公开(公告)号：US20190042329A1

公开(公告)日：2019-02-07

申请号：US16024563

申请日：2018-06-29

Applicant: Utkarsh Y. Kakaiya ,  Pratik Marolia ,  Joshua David Fender ,  Sundar Nadathur ,  Nagabhushan Chitlur ,  Yuling Yang ,  David Alexander Munday

Inventor： Utkarsh Y. Kakaiya ,  Pratik Marolia ,  Joshua David Fender ,  Sundar Nadathur ,  Nagabhushan Chitlur ,  Yuling Yang ,  David Alexander Munday

IPC: G06F9/50 ,  G06F13/42

Abstract: A system is provided that includes a host processor coupled to a programmable acceleration coprocessor. The coprocessor may include logic for implementing a physical function and multiple associated virtual functions. The coprocessor may include a static programmable resource interface circuit (PIC) configured to perform management functions and one or more partial reconfiguration regions, each of which can be loaded with an accelerator function unit (AFU). An AFU may further be partitioned into AFU contexts (AFCs), each of which can be mapped to one of the virtual functions. The PIC enables hardware discovery/enumeration and loading of device drivers such that security isolation and interface performance are maintained.

公开(公告)号：US20190042801A1

公开(公告)日：2019-02-07

申请号：US16024022

申请日：2018-06-29

Applicant: JOSHUA FENDER ,  UTKARSH Y. KAKAIYA ,  MOHAN NAIR ,  BRIAN MORRIS ,  PRATIK MAROLIA

Inventor： JOSHUA FENDER ,  UTKARSH Y. KAKAIYA ,  MOHAN NAIR ,  BRIAN MORRIS ,  PRATIK MAROLIA

IPC: G06F21/76 ,  H04L29/08 ,  G06F21/54 ,  G06F11/14 ,  G06F1/32

Abstract: Various embodiments are generally directed to securing systems that include hardware accelerators, such as FPGA-based accelerators, and privileged system components. Some embodiments may provide a security broker. In various embodiments, the security broker may provide interfaces between the hardware accelerator and the privileged component. Some embodiments may receive an instruction from the hardware accelerator targeting the privileged component, and validate the instruction based on a configuration. In some embodiments, upon determining the instruction is not validated, the instruction is restricted from further processing.

公开(公告)号：US20210004338A1

公开(公告)日：2021-01-07

申请号：US17026516

申请日：2020-09-21

Applicant: Pratik Marolia ,  Sanjay Kumar ,  Rajesh Sankaran ,  Utkarsh Y. Kakaiya

Inventor： Pratik Marolia ,  Sanjay Kumar ,  Rajesh Sankaran ,  Utkarsh Y. Kakaiya

IPC: G06F13/20 ,  G06F9/455 ,  G06F3/06

Abstract: Methods and apparatus for PASID-based routing extension for Scalable IOV systems. The system may include a Central Processing Unit (CPU) operatively coupled to a scalable Input/Output Virtualization (IOV) device via an in-line device such as a smart controller or accelerator. A Control Process Address Space Identifier (C-PASID) associated with a first memory space is implemented in an Assignable Device Interface (ADI) for the IOV device. The ADI also implements a Data PASID (D-PASID) associated with a second memory space in which data are stored. The C-PASID is used to fetch a descriptor in the first memory space and the D-PASID is employed to fetch data in the second memory space. A hub embedded on the in-line device or implemented as a discrete device is used to steer memory access requests and/or fetches to the CPU or to the in-line device using the C-PASID and D-PASID. IOV devices include multi-PASID helper devices and off-the-shelf devices such as NICs with modified ADIs to support C-PASID and D-PASID usage.

公开(公告)号：US20200159969A1

公开(公告)日：2020-05-21

申请号：US16687561

申请日：2019-11-18

Applicant: Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya ,  Ravi Sahita ,  Abhishek Basak ,  Pradeep Pappachan ,  Erdem Aktas

Inventor： Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya ,  Ravi Sahita ,  Abhishek Basak ,  Pradeep Pappachan ,  Erdem Aktas

IPC: G06F21/85 ,  G06F9/455 ,  G06F13/28 ,  G06F13/42 ,  G06F21/44

Abstract: Systems, apparatuses, methods, and computer-readable media are provided for device interface management. A device includes a device interface, a virtual machine (VM) includes a device driver, both to facilitate assignment of the device to the VM, access of the device by the VM, or removal of the device from being assigned to the VM. The VM is managed by a hypervisor of a computing platform coupled to the device by a computer bus. The device interface includes logic in support of a device management protocol to place the device interface in an unlocked state, a locked state to prevent changes to be made to the device interface, or an operational state to enable access to device registers of the device by the VM or direct memory access to memory address spaces of the VM, or an error state. Other embodiments may be described and/or claimed.