中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

11 records (took 0.021 seconds)

    Limiting the effects of source code patches on corresponding native-code patches
    1.
    发明授权
    Limiting the effects of source code patches on corresponding native-code patches 有权

    公开(公告)号:US10248409B1

    公开(公告)日:2019-04-02

    申请号:US14559869

    申请日:2014-12-03

    Applicant: Amazon Technologies, Inc.

    Inventor: Martin Thomas Pohlack Uwe Dannowski Geoffrey Plouviez

    IPC: G06F8/656 G06F8/65 G06F8/71 G06F8/658

    Abstract: A code patching component may insert a binary patch into a native-code representation of a program during execution. Prior to inserting the binary patch, a patch code analysis tool may receive a source code patch for the program, and determine that applying the source code patch would change the binary for the program outside of the patched area (e.g., due to changes in the number of lines, changes in the file names or path information for source code files from which the program is built, or line directives that embed line numbers or file names in the binary for the patched program). The tool may modify the source code patch to limit its effects to the patch area by adding empty lines, merging of lines of code, or forcing a line number change. The tool may filter line directives to match previously embedded file name information.

    Peer-to-peer PCI topology
    3.
    发明授权
    Peer-to-peer PCI topology 有权

    公开(公告)号:US11042496B1

    公开(公告)日:2021-06-22

    申请号:US15282487

    申请日:2016-09-30

    Applicant: Amazon Technologies, Inc.

    Inventor: Christopher James BeSerra Kypros Constantinides Uwe Dannowski Nafea Bshara Matthew Shawn Wilson

    IPC: G06F13/40 G06F13/42

    Abstract: Provided are systems and methods for enabling peer-to-peer communications between peripheral devices. In various implementations, a computing system can include a PCI switch device. The first PCI switch device can include a first port and be communicatively coupled to a first root complex port. The first PCI switch device can have access to a first PCI endpoint address range. The computing system can further include a second PCI switch device. The second PCI switch device can include a second port, connected to the first port. The second PCI switch device can be communicatively coupled to a second root complex port that is different from the first root complex port. The second PCI switch device can receive a transaction addressed to the first PCI endpoint address range, and identify the transaction as associated with the second port. The second PCI switch device can subsequently transmit the transaction using the second port.

    Mitigating side-channel attacks via shared cache
    4.
    发明授权
    Mitigating side-channel attacks via shared cache 有权

    公开(公告)号:US10706147B1

    公开(公告)日:2020-07-07

    申请号:US15600460

    申请日:2017-05-19

    Applicant: Amazon Technologies, Inc.

    Inventor: Martin Thomas Pohlack Uwe Dannowski

    IPC: G06F21/55 H04L29/06 G06F21/72 G06F21/60

    Abstract: A computer system and associated methods are disclosed for mitigating side-channel attacks using a shared cache. The computer system includes a host having a main memory and a shared cache. The host executes a virtual machine manager (VMM) that supports a plurality of co-located virtual machines (VMs), which can initiate side-channel attacks using the shared cache. The VMM is configured to maintain respective memory maps for the VMs. The VMM is further configured to determine a subset of current host memory pages for a selected VM that can be used in a side-channel attack, relocate the contents of the current host memory pages to replacement host memory pages in the main memory, and modify the subset of entries to change current host memory pages to the respective replacement host memory pages.

    Obscuring memory access patterns through page remapping
    5.
    发明授权
    Obscuring memory access patterns through page remapping 有权

    公开(公告)号:US12229248B1

    公开(公告)日:2025-02-18

    申请号:US17203600

    申请日:2021-03-16

    Applicant: Amazon Technologies, Inc.

    Inventor: Pawel Wieczorkiewicz Martin Pohlack Uwe Dannowski Bjoern Doebel

    IPC: G06F21/54 G06F9/455 G06F12/0864 G06F12/0882 G06F21/55 G06F21/56 G06F21/79

    Abstract: A computer system and associated methods are disclosed for mitigating side-channel attacks using memory page remapping. The computer system includes a main memory and a shared cache, the shared cache implementing cache set associativity determined by a portion of memory addresses of the main memory. Multiple physical memory pages are reserved for mapping to a virtual memory page, the physical memory pages differing in the respective portions of their memory addresses determining cache set associativity. Accesses to the virtual memory page result in a mapping of one of the reserved physical memory pages to the virtual memory page, with remapping events causing different ones of the physical memory pages to become mapped. This remapping results in varying cache set associativity of elements stored in the virtual memory page over time.

    Hardware blinding of memory access with epoch transitions
    8.
    发明授权
    Hardware blinding of memory access with epoch transitions 有权

    公开(公告)号:US11620238B1

    公开(公告)日:2023-04-04

    申请号:US17185752

    申请日:2021-02-25

    Applicant: Amazon Technologies, Inc.

    Inventor: Martin Pohlack Uwe Dannowski Pawel Wieczorkiewicz

    IPC: G06F12/14 G06F12/084 G06F12/1045 G06F12/0891 G06F12/0873

    Abstract: A computer system and associated methods are disclosed for mitigating side-channel attacks using a shared cache. The computer system includes a main memory, a shared cache and a cache controller for the shared cache including a scrambling function that scrambles addresses of memory accesses according to the respective scrambling keys selected for a sequence of time periods. Different cache tiers may implement different scrambling functions optimized to the architecture of each cache tier. Scrambling keys may be updated to reduce predictability of shared cache to memory address mappings. These updates may occur opportunistically, on demand or on specified schedule. Multiple scrambling keys may be simultaneously active during transitions between active time periods.

    Multi-tenant trusted platform modules
    10.
    发明授权
    Multi-tenant trusted platform modules 有权

    公开(公告)号:US10303879B1

    公开(公告)日:2019-05-28

    申请号:US14535056

    申请日:2014-11-06

    Applicant: Amazon Technologies, Inc.

    Inventor: Nachiketh Rao Potlapally Uwe Dannowski Derek Del Miller David James Borland Rahul Gautam Patel William John Earl

    IPC: G06F9/44 G06F9/445 G06F21/57 G06F9/455 G06F8/65

    Abstract: A multi-tenant trusted platform module (MTTPM) is attached to a communication bus of a virtualization host. The MTTPM includes a plurality of per-guest-virtual-machine (per-GVM) memory location sets. In response to an indication of a first trusted computing request (TCR) associated with a first GVM of a plurality of GVMs instantiated at the virtualization host, a first memory location of a first per-GVM memory location set is accessed to generate a first response indicative of a configuration of the first GVM. In response to an indication of a second TCR associated with a second GVM, a second memory location of a second-per-GVM memory location set is accessed to generate a second response, wherein the second response is indicative of a different configuration of the second GVM.

Patent Agency Ranking