-
公开(公告)号:US20210203504A1
公开(公告)日:2021-07-01
申请号:US16729352
申请日:2019-12-28
Applicant: Intel Corporation
Inventor: Jason W. BRANDT
Abstract: Systems, methods, and apparatuses relating to circuitry to implement an instruction to create and/or use data that is restricted in how it can be used are described. In one embodiment, a hardware processor comprises a decoder of a core to decode a single instruction into a decoded single instruction, the single instruction comprising a first input operand of a handle including a ciphertext of an encryption key (e.g., cryptographic key), an authentication tag, and additional authentication data, and a second input operand of data encrypted with the encryption key, and an execution unit of the core to execute the decoded single instruction to: perform a first check of the authentication tag against the ciphertext and the additional authentication data for any modification to the ciphertext or the additional authentication data, perform a second check of a current request of the core against one or more restrictions specified by the additional authentication data of the handle, decrypt the ciphertext to generate the encryption key only when the first check indicates no modification to the ciphertext or the additional authentication data, and the second check indicates the one or more restrictions are not violated, decrypt the data encrypted with the encryption key to generate unencrypted data, and provide the unencrypted data as a resultant of the single instruction.
-
2.发明公开公开(公告)号:US20240248722A1
公开(公告)日:2024-07-25
申请号:US18626629
申请日:2024-04-04
Applicant: Intel Corporation
Inventor: Eliezer WEISSMANN , Mark CHARNEY , Michael MISHAELI , Robert VALENTINE , Itai RAVID , Jason W. BRANDT , Gilbert NEIGER , Baruch CHAIKIN , Efraim ROTEM
CPC classification number: G06F9/3851 , G06F9/30043 , G06F9/30076 , G06F9/30101 , G06F9/3836 , G06F9/3842
Abstract: Systems, methods, and apparatuses relating to instructions to reset software thread runtime property histories in a hardware processor are described. In one embodiment, a hardware processor includes a hardware guide scheduler comprising a plurality of software thread runtime property histories; a decoder to decode a single instruction into a decoded single instruction, the single instruction having a field that identifies a model-specific register; and an execution circuit to execute the decoded single instruction to check that an enable bit of the model-specific register is set, and when the enable bit is set, to reset the plurality of software thread runtime property histories of the hardware guide scheduler.
-
公开(公告)号:US20250004871A1
公开(公告)日:2025-01-02
申请号:US18217501
申请日:2023-06-30
Applicant: Intel Corporation
Inventor: Beeman STRONG , Stanislav BRATANOV , Markus METZGER , Jason W. BRANDT , Stalinselvaraj JEYASINGH
IPC: G06F11/07
Abstract: Apparatus and method for a processor trace trigger tracing. A processor, comprising: a plurality of processing cores configurable as a plurality of logical processors; processor trace circuitry to perform trace operations to capture and process information related to program code executed by one or more of the logical processors; a debug unit to perform debug operations and collect debug data related to execution of the program code; a performance monitoring unit (PMU) comprising a plurality of counter registers, the PMU to collect performance data related to execution of the program code; and a plurality of trigger units, each trigger unit associated with a logical processor of the plurality of logical processors and configured to communicate trigger event data to the processor trace circuitry in response to trigger events received from at least one of the debug unit and the PMU in accordance with values of configuration bits in a corresponding trigger unit configuration register.
-
公开(公告)号:US20210373934A1
公开(公告)日:2021-12-02
申请号:US17404897
申请日:2021-08-17
Applicant: Intel Corporation
Inventor: Sanjay KUMAR , Rajesh M. SANKARAN , Gilbert NEIGER , Philip R. LANTZ , Jason W. BRANDT , Vedvyas SHANBHOGUE , Utkarsh Y. KAKAIYA , Kun TIAN
IPC: G06F9/455 , G06F9/30 , G06F12/1045 , G06F12/109
Abstract: Implementations of the disclosure provide a processing device comprising an address translation circuit to intercept a work request from an I/O device. The work request comprises a first ASID to map to a work queue. A second ASID of a host is allocated for the first ASID based on the work queue. The second ASID is allocated to at least one of: an ASID register for a dedicated work queue (DWQ) or an ASID translation table for a shared work queue (SWQ). Responsive to receiving a work submission from the SVM client to the I/O device, the first ASID of the application container is translated to the second ASID of the host machine for submission to the I/O device using at least one of: the ASID register for the DWQ or the ASID translation table for the SWQ based on the work queue associated with the I/O device.
-
Patent Agency Ranking
公开(公告)号:US20210117535A1
公开(公告)日:2021-04-22
申请号:US17114246
申请日:2020-12-07
Applicant: INTEL CORPORATION
Inventor: Michael LEMAY , David M. DURHAM , Michael E. KOUNAVIS , Barry E. HUNTLEY , Vedvyas SHANBHOGUE , Jason W. BRANDT , Josh TRIPLETT , Gilbert NEIGER , Karanvir GREWAL , Baiju PATEL , Ye ZHUANG , Jr-Shian TSAI , Vadim SUKHOMLINOV , Ravi SAHITA , Mingwei ZHANG , James C. FARWELL , Amitabh DAS , Krishna BHUYAN
Abstract: Disclosed embodiments relate to encoded inline capabilities. In one example, a system includes a trusted execution environment (TEE) to partition an address space within a memory into a plurality of compartments each associated with code to execute a function, the TEE further to assign a message object in a heap to each compartment, receive a request from a first compartment to send a message block to a specified destination compartment, respond to the request by authenticating the request, generating a corresponding encoded capability, conveying the encoded capability to the destination compartment, and scheduling the destination compartment to respond to the request, and subsequently, respond to a check capability request from the destination compartment by checking the encoded capability and, when the check passes, providing a memory address to access the message block, and, otherwise, generating a fault, wherein each compartment is isolated from other compartments.
-
6.发明公开公开(公告)号:US20240250823A1
公开(公告)日:2024-07-25
申请号:US18589125
申请日:2024-02-27
Applicant: Intel Corporation
Inventor: Jason W. BRANDT
CPC classification number: H04L9/3226 , G06F9/30178 , H04L9/0861 , H04L2209/12
Abstract: Systems, methods, and apparatuses relating to circuitry to implement an instruction to create and/or use data that is restricted in how it can be used are described. In one embodiment, a hardware processor comprises a decoder of a core to decode a single instruction into a decoded single instruction, the single instruction comprising a first input operand of a handle including a ciphertext of an encryption key (e.g., cryptographic key), an authentication tag, and additional authentication data, and a second input operand of data encrypted with the encryption key, and an execution unit of the core to execute the decoded single instruction to: perform a first check of the authentication tag against the ciphertext and the additional authentication data for any modification to the ciphertext or the additional authentication data, perform a second check of a current request of the core against one or more restrictions specified by the additional authentication data of the handle, decrypt the ciphertext to generate the encryption key only when the first check indicates no modification to the ciphertext or the additional authentication data, and the second check indicates the one or more restrictions are not violated, decrypt the data encrypted with the encryption key to generate unencrypted data, and provide the unencrypted data as a resultant of the single instruction.
-
7.发明公开公开(公告)号:US20230273795A1
公开(公告)日:2023-08-31
申请号:US18311810
申请日:2023-05-03
Applicant: Intel Corporation
Inventor: Eliezer WEISSMANN , Mark CHARNEY , Michael MISHAELI , Robert VALENTINE , Itai RAVID , Jason W. BRANDT , Gilbert NEIGER , Baruch CHAIKIN , Efraim ROTEM
CPC classification number: G06F9/3851 , G06F9/30076 , G06F9/30101 , G06F9/3836
Abstract: Systems, methods, and apparatuses relating to instructions to reset software thread runtime property histories in a hardware processor are described. In one embodiment, a hardware processor includes a hardware guide scheduler comprising a plurality of software thread runtime property histories; a decoder to decode a single instruction into a decoded single instruction, the single instruction having a field that identifies a model-specific register; and an execution circuit to execute the decoded single instruction to check that an enable bit of the model-specific register is set, and when the enable bit is set, to reset the plurality of software thread runtime property histories of the hardware guide scheduler.
-
公开(公告)号:US20230269076A1
公开(公告)日:2023-08-24
申请号:US18040245
申请日:2021-08-27
Applicant: Intel Corporation
Inventor: Jason W. BRANDT , Steven L. GROBMAN , Vedvyas SHANBHOGUE
CPC classification number: H04L9/0822 , H04L9/32
Abstract: System, method, and apparatus embodiments for creating, using, and managing protected cryptography keys are described. In an embodiment, an apparatus includes a decoder, an execution unit, and a cache. The decoder is to decode a single instruction into a decoded single instruction, the single instruction having a first source operand to specify encrypted data and a second source operand to specify a handle including a first including ciphertext of an encryption key, an integrity tag, and additional authentication data. The execution unit is to execute the decoded single instruction to perform a first check of the integrity tag against the ciphertext and the additional authentication data for any modification to the ciphertext or the additional authentication data, perform a second check of a current request against one or more restrictions specified by the additional authentication data of the handle, decrypt the ciphertext to generate an encryption key only when the first check indicates no modification to the ciphertext or the additional authentication data and the second check indicates the one or more restrictions are not violated, decrypt the encrypted data with the encryption key to generate unencrypted data, and provide the unencrypted data as a result of the single instruction. The cache is to store the handle, wherein only a portion of the integrity tag is to be used in a lookup of the handle.
-
公开(公告)号:US20200004953A1
公开(公告)日:2020-01-02
申请号:US16024547
申请日:2018-06-29
Applicant: Intel Corporation
Inventor: Michael LEMAY , David M. DURHAM , Michael E. KOUNAVIS , Barry E. HUNTLEY , Vedvyas SHANBHOGUE , Jason W. BRANDT , Josh TRIPLETT , Gilbert NEIGER , Karanvir GREWAL , Baiju V. PATEL , Ye ZHUANG , Jr-Shian TSAI , Vadim SUKHOMLINOV , Ravi SAHITA , Mingwei ZHANG , James C. FARWELL , Amitabh DAS , Krishna BHUYAN
Abstract: Disclosed embodiments relate to encoded inline capabilities. In one example, a system includes a trusted execution environment (TEE) to partition an address space within a memory into a plurality of compartments each associated with code to execute a function, the TEE further to assign a message object in a heap to each compartment, receive a request from a first compartment to send a message block to a specified destination compartment, respond to the request by authenticating the request, generating a corresponding encoded capability, conveying the encoded capability to the destination compartment, and scheduling the destination compartment to respond to the request, and subsequently, respond to a check capability request from the destination compartment by checking the encoded capability and, when the check passes, providing a memory address to access the message block, and, otherwise, generating a fault, wherein each compartment is isolated from other compartments.
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.015 seconds)
