公开(公告)号：US20240330436A1

公开(公告)日：2024-10-03

申请号：US18735120

申请日：2024-06-05

Applicant: Mellanox Technologies, Ltd.

Inventor： Ahmad Atamli ,  Rami Ailabouni ,  Ahmad Saleh ,  Ariel Levanon ,  Thanh Nguyen ,  Mark Overby

IPC: G06F21/53 ,  G06F21/60

CPC classification number: G06F21/53 ,  G06F21/606 ,  G06F2221/033

Abstract: The technology disclosed herein enables an auxiliary device to run a service that can access and analyze data of a Trusted Execution Environment (TEE). The auxiliary device can determine that a host device comprises a first TEE established by a central processing unit (CPU) of the host device, where CPU executes a first computer program in the first TEE. The auxiliary device can receive data of the first TEE using a trusted communication link between the first TEE and a second TEE established by the DPU, and execute a second computer program in the second TEE to monitor execution of the first computer program.

公开(公告)号：US20230351021A1

公开(公告)日：2023-11-02

申请号：US18349147

申请日：2023-07-09

Applicant: Mellanox Technologies, Ltd.

Inventor： Mor Hoyda Sfadia ,  Yuval Itkin ,  Ahmad Atamli ,  Ariel Shahar ,  Yaniv Strassberg ,  Itsik Levi

IPC: G06F21/57 ,  G06F8/65 ,  G06F9/445

CPC classification number: G06F21/572 ,  G06F8/65 ,  G06F9/445 ,  G06F2221/033

Abstract: A computer system includes a volatile memory and at least one processor. The volatile memory includes a protected storage segment (PSS) configured to store firmware-authentication program code for authenticating firmware of the computer system. The at least one processor is configured to receive a trigger to switch to a given version of the firmware, to obtain, in response to the trigger, a privilege to access the PSS, to authenticate the given version of the firmware by executing the firmware-authentication program code from the PSS, to switch to the given version of the firmware upon successfully authenticating the given version, and to take an alternative action upon failing to authenticate the given version.

公开(公告)号：US20230267196A1

公开(公告)日：2023-08-24

申请号：US17676890

申请日：2022-02-22

Applicant: MELLANOX TECHNOLOGIES, LTD.

Inventor： Boris Pismenny ,  Miriam Menes ,  Ahmad Atamli ,  Ilan Pardo ,  Ariel Shahar ,  Uria Basher

IPC: G06F21/53 ,  G06F21/79 ,  G06F9/50 ,  G06F13/28

CPC classification number: G06F21/53 ,  G06F21/79 ,  G06F9/5016 ,  G06F9/5077 ,  G06F13/28

Abstract: A confidential computing (CC) apparatus includes a CPU and a peripheral device. The CPU is to run a hypervisor that hosts one or more Trusted Virtual Machines (TVMs). The peripheral device is coupled to the CPU and to an external memory. The CPU includes a TVM-Monitor (TVMM), to perform management operations on the one or more TVMs, to track memory space that is allocated by the hypervisor to the peripheral device in the external memory, to monitor memory-access requests issued by the hypervisor to the memory space allocated to the peripheral device in the external memory, and to permit or deny the memory-access requests, according to a criterion.