公开(公告)号：US20210406199A1

公开(公告)日：2021-12-30

申请号：US16912542

申请日：2020-06-25

Applicant: Intel Corporation

Inventor： Michael Kounavis ,  David Koufaty ,  Anna Trikalinou ,  Karanvir Grewal ,  Philip Lantz ,  Utkarsh Y. Kakaiya ,  Vedvyas Shanbhogue

IPC: G06F12/14 ,  G06F12/1036 ,  G06F12/1081 ,  G06F12/0831 ,  G06F12/0882 ,  G06F12/06 ,  G06F21/60 ,  H04L9/32

Abstract: Embodiments are directed to providing a secure address translation service. An embodiment of a system includes a memory for storage of data, an Input/Output Memory Management Unit (IOMMU) coupled to the memory via a host-to-device link the IOMMU to perform operations, comprising receiving an address translation request from a remote device via a host-to-device link, wherein the address translation request comprises a virtual address (VA), determining a physical address (PA) associated with the virtual address (VA), generating an encrypted physical address (EPA) using at least the physical address (PA) and a cryptographic key, and sending the encrypted physical address (EPA) to the remote device via the host-to-device link.

公开(公告)号：US20200210363A1

公开(公告)日：2020-07-02

申请号：US16727466

申请日：2019-12-26

Applicant: Intel Corporation

Inventor： Vinay Raghav ,  David J. Harriman ,  Utkarsh Y. Kakaiya

IPC: G06F13/40 ,  G06F13/42 ,  G06F12/06 ,  G06F9/30

Abstract: A device includes a plurality of ports and a plurality of capability registers that correspond to a respective one of the plurality of ports. The device is to connect to one or more processors of a host device through the plurality of ports, and each of the plurality of ports comprises a respective protocol stack to support a respective link between the corresponding port and the host device according to a particular interconnect protocol. Each of the plurality of capability registers comprises a respective set of fields for use in configuration of the link between its corresponding port and one of the one or more processors of the host device. The fields include a field to indicate an association between the port and a particular processor, a field to indicate a port identifier for the port, and a field to indicate a total number of ports of the device.

公开(公告)号：US10521388B2

公开(公告)日：2019-12-31

申请号：US16146466

申请日：2018-09-28

Applicant: Intel Corporation

Inventor： Vinay Raghav ,  David J. Harriman ,  Utkarsh Y. Kakaiya

IPC: G06F13/12 ,  G06F13/40 ,  G06F9/30 ,  G06F12/06 ,  G06F13/42

Abstract: A device includes a plurality of ports and a plurality of capability registers that correspond to a respective one of the plurality of ports. The device is to connect to one or more processors of a host device through the plurality of ports, and each of the plurality of ports comprises a respective protocol stack to support a respective link between the corresponding port and the host device according to a particular interconnect protocol. Each of the plurality of capability registers comprises a respective set of fields for use in configuration of the link between its corresponding port and one of the one or more processors of the host device. The fields include a field to indicate an association between the port and a particular processor, a field to indicate a port identifier for the port, and a field to indicate a total number of ports of the device.

公开(公告)号：US20180331900A1

公开(公告)日：2018-11-15

申请号：US15592799

申请日：2017-05-11

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  Joshua D. Fender ,  Joseph Grecco ,  Prashant Sethi ,  Nagabhushan Chitlur ,  Pratik M. Marolia ,  Henry M. Mitchel

IPC: H04L12/24 ,  G06F9/455

CPC classification number: H04L41/0813 ,  G06F9/455 ,  H04L12/40

Abstract: An embodiment of a device manager apparatus may include a request processor to process a request for a reconfiguration of a reconfigurable device, a configuration controller communicatively coupled to the request processor to reconfigure the reconfigurable device based on the request, and a pseudo-device manager communicatively coupled to the request processor to create a pseudo device based on the request which corresponds to a functionality of the reconfiguration.

公开(公告)号：US20240338319A1

公开(公告)日：2024-10-10

申请号：US18745603

申请日：2024-06-17

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  Sanjay Kumar ,  Rajesh M. Sankaran ,  Philip R. Lantz ,  Ashok Raj ,  Kun Tian

IPC: G06F12/1009 ,  G06F9/455 ,  G06F12/06 ,  G06F12/1081

CPC classification number: G06F12/1009 ,  G06F9/45558 ,  G06F12/063 ,  G06F12/1081 ,  G06F2009/45579 ,  G06F2009/45583 ,  G06F2009/45591

Abstract: Embodiments of apparatuses, methods, and systems for unified address translation for virtualization of input/output devices are described. In an embodiment, an apparatus includes first circuitry to use at least an identifier of a device to locate a context entry and second circuitry to use at least a process address space identifier (PASID) to locate a PASID-entry. The context entry is to include at least one of a page-table pointer to a page-table translation structure and a PASID. The PASID-entry is to include at least one of a first-level page-table pointer to a first-level translation structure and a second-level page-table pointer to a second-level translation structure. The PASID is to be supplied by the device. At least one of the apparatus, the context entry, and the PASID entry is to include one or more control fields to indicate whether the first-level page-table pointer or the second-level page-table pointer is to be used.

公开(公告)号：US12045640B2

公开(公告)日：2024-07-23

申请号：US16909084

申请日：2020-06-23

Applicant: Intel Corporation

Inventor： Sanjay K. Kumar ,  Philip Lantz ,  Rajesh Sankaran ,  Narayan Ranganathan ,  Saurabh Gayen ,  David A. Koufaty ,  Utkarsh Y. Kakaiya

IPC: G06F9/455 ,  G06F9/34 ,  G06F9/48 ,  G06F12/10 ,  G06F12/109 ,  G06F12/14

CPC classification number: G06F9/45558 ,  G06F9/342 ,  G06F9/4875 ,  G06F12/10 ,  G06F12/109 ,  G06F12/1441 ,  G06F2009/45579 ,  G06F2009/45583 ,  G06F12/145 ,  G06F12/1475 ,  G06F12/1483 ,  G06F2212/1016 ,  G06F2212/152 ,  G06F2212/656 ,  G06F2212/657

Abstract: In one embodiment, a data mover accelerator is to receive, from a first agent having a first address space and a first process address space identifier (PASID) to identify the first address space, a first job descriptor comprising a second PASID selector to specify a second PASID to identify a second address space. In response to the first job descriptor, the data mover accelerator is to securely access the first address space and the second address space. Other embodiments are described and claimed.

公开(公告)号：US20240004990A1

公开(公告)日：2024-01-04

申请号：US17854159

申请日：2022-06-30

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya

IPC: G06F21/53 ,  G06F9/455

CPC classification number: G06F21/53 ,  G06F9/45558 ,  G06F2009/45579 ,  G06F2009/45587 ,  G06F2221/034

Abstract: Methods and apparatus relating to techniques to enable co-existence and inter-operation of legacy devices and Trusted Execution Environment (TEE) Input/Output (TO) capable devices from confidential virtual machines are described. In an embodiment, a processor executes at least one Trusted Environment (TE) with a TE address space and a non-TE address space. Logic circuitry selects between the TE address space and the non-TE address space based at least in part on a value of a TE tag for a transaction. The TE address space maps one or more TE Input/Output (TO) devices and the non-TE address space maps one or more legacy IO devices. Other embodiments are also disclosed and claimed.

公开(公告)号：US20230289229A1

公开(公告)日：2023-09-14

申请号：US17854322

申请日：2022-06-30

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  Saurabh Gayen ,  Kapil Sood ,  Naveen Lakkakula

IPC: G06F9/50 ,  G06F9/48 ,  G06F21/57

CPC classification number: G06F9/5027 ,  G06F9/4881 ,  G06F21/57

Abstract: Methods and apparatus relating to confidential computing extensions for highly scalable accelerators are described. One or more embodiments provide extensions for scalable accelerator(s) to be able to directly assign accelerator work-queue(s) to Trusted Execution Environment (TEE) Virtual Machines (TVMs). Other embodiments are also disclosed and claimed.

公开(公告)号：US11656899B2

公开(公告)日：2023-05-23

申请号：US17404897

申请日：2021-08-17

Applicant: Intel Corporation

Inventor： Sanjay Kumar ,  Rajesh M. Sankaran ,  Gilbert Neiger ,  Philip R. Lantz ,  Jason W. Brandt ,  Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya ,  Kun Tian

IPC: G06F9/455 ,  G06F9/30 ,  G06F12/1045 ,  G06F12/109

CPC classification number: G06F9/45558 ,  G06F9/30138 ,  G06F12/109 ,  G06F12/1063 ,  G06F2009/45579 ,  G06F2212/152

Abstract: Implementations of the disclosure provide a processing device comprising an address translation circuit to intercept a work request from an I/O device. The work request comprises a first ASID to map to a work queue. A second ASID of a host is allocated for the first ASID based on the work queue. The second ASID is allocated to at least one of: an ASID register for a dedicated work queue (DWQ) or an ASID translation table for a shared work queue (SWQ). Responsive to receiving a work submission from the SVM client to the I/O device, the first ASID of the application container is translated to the second ASID of the host machine for submission to the I/O device using at least one of: the ASID register for the DWQ or the ASID translation table for the SWQ based on the work queue associated with the I/O device.

公开(公告)号：US20230100586A1

公开(公告)日：2023-03-30

申请号：US17484840

申请日：2021-09-24

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  Vinodh Gopal

IPC: G06F9/48 ,  G06F9/30

Abstract: Systems, methods, and apparatuses for accelerating streaming data-transformation operations are described. In one example, a system on a chip (SoC) includes a hardware processor core comprising a decoder circuit to decode an instruction comprising an opcode into a decoded instruction, the opcode to indicate an execution circuit is to generate a single descriptor and cause the single descriptor to be sent to an accelerator circuit coupled to the hardware processor core, and the execution circuit to execute the decoded instruction according to the opcode; and the accelerator circuit comprising a work dispatcher circuit and one or more work execution circuits to, in response to the single descriptor sent from the hardware processor core: when a field of the single descriptor is a first value, cause a single job to be sent by the work dispatcher circuit to a single work execution circuit of the one or more work execution circuits to perform an operation indicated in the single descriptor to generate an output, and when the field of the single descriptor is a second different value, cause a plurality of jobs to be sent by the work dispatcher circuit to the one or more work execution circuits to perform the operation indicated in the single descriptor to generate the output as a single stream.