/1009 ,  G06F12/109 ,  G06F12/1027 ,  G06F12/1081 ,  G06F12/1045 ,  G06F12/14 ,  G06F12/1036

CPC classification number: G06F3/0673 ,  G06F3/0622 ,  G06F3/0629 ,  G06F9/30054 ,  G06F9/30101 ,  G06F9/30134 ,  G06F9/30145 ,  G06F9/3806 ,  G06F9/3861 ,  G06F12/1009 ,  G06F12/109 ,  G06F12/1027 ,  G06F12/1036 ,  G06F12/1063 ,  G06F12/1081 ,  G06F12/1491 ,  G06F21/52 ,  G06F2212/1052 ,  G06F2212/151 ,  G06F2212/651 ,  G06F2212/657

Abstract: A processor of an aspect includes a decode unit to decode an instruction. The processor also includes an execution unit coupled with the decode unit. The execution unit, in response to the instruction, is to determine that an attempted change due to the instruction, to a shadow stack pointer of a shadow stack, would cause the shadow stack pointer to exceed an allowed range. The execution unit is also to take an exception in response to determining that the attempted change to the shadow stack pointer would cause the shadow stack pointer to exceed the allowed range. Other processors, methods, systems, and instructions are disclosed.

公开(公告)号：US20220405234A1

公开(公告)日：2022-12-22

申请号：US17827882

申请日：2022-05-30

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Stephen J. Robinson ,  Christopher D. Bryant ,  Jason W. Brandt

IPC: G06F15/80 ,  G06F9/30

Abstract: A processor includes a widest set of data registers that corresponds to a given logical processor. Each of the data registers of the widest set have a first width in bits. A decode unit that corresponds to the given logical processor is to decode instructions that specify the data registers of the widest set, and is to decode an atomic store to memory instruction. The atomic store to memory instruction is to indicate data that is to have a second width in bits that is wider than the first width in bits. The atomic store to memory instruction is to indicate memory address information associated with a memory location. An execution unit is coupled with the decode unit. The execution unit, in response to the atomic store to memory instruction, is to atomically store the indicated data to the memory location.

公开(公告)号：US20220398017A1

公开(公告)日：2022-12-15

申请号：US17348586

申请日：2021-06-15

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  David Koufaty ,  Rajesh Sankaran ,  Vedvyas Shanbhogue

IPC: G06F3/06 ,  G06F13/28

Abstract: An embodiment of an integrated circuit comprises circuitry to share page tables associated with a page between a processor memory management unit (MMU) and an input/output memory management unit (IOMMU), store a page table entry in the memory associated with the page, and separately control access to the page from a processor and from a direct memory access (DMA) request based on one or more fields of the stored page table entry. Other embodiments are disclosed and claimed.

公开(公告)号：US20220197816A1

公开(公告)日：2022-06-23

申请号：US17130638

申请日：2020-12-22

Applicant: Intel Corporation

Inventor： George Powley ,  Vinodh Gopal ,  Vedvyas Shanbhogue

IPC: G06F12/1009 ,  G06F12/0882 ,  G06F12/02 ,  G06F11/30 ,  G06F9/46

Abstract: An embodiment of an integrated circuit may comprise, coupled to a core, hardware decompression accelerators, a compressed cache, a processor communicatively coupled to the hardware decompression accelerators and the compressed cache, and memory communicatively coupled to the processor, wherein the memory stores microcode instructions that when executed by the processor causes the processor to load a page table entry in response to an indication of a page fault, determine if the page table entry indicates that the page is to be decompressed on fault, and, if so determined, modify a first decompression work descriptor at a first address and a second decompression work descriptor at a second address based on information from the page table entry, and generate a first enqueue transaction to the hardware decompression accelerators with the first address of the first decompression work descriptor and a second enqueue transaction to the hardware decompression accelerators with the second address of the second decompression work descriptor. Other embodiments are disclosed and claimed.