公开(公告)号：US10592670B2

公开(公告)日：2020-03-17

申请号：US15195320

申请日：2016-06-28

Applicant: Intel Corporation

Inventor： Rajesh Poornachandran ,  Vincent J. Zimmer ,  Mingqiu Sun ,  Gopinatth Selvaraje

IPC: G06F21/57 ,  H04L9/32 ,  G06F21/74 ,  G06F21/53 ,  H04L9/08 ,  G06F9/44 ,  G06F9/4401

Abstract: Technologies for configuring a launch enclave include a computing device having a processor with secure enclave support. A trusted execution environment (TEE) of the computing device stores a launch enclave hash in a launch enclave hash table in secure storage and provisions the launch enclave hash to platform firmware at runtime. The TEE may receive the launch enclave hash via trusted I/O. The platform firmware sets a configure enclave launch bit and resets the computing device. On reset, the TEE determines whether the launch enclave hash is allowed for launch. The TEE may evaluate one or more launch configuration policies and may select a launch enclave hash based on the launch configuration policies. If allowed, the platform firmware writes the launch enclave hash to a model-specific register of the processor, and the launch enclave may be loaded and verified with the launch enclave hash. Other embodiments are described and claimed.

公开(公告)号：US10372491B2

公开(公告)日：2019-08-06

申请号：US15553481

申请日：2015-03-23

Applicant: Intel Corporation

Inventor： Vincent J. Zimmer ,  Jiewen Yao ,  Sarathy Jayakumar ,  Robert C. Swanson ,  Rajesh Poornachandran ,  Gopinatth Selvaraje ,  Mingqiu Sun ,  John S. Howard ,  Eugene Gorbatov

IPC: G06F9/48 ,  G06F9/46 ,  G06F1/3287 ,  G06F9/50 ,  G06F1/16 ,  G06F1/3215 ,  G06F1/3293

Abstract: Methods, apparatuses and storage medium associated with migration between processors by a computing device are disclosed. In various embodiments, a portable electronic device having an internal processor and internal memory may be attached to a dock. The dock may include another processor as well other memory. The attachment of the dock to the portable electronic device may cause an interrupt. In response to this interrupt, a state associated with the internal processor may be copied to the other memory of the dock. Instructions for the computing device may then be executed using the other processor of the dock. Other embodiments may be disclosed or claimed.

公开(公告)号：US10311252B2

公开(公告)日：2019-06-04

申请号：US15459640

申请日：2017-03-15

Applicant: Intel Corporation

Inventor： Xiaoning Li ,  Mingqiu Sun ,  David A. Koufaty ,  Ravi L. Sahita

IPC: G06F21/00 ,  G06F21/62

Abstract: Technologies for managed code execution include a computing device having a processor with protection key support. The computing device sets a protection key register of the processor with permissions to disallow data access to any protection domain of the computing device and then executes a domain switch routine to switch to a managed applet. The managed applet is included in an applet protection domain, the domain switch routine is included in a switch protection domain, and a managed runtime environment is included in a normal protection domain. The domain switch routine sets the protection key register with permissions to disallow access to any protection domain other than the applet protection domain and then executes the managed applet. Other managed applets may be each be included in separate applet domains. Each managed applet may be a thread executed within a common process address space. Other embodiments are described and claimed.

公开(公告)号：US10218508B2

公开(公告)日：2019-02-26

申请号：US15917360

申请日：2018-03-09

Applicant: Intel Corporation

Inventor： Vincent J. Zimmer ,  Rajesh Poornachandran ,  Mingqiu Sun ,  Gopinatth Selvaraje

IPC: G06F21/53 ,  G06F9/22 ,  G06F21/57 ,  H04L9/32 ,  G06F9/30 ,  G06F9/38 ,  G06F21/60 ,  G06F9/455

Abstract: Methods and apparatus to provide isolated execution environments are disclosed. An example apparatus includes a machine status register to determine whether excess micro operations are available during an instruction cycle to execute a pico-application in response to a request for computing provided by a host application. The pico-application is a fragment of microcode. The microcode comprises a plurality of micro operations. The machine status register is also to determine whether space is available in a memory to load the pico-application. The example apparatus also includes a loader to load a virtual machine and the pico-application into the memory in response to the excess micro operations and the space in the memory being available. The virtual machine validates the pico-application and loads the pico-application into the memory. The example apparatus also includes a processor to execute the pico-application via the excess micro operations.

公开(公告)号：US20180268170A1

公开(公告)日：2018-09-20

申请号：US15459640

申请日：2017-03-15

Applicant: Intel Corporation

Inventor： Xiaoning Li ,  Mingqiu Sun ,  David A. Koufaty ,  Ravi L. Sahita

IPC: G06F21/62

CPC classification number: G06F21/6281

Abstract: Technologies for managed code execution include a computing device having a processor with protection key support. The computing device sets a protection key register of the processor with permissions to disallow data access to any protection domain of the computing device and then executes a domain switch routine to switch to a managed applet. The managed applet is included in an applet protection domain, the domain switch routine is included in a switch protection domain, and a managed runtime environment is included in a normal protection domain. The domain switch routine sets the protection key register with permissions to disallow access to any protection domain other than the applet protection domain and then executes the managed applet. Other managed applets may be each be included in separate applet domains. Each managed applet may be a thread executed within a common process address space. Other embodiments are described and claimed.

公开(公告)号：US09998284B2

公开(公告)日：2018-06-12

申请号：US14864085

申请日：2015-09-24

Applicant: Intel Corporation

Inventor： Vincent J. Zimmer ,  Rajesh Poornachandran ,  Mingqiu Sun ,  Gopinatth Selvaraje

IPC: G06F21/53 ,  G06F9/22 ,  H04L9/32 ,  G06F9/30 ,  G06F9/38 ,  G06F21/57 ,  G06F21/60 ,  G06F9/455

CPC classification number: H04L9/3234 ,  G06F9/226 ,  G06F9/30043 ,  G06F9/3877 ,  G06F9/45558 ,  G06F21/53 ,  G06F21/577 ,  G06F21/602 ,  G06F2009/45587 ,  G06F2221/034 ,  G06F2221/2149

Abstract: Methods and apparatus to provide isolated execution environments are disclosed. In some examples, the methods and apparatus identify a request from a host application. In some examples, the methods and apparatus, in response to identifying the request from the host application, load a microcode application into memory when excess micro operations exist in a host instruction set architecture, the microcode application being a fragment of code. In some examples, the methods and apparatus execute the microcode application. In some examples, the methods and apparatus, in response to completed execution of the microcode application, unload the microcode application from memory.

公开(公告)号：US20170185292A1

公开(公告)日：2017-06-29

申请号：US14757418

申请日：2015-12-23

Applicant: Intel Corporation

Inventor： Ashish Jha ,  Tulika Jha ,  Mingqiu Sun

IPC: G06F3/06 ,  G11C7/10 ,  G06F12/02

CPC classification number: G06F3/061 ,  G06F3/0655 ,  G06F3/0685 ,  G06F12/0253 ,  G06F12/0804 ,  G06F12/0871 ,  G06F2212/205 ,  G06F2212/217 ,  G06F2212/702 ,  G11C7/1072

Abstract: Various systems and methods for memory management of high-performance memory are described herein. A system for managing high-performance memory, the system comprising a random access memory; a high-performance memory, the high-performance memory of higher performance than the random access memory; and a memory management unit to: obtain execution metrics for a plurality of blocks resident in a random access memory; select a block from the plurality of blocks based on activity of the block; move the block to high-performance memory; and update a virtual memory mapping for the block from the random access memory to the high-performance memory.

公开(公告)号：US20150113249A1

公开(公告)日：2015-04-23

申请号：US14586369

申请日：2014-12-30

Applicant: Intel Corporation

Inventor： Mingqiu Sun

IPC: G06F9/38

CPC classification number: G06F9/3802 ,  G06F12/0862 ,  G06F2212/502

Abstract: Methods and apparatus to perform adaptive pre-fetch operations in managed runtime environments are disclosed herein. An example disclosed method includes determining an object size associated with a pre-fetch operation; comparing the object size to a first one of a series of thresholds having increasing respective values; when the object size is less than the first one of the series of thresholds, pre-fetching a first amount of stored data assigned to the first one of the series of thresholds; and when the object size is greater than the first one of the plurality of thresholds, comparing the object size to a next one of the series of thresholds.

Abstract translation: 本文公开了在被管理的运行时环境中执行自适应预取操作的方法和装置。 示例性公开的方法包括：确定与预取操作相关联的对象大小; 将对象大小与具有递增的相应值的一系列阈值中的第一个进行比较; 当所述对象大小小于所述一系列阈值中的第一个阈值时，预取分配给所述一系列阈值中的第一个阈值的第一数量的存储数据; 并且当所述对象大小大于所述多个阈值中的第一阈值时，将所述对象大小与所述一系列阈值中的下一个进行比较。