公开(公告)号：US20240289160A1

公开(公告)日：2024-08-29

申请号：US18658822

申请日：2024-05-08

Applicant: Intel Corporation

Inventor： Barry E. Huntley ,  Jr-Shian Tsai ,  Gilbert Neiger ,  Rajesh M. Sankaran ,  Mesut A. Ergin ,  Ravi L. Sahita ,  Andrew J. Herdrich ,  Wei Wang

IPC: G06F9/455 ,  G06F9/30 ,  G06F12/02 ,  G06F12/10 ,  G06F12/109 ,  G11C7/10

CPC classification number: G06F9/45558 ,  G06F9/3004 ,  G06F9/45533 ,  G06F12/0292 ,  G06F12/10 ,  G06F12/109 ,  G11C7/1072 ,  G06F2009/45583 ,  G06F2009/45591 ,  G06F2009/45595 ,  G06F2212/151

Abstract: A processor of an aspect includes a decode unit to decode an aperture access instruction, and an execution unit coupled with the decode unit. The execution unit, in response to the aperture access instruction, is to read a host physical memory address, which is to be associated with an aperture that is to be in system memory, from an access protected structure, and access data within the aperture at a host physical memory address that is not to be obtained through address translation. Other processors are also disclosed, as are methods, systems, and machine-readable medium storing aperture access instructions.

公开(公告)号：US11943340B2

公开(公告)日：2024-03-26

申请号：US17437342

申请日：2019-04-19

Applicant: Intel Corporation

Inventor： Bo Cui ,  Cunming Liang ,  Jr-Shian Tsai ,  Ping Yu ,  Xiaobing Qian ,  Xuekun Hu ,  Lin Luo ,  Shravan Nagraj ,  Xiaowen Zhang ,  Mesut A. Ergin ,  Tsung-Yuan C. Tai ,  Andrew J. Herdrich

IPC: H04L9/06 ,  G06F21/33 ,  G06F21/72 ,  G06F21/78 ,  H04L9/08 ,  H04L9/40

CPC classification number: H04L9/0825 ,  H04L9/0631 ,  H04L9/085 ,  H04L63/0236

Abstract: In some examples, for process-to-process communication, such as in function linking, a virtual channel can be provisioned to provide virtual machine to virtual machine communications. In response to a transmit request from a source virtual machine, the virtual channel can cause a data copy from a source buffer associated with the source virtual machine without decryption or encryption. The virtual channel provisions a key identifier for the copied data. The destination virtual machine can receive an indication data is available and can cause the data to be decrypted using a key accessed using the key identifier and source address of the copied data. In addition, the data can be encrypted using a second, different key for storage in a destination buffer associated with the destination virtual machine. In some examples, the key identifier and source address is managed by the virtual channel and is not visible to virtual machine or hypervisor.

公开(公告)号：US10817425B2

公开(公告)日：2020-10-27

申请号：US14583389

申请日：2014-12-26

Applicant: Intel Corporation

Inventor： Ren Wang ,  Andrew J. Herdrich ,  Yen-cheng Liu ,  Herbert H. Hum ,  Jong Soo Park ,  Christopher J. Hughes ,  Namakkal N. Venkatesan ,  Adrian C. Moga ,  Aamer Jaleel ,  Zeshan A. Chishti ,  Mesut A. Ergin ,  Jr-shian Tsai ,  Alexander W. Min ,  Tsung-yuan C. Tai ,  Christian Maciocco ,  Rajesh Sankaran

IPC: G06F12/0842 ,  G06F12/0831 ,  G06F12/0893 ,  G06F12/109 ,  G06F12/0813 ,  G06F9/455

Abstract: Methods and apparatus implementing Hardware/Software co-optimization to improve performance and energy for inter-VM communication for NFVs and other producer-consumer workloads. The apparatus include multi-core processors with multi-level cache hierarchies including and L1 and L2 cache for each core and a shared last-level cache (LLC). One or more machine-level instructions are provided for proactively demoting cachelines from lower cache levels to higher cache levels, including demoting cachelines from L1/L2 caches to an LLC. Techniques are also provided for implementing hardware/software co-optimization in multi-socket NUMA architecture system, wherein cachelines may be selectively demoted and pushed to an LLC in a remote socket. In addition, techniques are disclosure for implementing early snooping in multi-socket systems to reduce latency when accessing cachelines on remote sockets.

公开(公告)号：US10469451B2

公开(公告)日：2019-11-05

申请号：US15396440

申请日：2016-12-31

Applicant: Intel Corporation

Inventor： Kapil Sood ,  Mesut A. Ergin ,  John R. Fastabend ,  Shinae Woo ,  Jeffrey B. Shaw ,  Brian J. Skerry

IPC: H04L29/06 ,  G06F21/55

Abstract: Technologies for distributed detection of security anomalies include a computing device to establish a trusted relationship with a security server. The computing device reads one or more packets of at least one of an inter-virtual network function network or an inter-virtual network function component network in response to establishing the trusted relationship and performs a security threat assessment of the one or more packets. The computing device transmits the security threat assessment to the security server.

公开(公告)号：US10331492B2

公开(公告)日：2019-06-25

申请号：US15676948

申请日：2017-08-14

Applicant: INTEL CORPORATION

Inventor： Andrew J. Herdrich ,  Kapil Sood ,  Nrupal R. Jani ,  David J. Harriman ,  Mesut A. Ergin ,  Scott P. Dubal ,  Ravishankar Iyer

IPC: G06F9/50

Abstract: Examples may include techniques to coordinate the sharing of resources among virtual elements, including service chains, supported by a shared pool of configurable computing resources based on relative priority among the virtual element and service chains. Information including indications of the performance of the service chains and also the relative priority of the service chains may be received. The resource allocation of portions of the shared pool of configurable computing resources supporting the service chains can be adjusted based on the received performance and priority information.

公开(公告)号：US09829949B2

公开(公告)日：2017-11-28

申请号：US14126884

申请日：2013-06-28

Applicant: INTEL CORPORATION

Inventor： Alexander W. Min ,  Ren Wang ,  Jr-Shian Tsai ,  Mesut A. Ergin ,  Tsung-Yuan C. Tai

IPC: G06F13/24 ,  G06F1/32 ,  H04L12/12 ,  H04L12/861

CPC classification number: G06F1/32 ,  G06F1/3209 ,  G06F1/3278 ,  G06F1/329 ,  G06F13/24 ,  H04L12/12 ,  H04L49/90 ,  H04L49/9063 ,  Y02D10/157 ,  Y02D10/24 ,  Y02D50/40

Abstract: Methods and apparatus relating to adaptive interrupt coalescing for energy efficient mobile platforms are discussed herein. In one embodiment, one or more interrupts are buffered based on communication throughput. At least one of the one or more interrupts are released in response to expiration of an interrupt coalescing time period. Other embodiments are also claimed and described.

公开(公告)号：US09781209B2

公开(公告)日：2017-10-03

申请号：US14830862

申请日：2015-08-20

Applicant: Intel Corporation

Inventor： Mesut A. Ergin ,  Jr-Shian Tsai ,  Janet Tseng ,  Ren Wang ,  Jun Nakajima ,  Tsung-Yuan Tai

IPC: H04L12/50 ,  H04L29/08 ,  H04L12/725 ,  H04L12/721 ,  H04L12/713 ,  H04L12/835 ,  H04L12/26

CPC classification number: H04L67/1097 ,  H04L43/103 ,  H04L45/306 ,  H04L45/38 ,  H04L45/586 ,  H04L47/30

Abstract: Various embodiments are generally directed to techniques for improving the efficiency of exchanging packets between pairs of VMs within a communications server. An apparatus may include a processor component; a network interface to couple the processor component to a network; a virtual switch to analyze contents of at least one packet of a set of packets to be exchanged between endpoint devices through the network and the communications server, and to route the set of packets through one or more virtual servers of multiple virtual servers based on the contents; and a transfer component of a first virtual server of the multiple virtual servers to determine whether to route the set of packets to the virtual switch or to transfer the set of packets to a second virtual server of the multiple virtual servers in a manner that bypasses the virtual switch based on a routing rule.

公开(公告)号：US09454497B2

公开(公告)日：2016-09-27

申请号：US14460530

申请日：2014-08-15

Applicant: Intel Corporation

Inventor： Jun Nakajima ,  Jr-Shian Tsai ,  Ravi L. Sahita ,  Mesut A. Ergin ,  Edwin Verplanke ,  Rashmin N. Patel ,  Alexander W. Min ,  Ren Wang ,  Tsung-Yuan C. Tai

IPC: G06F12/14 ,  G06F9/455 ,  G06F21/44 ,  G06F21/60 ,  G06F9/50 ,  H04L12/931

CPC classification number: G06F12/1475 ,  G06F9/455 ,  G06F9/45558 ,  G06F9/50 ,  G06F21/44 ,  G06F21/606 ,  G06F2009/45583 ,  G06F2009/45587 ,  G06F2212/1052 ,  H04L49/70

Abstract: Technologies for secure inter-virtual-machine shared memory communication include a computing device with hardware virtualization support. A virtual machine monitor (VMM) authenticates a view switch component of a target virtual machine. The VMM adds configures a secure memory view to access a shared memory segment. The shared memory segment may include memory pages of a source virtual machine or the VMM. The view switch component switches to the secure memory view without generating a virtual machine exit event, using the hardware virtualization support. The view switch component may switch to the secure memory view by modifying an extended page table (EPT) pointer. The target virtual machine accesses the shared memory segment via the secure memory view. The target virtual machine and the source virtual machine may coordinate ownership of memory pages using a secure view control structure stored in the shared memory segment. Other embodiments are described and claimed.

Abstract translation: 用于安全的虚拟机间共享存储器通信的技术包括具有硬件虚拟化支持的计算设备。 虚拟机监视器（VMM）验证目标虚拟机的视图切换组件。 VMM添加配置安全内存视图以访问共享内存段。 共享内存段可以包括源虚拟机或VMM的存储器页面。 视图切换组件切换到安全存储器视图，而不会使用硬件虚拟化支持生成虚拟机退出事件。 视图切换组件可以通过修改扩展页表（EPT）指针来切换到安全存储器视图。 目标虚拟机通过安全内存视图访问共享内存段。 目标虚拟机和源虚拟机可以使用存储在共享存储器段中的安全视图控制结构来协调存储器页的所有权。 描述和要求保护其他实施例。

公开(公告)号：US20160267020A1

公开(公告)日：2016-09-15

申请号：US14656453

申请日：2015-03-12

Applicant: Intel Corporation

Inventor： Ren Wang ,  Weishuang Zhao ,  Wei Shen ,  Michael P. Mesnier ,  Tsung-Yuan C. Tai ,  Mesut A. Ergin

IPC: G06F12/12 ,  G06F12/08

CPC classification number: G06F12/123 ,  G06F12/0866 ,  G06F12/0891 ,  G06F12/126

Abstract: Computer-readable storage media, computing devices and methods associated with file cache management are discussed herein. In embodiments, a computing device may include a file cache and a file cache manager coupled with the file cache. The file cache manager may be configured to implement a context-aware eviction policy to identify a candidate file for deletion from the file cache, from a plurality of individual files contained within the file cache, based at least in part on file-level context information associated with the individual files. In embodiments, the file-level context information may include an indication of access recency and access frequency associated with the individual files. In such embodiments, identifying the candidate file for deletion from the file cache may be based, at least in part, on both the access recency and the access frequency of the individual files. Other embodiments may be described and/or claimed.

Abstract translation: 本文讨论了与文件高速缓存管理相关联的计算机可读存储介质，计算设备和方法。 在实施例中，计算设备可以包括与文件高速缓存相结合的文件高速缓存和文件高速缓存管理器。 文件缓存管理器可以被配置为至少部分地基于文件级上下文信息来实现从文件高速缓存中包含的多个单独文件中识别用于从文件高速缓存中删除的候选文件的上下文感知驱逐策略 与单个文件相关联。 在实施例中，文件级上下文信息可以包括与各个文件相关联的访问新近度和访问频率的指示。 在这样的实施例中，从文件高速缓存中识别要删除的候选文件可以至少部分地基于各个文件的访问新近度和访问频率。 可以描述和/或要求保护其他实施例。

公开(公告)号：US08959531B2

公开(公告)日：2015-02-17

申请号：US14105770

申请日：2013-12-13

Applicant: Intel Corporation

Inventor： Ren Wang ,  Jr-Shian Tsai ,  Tsung-Yuan C. Tai ,  Mesut A. Ergin ,  Prakash N. Iyer ,  Bruce L. Fleming

IPC: G06F13/00 ,  G06F9/54 ,  G06F1/32

CPC classification number: G06F9/4881 ,  G06F1/3203 ,  G06F9/54 ,  G06F9/542

Abstract: Systems and methods of managing break events may provide for detecting a first break event from a first event source and detecting a second break event from a second event source. In one example, the event sources can include devices coupled to a platform as well as active applications on the platform. Issuance of the first and second break events to the platform can be coordinated based on at least in part runtime information associated with the platform.

Abstract translation: 管理中断事件的系统和方法可以提供从第一事件源检测第一中断事件并从第二事件源检测第二中断事件。 在一个示例中，事件源可以包括耦合到平台的设备以及平台上的活动应用。 可以基于至少部分与平台相关联的运行时信息来协调向平台发出第一和第二休息事件。