-
公开(公告)号:US20050283602A1
公开(公告)日:2005-12-22
申请号:US10873803
申请日:2004-06-21
申请人: Balaji Vembu , Clifford Hall , Aditya Sreenivas
发明人: Balaji Vembu , Clifford Hall , Aditya Sreenivas
CPC分类号: G06F21/53 , G06F12/1036 , G06F12/1081 , G06F12/109 , G06F12/145
摘要: A method and apparatus for protected execution of graphics are described. In one embodiment, the method includes the formation of a translation table for a trusted application. In one embodiment, the translation table is formed according to one or more protected pages assigned to the trusted application in response to a protected page request from the trusted application. During execution of the trusted application, a virtual address space of the trusted application is translated to the one or more protected pages assigned to the trusted application. In one embodiment, the translation is performed according to the translation table assigned to the trusted application. Accordingly, by assigning a unique translation table to each trusted application, the various trusted applications may execute within the platform without generating an access into another application's physical address space. Other embodiments are described and claimed.
摘要翻译: 描述用于保护执行图形的方法和装置。 在一个实施例中,该方法包括形成可信应用的转换表。 在一个实施例中,响应于受信任应用的受保护的页面请求,根据分配给受信任应用的一个或多个受保护页形成翻译表。 在可信应用的执行期间,可信应用的虚拟地址空间被转换为分配给可信应用的一个或多个受保护的页面。 在一个实施例中,根据分配给可信应用的转换表来执行翻译。 因此,通过为每个可信应用分配唯一的转换表,各种可信应用可以在平台内执行,而不产生对另一个应用的物理地址空间的访问。 描述和要求保护其他实施例。
-
公开(公告)号:US20090172331A1
公开(公告)日:2009-07-02
申请号:US12006282
申请日:2007-12-31
申请人: Balaji Vembu , Aditya Sreenivas , Wishwesh Gandhi , Sathyamurthi Sadhasivan , Gary Graunke , Scott Janus , Murali Ramadoss
发明人: Balaji Vembu , Aditya Sreenivas , Wishwesh Gandhi , Sathyamurthi Sadhasivan , Gary Graunke , Scott Janus , Murali Ramadoss
IPC分类号: G06F21/00
摘要: A graphics engine may include a decryption device, a renderer, and a sprite or overlay engine, all connected to a display. A memory may have a protected and non-protected portions in one embodiment. An application may store encrypted content on the non-protected portion of said memory. The decryption device may access the encrypted material, decrypt the material, and provide it to the renderer engine of a graphics engine. The graphics engine may then process the decrypted material using the protected portion of the memory. Only graphics devices can access the protected portion of the memory in at least one mode, preventing access by outside sources. In addition, the protected memory may be stolen memory that is not identified to the operating system, making that stolen memory inaccessible to applications running on the operating system.
摘要翻译: 图形引擎可以包括全部连接到显示器的解密设备,渲染器和子画面或覆盖引擎。 在一个实施例中,存储器可以具有受保护和非保护部分。 应用可以将加密的内容存储在所述存储器的非保护部分上。 解密设备可以访问加密的材料,解密材料,并将其提供给图形引擎的渲染器引擎。 然后,图形引擎可以使用存储器的受保护部分来处理解密的材料。 只有图形设备才能以至少一种模式访问存储器的受保护部分,从而防止外部源的访问。 此外,受保护的存储器可能是未被识别到操作系统的被盗存储器,使得被盗的存储器不能在操作系统上运行的应用程序访问。
-
3.发明申请METHODS FOR AUTHENTICATING A HARDWARE DEVICE AND PROVIDING A SECURE CHANNEL TO DELIVER DATA 审中-公开用于认证硬件设备并提供安全通道以提供数据的方法公开(公告)号:US20100027790A1
公开(公告)日:2010-02-04
申请号:US11961848
申请日:2007-12-20
CPC分类号: G06F21/606
摘要: A method for delivering audio/video data through a hardware device using a software application comprises, at the hardware end, receiving an encrypted application key, an encrypted random session key, and encrypted audio/video data from the software. The hardware then decrypts the encrypted application key using a secret encryption key, decrypts the encrypted random session key using the application key, and decrypts the encrypted audio/video data using the random session key. The hardware may then deliver the unencrypted audio/video data by way of a display and speakers. The secret encryption key is securely embedded within the hardware device at an earlier point in time.
摘要翻译: 通过使用软件应用的硬件设备来传送音频/视频数据的方法包括在硬件端从软件接收加密的应用密钥,加密的随机会话密钥和加密的音频/视频数据。 然后硬件使用秘密加密密钥解密加密的应用密钥,使用应用密钥对加密的随机会话密钥进行解密,并使用随机会话密钥解密加密的音频/视频数据。 然后硬件可以通过显示器和扬声器传递未加密的音频/视频数据。 秘密加密密钥在较早的时间点安全地嵌入硬件设备内。
-
公开(公告)号:US20180308206A1
公开(公告)日:2018-10-25
申请号:US15698217
申请日:2017-09-07
申请人: Prasoonkumar Surti , Narayan Srinivasa , Feng Chen , Joydeep Ray , Ben J. Ashbaugh , Nicolas C. Galoppo Von Borries , Eriko Nurvitadhi , Balaji Vembu , Tsung-Han Lin , Kamal Sinha , Rajkishore Barik , Sara S. Baghsorkhi , Justin E. Gottschlich , Altug Koker , Nadathur Rajagopalan Satish , Farshad Akhbari , Dukhwan Kim , Wenyin Fu , Travis T. Schluessler , Josh B. Mastronarde , Linda L. Hurd , John H. Feit , Jeffery S. Boles , Adam T. Lake , Karthik Vaidyanathan , Devan Burke , Subramaniam Maiyuran , Abhishek R. Appu
发明人: Prasoonkumar Surti , Narayan Srinivasa , Feng Chen , Joydeep Ray , Ben J. Ashbaugh , Nicolas C. Galoppo Von Borries , Eriko Nurvitadhi , Balaji Vembu , Tsung-Han Lin , Kamal Sinha , Rajkishore Barik , Sara S. Baghsorkhi , Justin E. Gottschlich , Altug Koker , Nadathur Rajagopalan Satish , Farshad Akhbari , Dukhwan Kim , Wenyin Fu , Travis T. Schluessler , Josh B. Mastronarde , Linda L. Hurd , John H. Feit , Jeffery S. Boles , Adam T. Lake , Karthik Vaidyanathan , Devan Burke , Subramaniam Maiyuran , Abhishek R. Appu
CPC分类号: G06T1/20 , G06F3/0613 , G06F3/0659 , G06F3/0679 , G06F3/1438 , G06N3/0445 , G06N3/0454 , G06N3/063 , G06N3/08 , G06N3/084 , G06T1/60 , G09G5/001 , G09G5/363 , G09G2352/00 , G09G2360/06 , G09G2360/08 , G09G2360/121 , G09G2360/123 , G09G2370/08
摘要: An apparatus to facilitate compute optimization is disclosed. The apparatus includes a memory device including a first integrated circuit (IC) including a plurality of memory channels and a second IC including a plurality of processing units, each coupled to a memory channel in the plurality of memory channels.
-
公开(公告)号:US20160189681A1
公开(公告)日:2016-06-30
申请号:US14582972
申请日:2014-12-24
申请人: Bryan R. White , Balaji Vembu , Murali Ramadoss , Altug Koker , Aditya Navale
发明人: Bryan R. White , Balaji Vembu , Murali Ramadoss , Altug Koker , Aditya Navale
CPC分类号: G09G5/18 , G06T1/20 , G09G5/026 , G09G5/14 , G09G5/363 , G09G2320/106 , G09G2340/02 , G09G2360/121 , G09G2360/18 , G09G2370/16
摘要: Described herein are technologies related to a ensuring that graphics commands and graphics context are offloading and scheduled for consumption as the commands and graphics context are sent from coherent to non-coherent memory/fabric in a “processor to processor” handoff or transaction.
摘要翻译: 这里描述的是与在“处理器到处理器”切换或事务中的命令和图形上下文从相干到非相干存储器/结构发送相关的确保图形命令和图形上下文被卸载并被调度用于消费的技术。
-
6.发明申请A METHOD AND DEVICE TO AUGMENT VOLATILE MEMORY IN A GRAPHICS SUBSYSTEM WITH NON-VOLATILE MEMORY 有权具有非易失性存储器的图形子系统中的波动记忆体的方法和装置公开(公告)号:US20140198116A1
公开(公告)日:2014-07-17
申请号:US13977261
申请日:2011-12-28
IPC分类号: G06T1/60
CPC分类号: G06T1/60 , G11C16/349
摘要: Methods and devices to augment volatile memory in a graphics subsystem with certain types of non-volatile memory are described. In one embodiment, includes storing one or more static or near-static graphics resources in a non-volatile random access memory (NVRAM). The NVRAM is directly accessible by a graphics processor using at least memory store and load commands. The method also includes a graphics processor executing a graphics application. The graphics processor sends a request using a memory load command for an address corresponding to at least one static or near-static graphics resources stored in the NVRAM. The method also includes directly loading the requested graphics resource from the NVRAM into a cache for the graphics processor in response to the memory load command.
摘要翻译: 描述了在具有某些类型的非易失性存储器的图形子系统中增加易失性存储器的方法和装置。 在一个实施例中,包括将一个或多个静态或近静态图形资源存储在非易失性随机存取存储器(NVRAM)中。 NVRAM可直接由图形处理器使用,至少使用内存存储和加载命令。 该方法还包括执行图形应用的图形处理器。 图形处理器使用存储器加载命令来发送对应于存储在NVRAM中的至少一个静态或近静态图形资源的地址的请求。 该方法还包括响应于存储器加载命令将所请求的图形资源从NVRAM直接加载到图形处理器的高速缓存中。
-
7.发明授权Method and apparatus for providing a secure display window inside the primary display 有权用于在主显示器内提供安全显示窗口的方法和装置公开(公告)号:US08646052B2
公开(公告)日:2014-02-04
申请号:US12059972
申请日:2008-03-31
IPC分类号: H04L29/06
CPC分类号: G06F21/606 , G06F21/10 , G06F21/84 , G06F2221/0735
摘要: In some embodiments, the invention involves securing sensitive data from mal-ware on a computing platform and, more specifically, to utilizing virtualization technology and protected audio video path technologies to prohibit a user environment from directly accessing unencrypted sensitive data. In an embodiment a service operating system (SOS) accesses sensitive data requested by an application running in a user environment virtual machine, or a capability operating system (COS). The SOS application encrypts the sensitive data before passing the data to the COS. The COS makes requests directly to a graphics engine which decrypts the data before displaying the sensitive data on a display monitor. Other embodiments are described and claimed.
摘要翻译: 在一些实施例中,本发明涉及在计算平台上确保来自恶意软件的敏感数据,更具体地说,涉及利用虚拟化技术和受保护的音频视频路径技术来禁止用户环境直接访问未加密的敏感数据。 在一个实施例中,服务操作系统(SOS)访问在用户环境虚拟机或能力操作系统(COS)中运行的应用所请求的敏感数据。 SOS应用程序在将数据传送到COS之前对敏感数据进行加密,COS会直接向图形引擎发出解密数据,然后在显示器上显示敏感数据。 描述和要求保护其他实施例。
-
8.发明申请DIRECT MEMORY ACCESS ENGINE PHYSICAL MEMORY DESCRIPTORS FOR MULTI-MEDIA DEMULTIPLEXING OPERATIONS 有权直接存储器访问引擎用于多媒体解复用操作的物理存储器描述符公开(公告)号:US20110320777A1
公开(公告)日:2011-12-29
申请号:US12824300
申请日:2010-06-28
IPC分类号: G06F9/38
CPC分类号: G06F9/5027
摘要: The architecture and techniques described herein can improve system performance with respect to the following. Communication between two interdependent hardware engines, that are part of pipeline, such that the engines are synchronized to consume resources when the engines are done with the work. Reduction of the role of software/firmware from feeding each stage of the hardware pipeline when the previous stage of the pipeline has completed. Reduction in the memory allocation for software-initialized hardware descriptors to improve performance by reducing pipeline stalls due to software interaction.
摘要翻译: 本文描述的架构和技术可以改善系统性能。 两个相互依赖的硬件引擎之间的通信是管道的一部分,使得引擎在引擎完成工作时同步以消耗资源。 当管道的上一个阶段完成时,减少软件/固件从硬件管道的每个阶段的角色。 减少用于软件初始化的硬件描述符的内存分配,以通过减少由于软件交互而导致的流水线停顿来提高性能。
-
9.发明申请PROVIDING UNIVERSAL SERIAL BUS DEVICE VIRTUALIZATION WITH A SCHEDULE MERGE FROM MULTIPLE VIRTUAL MACHINES 审中-公开提供通用的串行总线设备虚拟化与多个虚拟机的时间表合并公开(公告)号:US20090006690A1
公开(公告)日:2009-01-01
申请号:US11769576
申请日:2007-06-27
申请人: Balaji Vembu , Nitin Sarangdhar , Rajeev Nalawadi
发明人: Balaji Vembu , Nitin Sarangdhar , Rajeev Nalawadi
IPC分类号: G06F13/362
CPC分类号: G06F13/10
摘要: An apparatus, system, and method are disclosed. In one embodiment, the apparatus includes a virtualization engine on a computer platform. The virtualization engine can intercept multiple data transfer schedules from multiple virtual machines fetched from a memory by a physical Universal Serial Bus (USB) host controller on the computer platform. The virtualization engine also can merge the multiple fetched data transfer schedules into a merged data transfer schedule. The virtualization engine also can send the merged data transfer schedule to the physical USB host controller.
摘要翻译: 公开了一种装置,系统和方法。 在一个实施例中,该设备包括在计算机平台上的虚拟化引擎。 虚拟化引擎可以通过计算机平台上的物理通用串行总线(USB)主机控制器从多个虚拟机中捕获多个数据传输计划。 虚拟化引擎还可以将多个获取的数据传输计划合并到合并的数据传输计划中。 虚拟化引擎还可以将合并的数据传输计划发送到物理USB主机控制器。
-
公开(公告)号:US07340582B2
公开(公告)日:2008-03-04
申请号:US10956630
申请日:2004-09-30
申请人: Rajesh Madukkarumukumana , Ioannis Schoinas , Ku-jei King , Balaji Vembu , Gilbert Neiger , Richard Uhlig
发明人: Rajesh Madukkarumukumana , Ioannis Schoinas , Ku-jei King , Balaji Vembu , Gilbert Neiger , Richard Uhlig
CPC分类号: G06F11/0712 , G06F11/073 , G06F11/0745 , G06F11/0793 , G06F12/1081
摘要: An embodiment of the present invention is a technique to process faults in a direct memory access address translation. A register set stores global control or status information for fault processing of a fault generated by an input/output (I/O) transaction requested by an I/O device. An address translation structure translates a guest physical address to a host physical address. The guest physical address corresponds to the I/O transaction and is mapped to a domain. The address translation structure has at least an entry associated with the domain and domain-specific control information for the fault processing.
摘要翻译: 本发明的一个实施例是一种在直接存储器访问地址转换中处理故障的技术。 寄存器组存储由I / O设备请求的输入/输出(I / O)事务产生的故障的故障处理的全局控制或状态信息。 地址转换结构将访客物理地址转换为主机物理地址。 访客物理地址对应于I / O事务,并映射到域。 地址转换结构至少具有与域相关联的条目和用于故障处理的特定于域的控制信息。
-
-
-
-
-
-
-
-
-
搜索结果
62 条记录 (耗时 0.028 秒)
