公开(公告)号：US20240134811A1

公开(公告)日：2024-04-25

申请号：US18383833

申请日：2023-10-24

Applicant: Amazon Technologies, Inc.

Inventor： Islam Atta ,  Christopher Joseph Pettey ,  Asif Khan ,  Robert Michael Johnson ,  Mark Bradley Davis ,  Erez Izenberg ,  Nafea Bshara ,  Kypros Constantinides

IPC: G06F13/40 ,  G06F9/445 ,  G06F13/42 ,  G06F15/78

CPC classification number: G06F13/4068 ,  G06F9/44505 ,  G06F13/4282 ,  G06F15/7867 ,  G06F15/7871

Abstract: The following description is directed to a configurable logic platform. In one example, a configurable logic platform includes host logic and a reconfigurable logic region. The reconfigurable logic region can include logic blocks that are configurable to implement application logic. The host logic can be used for encapsulating the reconfigurable logic region. The host logic can include a host interface for communicating with a processor. The host logic can include a management function accessible via the host interface. The management function can be adapted to cause the reconfigurable logic region to be configured with the application logic in response to an authorized request from the host interface. The host logic can include a data path function accessible via the host interface. The data path function can include a layer for formatting data transfers between the host interface and the application logic.

公开(公告)号：US11119150B2

公开(公告)日：2021-09-14

申请号：US16422725

申请日：2019-05-24

Applicant: Amazon Technologies, Inc.

Inventor： Mark Bradley Davis ,  Christopher Joseph Pettey ,  Asif Khan ,  Islam Mohamed Hatem Abdulfattah Mohamed Atta

IPC: G01R31/28 ,  G01R31/317 ,  G01R31/3177 ,  G06F11/36 ,  G06F9/50

Abstract: Methods and apparatus are disclosed for programming reconfigurable logic devices such as FPGAs in a multi-tenant server environment. In one example, a computing host includes one or more processors configured to execute a supervisor process and two or more user processes and a single FPGA integrated circuit configured into a plurality of partitions. The partitions include a host logic partition that is accessible only to the supervisor process executing on the computing host, and two or more accelerator partitions. Each of the accelerator partitions is configured to include a virtual debug unit with a logic analyzer that collects logic signals generated by logic within the respective accelerator partition and sends debug data indicating values of the logic signals to one of the user processes. In some examples, the host logic partitions and/or the accelerator partitions can be independently reprogrammed of each other within their respective portions of the single FPGA.

公开(公告)号：US20210160350A1

公开(公告)日：2021-05-27

申请号：US17163211

申请日：2021-01-29

Applicant: Amazon Technologies, Inc.

Inventor： Thomas A. Volpe ,  Timothy David Gasser ,  Robert Michael Johnson ,  Mark Bradley Davis ,  Vithal Dattatraya Shirodkar

IPC: H04L29/06 ,  H04L12/743

Abstract: Programmatically defined fields of metadata for a network packet may be generated. Instructions indicating different portions of data from different headers of a network packet may be stored at a packet processor. When a network packet is received, the different portions of the data may be extracted from the different headers of the packet according to the instructions and provided to other stages of the packet processor for processing. Different portions of the same programmatically defined field may be utilized at different stages in the packet processor. The programmatically defined field may be used to generate a hash value that selects an entry in a lookup table describing a forwarding decision for a network packet.

公开(公告)号：US10911579B1

公开(公告)日：2021-02-02

申请号：US15058074

申请日：2016-03-01

Applicant: Amazon Technologies, Inc.

Inventor： Thomas A. Volpe ,  Timothy David Gasser ,  Robert Michael Johnson ,  Mark Bradley Davis ,  Vithal Dattatraya Shirodkar

IPC: H04L29/06 ,  H04L12/743

Abstract: Programmatically defined fields of metadata for a network packet may be generated. Instructions indicating different portions of data from different headers of a network packet may be stored at a packet processor. When a network packet is received, the different portions of the data may be extracted from the different headers of the packet according to the instructions and provided to other stages of the packet processor for processing. Different portions of the same programmatically defined field may be utilized at different stages in the packet processor. The programmatically defined field may be used to generate a hash value that selects an entry in a lookup table describing a forwarding decision for a network packet.

公开(公告)号：US10469403B2

公开(公告)日：2019-11-05

申请号：US14578004

申请日：2014-12-19

Applicant: Amazon Technologies, Inc.

Inventor： Mark Bradley Davis ,  David James Borland

IPC: H04L12/911 ,  G06F12/0811 ,  G06F13/40 ,  H04L29/08 ,  G06F15/78 ,  H04L12/933

Abstract: Embodiments can provide additional computing resources at minimal and incremental cost by providing instances of one or more server compute subsystems on a system-on-chip. The system-on-chip can include multiple compute subsystems where each compute subsystem can include dedicated processing and memory resources. The system-on-chip can also include a management compute subsystem that can manage the processing and memory resources for each subsystem.

公开(公告)号：US10248607B1

公开(公告)日：2019-04-02

申请号：US15887613

申请日：2018-02-02

Applicant: Amazon Technologies, Inc.

Inventor： Mark Bradley Davis ,  Asif Khan

IPC: G06F13/38 ,  G06F13/42 ,  G06F13/16

Abstract: An electronics adapter and method are disclosed herein. The electronics adapter can include a plurality of interface ports, with each interface port from the device coupled to a processor from a plurality of processors, and a controller communicatively coupled to the interface ports. The controller may be configured to determine a function or transaction attributes, which are serviced by instructions executed by one of the processors. The controller may be further configured to determine at least one interface port on the adapter to transmit the transaction based on the function or the attributes using an updatable mapping between the function or the attributes and the interface port, and transmit a request for the transaction using the interface port for processing of the transaction by the processor coupled to the interface port.

公开(公告)号：US20180095774A1

公开(公告)日：2018-04-05

申请号：US15282282

申请日：2016-09-30

Applicant: Amazon Technologies, Inc.

Inventor： Islam Mohamed Hatem Abdulfattah Mohamed Atta ,  Mark Bradley Davis ,  Robert Michael Johnson ,  Christopher Joseph Pettey ,  Asif Khan ,  Nafea Bshara

IPC: G06F9/455

Abstract: In a multi-tenant environment, separate virtual machines can be used for configuring and operating different subsets of programmable integrated circuits, such as a Field Programmable Gate Array (FPGA). The programmable integrated circuits can communicate directly with each other within a subset, but cannot communicate between subsets. Generally, all of the subsets of programmable ICs are within a same host server computer within the multi-tenant environment, and are sandboxed or otherwise isolated from each other so that multiple customers can share the resources of the host server computer without knowledge or interference with other customers.

公开(公告)号：US20180095670A1

公开(公告)日：2018-04-05

申请号：US15282148

申请日：2016-09-30

Applicant: Amazon Technologies, Inc.

Inventor： Mark Bradley Davis ,  Erez Izenberg ,  Robert Michael Johnson ,  Asif Khan ,  Islam Mohamed Hatem Abdulfattah Mohamed Atta ,  Nafea Bshara ,  Christopher Joseph Pettey

IPC: G06F3/06 ,  G06F13/28 ,  G11C7/10

CPC classification number: G06F3/0607 ,  G06F3/0635 ,  G06F3/0644 ,  G06F3/0685 ,  G06F13/28 ,  G06F15/7871 ,  G06F21/51 ,  G06F2221/2143 ,  G11C7/1072

Abstract: Methods and apparatus are disclosed for securely erasing partitions of reconfigurable logic devices such as FPGAs in a multi-tenant server environment. In one example, a method of securely erasing an FPGA includes identifying one partition of previously-programmed resources in the FPGA, erasing the identified partition by storing new values in memory or storage elements of the identified partition, and storing new values in memory or storage elements of additional external resources electrically connected to the integrated circuit and associated with the identified partition. Thus, other partitions and subsequent users of the identified partition are prevented from accessing the securely erased data. A configuration circuit, accessible by a host computer via DMA, can be programmed into the FPGA reconfigurable logic for performing the disclosed erasing operations.

公开(公告)号：US09842075B1

公开(公告)日：2017-12-12

申请号：US14485473

申请日：2014-09-12

Applicant: Amazon Technologies, Inc.

Inventor： Mark Bradley Davis ,  Anthony Nicholas Liguori

IPC: G06F9/455 ,  G06F13/38 ,  G06F13/10

CPC classification number: G06F13/385 ,  G06F13/105

Abstract: A system that provides virtualized computing resources to clients or subscribers may include an enhanced PCIe endpoint device on which an emulation processor emulates PCIe compliant hardware devices in software. In response to receiving a transaction layer packet that includes a transaction directed to an emulated device, the endpoint device may process the transaction, which may include emulating the target emulated device. The endpoint device may include multiple PCIe controllers and may expose multiple PCIe endpoints to a host computing system. For example, each PCIe controller may be physically coupled to one of multiple host processor sockets or host server SOCs on the host computing system, each of which exposes its own root complex. Traffic received by the PCIe controllers may be merged on the endpoint device for subsequent processing. Traffic originating at one host processor socket may be steered to the PCIe controller to which it is directly attached.

公开(公告)号：US09792143B1

公开(公告)日：2017-10-17

申请号：US14921555

申请日：2015-10-23

Applicant: Amazon Technologies, Inc.

Inventor： Nachiketh Rao Potlapally ,  Derek Del Miller ,  Mark Bradley Davis ,  Matthew Shawn Wilson ,  Eric Jason Brandwine ,  Anthony Nicholas Liguori ,  Rahul Gautam Patel

IPC: G06F9/455 ,  G06F21/74 ,  G06F21/62 ,  G06F21/72

CPC classification number: G06F9/45558 ,  G06F21/53 ,  G06F21/6218 ,  G06F21/72 ,  G06F21/74 ,  G06F2009/45587

Abstract: The performing of virtual machine (VM)-based secure operations is enabled using a trusted co-processor that is able to operate in a secure mode to perform operations in a multi-tenant environment that are protected from other VMs and DOM-0, among other domains and components. A customer VM can contact a VM manager (VMM) to perform an operation with respect to sensitive data. The VMM can trigger secure mode operation, whereby memory pages are marked and access blocked to entities outside a trusted enclave. The trusted co-processer can measure the VMM and compare the result against an earlier result to ensure that the VMM has not been compromised. Once the operations are performed, the trusted co-processor can return the results, and the VMM can exit the secure mode such that access to the marked pages and customer data is restored.