公开(公告)号：US20240095340A1

公开(公告)日：2024-03-21

申请号：US18526279

申请日：2023-12-01

Applicant: Intel Corporation

Inventor： Mingwei Zhang ,  Mingqiu Sun ,  Ravi L. Sahita ,  Chunhui Zhang ,  Xiaoning Li

IPC: G06F21/53 ,  G06F8/41 ,  G06F9/38 ,  G06F21/12

CPC classification number: G06F21/53 ,  G06F8/441 ,  G06F9/3836 ,  G06F21/126 ,  G06F2221/2143

Abstract: Technologies for untrusted code execution include a computing device having a processor with sandbox support. The computing device executes code included in a native domain in a non-privileged, native processor mode. The computing device may invoke a sandbox jump processor instruction during execution of the code in the native domain to enter a sandbox domain. The computing device executes code in the sandbox domain in a non-privileged, sandbox processor mode in response to invoking the sandbox jump instruction. While executing in the sandbox processor mode, the processor denies access to memory outside of the sandbox domain and may deny execution of one or more prohibited instructions. From the sandbox domain, the computing device may execute a sandbox exit instruction to exit the sandbox domain and resume execution in the native domain. The computing device may execute processor instructions to configure the sandbox domain. Other embodiments are described and claimed.

公开(公告)号：US11922220B2

公开(公告)日：2024-03-05

申请号：US17255588

申请日：2019-04-16

Applicant: Intel Corporation

Inventor： Mohammad R. Haghighat ,  Kshitij Doshi ,  Andrew J. Herdrich ,  Anup Mohan ,  Ravishankar R. Iyer ,  Mingqiu Sun ,  Krishna Bhuyan ,  Teck Joo Goh ,  Mohan J. Kumar ,  Michael Prinke ,  Michael Lemay ,  Leeor Peled ,  Jr-Shian Tsai ,  David M. Durham ,  Jeffrey D. Chamberlain ,  Vadim A. Sukhomlinov ,  Eric J. Dahlen ,  Sara Baghsorkhi ,  Harshad Sane ,  Areg Melik-Adamyan ,  Ravi Sahita ,  Dmitry Yurievich Babokin ,  Ian M. Steiner ,  Alexander Bachmutsky ,  Anil Rao ,  Mingwei Zhang ,  Nilesh K. Jain ,  Amin Firoozshahian ,  Baiju V. Patel ,  Wenyong Huang ,  Yeluri Raghuram

IPC: G06F9/50 ,  G06F9/52 ,  G06F11/30 ,  G06F11/34 ,  G06F21/53 ,  G06F21/56 ,  G06F21/60 ,  G06N20/00

CPC classification number: G06F9/5061 ,  G06F9/52 ,  G06F11/302 ,  G06F11/3495 ,  G06F21/53 ,  G06F21/604 ,  G06F21/56 ,  G06F2209/521 ,  G06F2221/033 ,  G06N20/00

Abstract: Embodiments of systems, apparatuses and methods provide enhanced function as a service (FaaS) to users, e.g., computer developers and cloud service providers (CSPs). A computing system configured to provide such enhanced FaaS service include one or more controls architectural subsystems, software and orchestration subsystems, network and storage subsystems, and security subsystems. The computing system executes functions in response to events triggered by the users in an execution environment provided by the architectural subsystems, which represent an abstraction of execution management and shield the users from the burden of managing the execution. The software and orchestration subsystems allocate computing resources for the function execution by intelligently spinning up and down containers for function code with decreased instantiation latency and increased execution scalability while maintaining secured execution. Furthermore, the computing system enables customers to pay only when their code gets executed with a granular billing down to millisecond increments.

公开(公告)号：US20230100873A1

公开(公告)日：2023-03-30

申请号：US18061954

申请日：2022-12-05

Applicant: Intel Corporation

Inventor： Enrico Galli ,  Andrew S. Brown ,  Mingqiu Sun ,  Petr Penzin

IPC: G06F9/50 ,  G06F9/30 ,  G06F11/07

Abstract: An apparatus includes a first processor to be communicatively coupled to a main memory having instructions stored therein. The first processor is to execute the instructions to assign a first tag to a plurality of granules in a first portion of memory allocated for an offloaded function invoked by a module running on a second processor, detect an exception raised for a tag check failure for a memory access operation based on a first memory address in the first portion of the memory, and update a modified address list to include information associated with the first memory address. The instructions are executed further to synchronize, based on the modified address list, a second portion of the memory allocated to the module with the first portion of the memory.

公开(公告)号：US11526205B2

公开(公告)日：2022-12-13

申请号：US15734820

申请日：2018-12-31

Applicant: Intel Corporation

Inventor： Ke Han ,  Mingqiu Sun ,  Dong Wang ,  Prakash Iyer ,  Stephan Jourdan ,  Andrzej Mialkowski

IPC: G06F1/32 ,  G06F9/48 ,  G06F1/329 ,  G06F1/3296

Abstract: Methods and apparatus to implement always-on context sensor hubs for processing multiple different types of data inputs are disclosed. An examples apparatus includes a first processor core to implement a host controller, and a second processor core to implement an offload engine. The host controller includes first logic to process sensor data associated with an electronic device when the electronic device is in a low power mode. The host controller is to offload a computational task associated with the sensor data to the offload engine. The offload engine includes second logic to execute the computational task.

公开(公告)号：US20220374158A1

公开(公告)日：2022-11-24

申请号：US17764113

申请日：2019-12-20

Applicant: Intel Corporation

Inventor： Bin Yang ,  Chao Xie ,  Dong-Yuan Chen ,  Jia Bao ,  Mingqiu Sun ,  Mohammad R. Haghighat ,  Qiming Shi ,  Zhen Zhou

IPC: G06F3/06

Abstract: Systems, apparatuses and methods may provide technology for managing a runtime computing environment having tiered object memory placement that assigns a hotness score to an object having an object type based on an invocation count of objects referenced by a hot method, allocates a newly-created object to one of a hot object heap, said hot object heap assigned to store hot objects in a first memory tier, or a cold object heap, said cold object heap assigned to store cold objects in a second memory tier, based on the hotness score associated with the object type for the newly-created object, and migrates a plurality of objects between the hot object heap and the cold object heap based on a hotness score associated with each object. The technology may also operate the object migration in an execution thread independent of an execution thread for the object allocation.

公开(公告)号：US20220121737A1

公开(公告)日：2022-04-21

申请号：US17367106

申请日：2021-07-02

Applicant: Intel Corporation

Inventor： Mingwei Zhang ,  Mingqiu Sun ,  Ravi L. Sahita ,  Chunhui Zhang ,  Xiaoning Li

IPC: G06F21/53 ,  G06F8/41 ,  G06F9/38 ,  G06F21/12

Abstract: Technologies for untrusted code execution include a computing device having a processor with sandbox support. The computing device executes code included in a native domain in a non-privileged, native processor mode. The computing device may invoke a sandbox jump processor instruction during execution of the code in the native domain to enter a sandbox domain. The computing device executes code in the sandbox domain in a non-privileged, sandbox processor mode in response to invoking the sandbox jump instruction. While executing in the sandbox processor mode, the processor denies access to memory outside of the sandbox domain and may deny execution of one or more prohibited instructions. From the sandbox domain, the computing device may execute a sandbox exit instruction to exit the sandbox domain and resume execution in the native domain. The computing device may execute processor instructions to configure the sandbox domain. Other embodiments are described and claimed.

公开(公告)号：US11221875B2

公开(公告)日：2022-01-11

申请号：US16079999

申请日：2016-03-31

Applicant: INTEL CORPORATION

Inventor： Yuyang Du ,  Mingqiu Sun ,  Jian Sun ,  Yong Tong Chua

IPC: G06F9/455 ,  G06F9/48

Abstract: A method and apparatus for cooperative scheduling of virtual machines. An exemplary method includes maintaining a CPU mask by a virtual machine manager, wherein the CPU mask comprises a real-time availability of each of a plurality of physical CPUs (PCPUs). A virtual machine (VM) is allowed to read the CPU mask.

公开(公告)号：US20210263779A1

公开(公告)日：2021-08-26

申请号：US17255588

申请日：2019-04-16

Applicant: Intel Corporation

Inventor： Mohammad R. Haghighat ,  Kshitij Doshi ,  Andrew J. Herdrich ,  Anup Mohan ,  Ravishankar R. Iyer ,  Mingqiu Sun ,  Krishna Bhuyan ,  Teck Joo Goh ,  Mohan J. Kumar ,  Michael Prinke ,  Michael Lemay ,  Leeor Peled ,  Jr-Shian Tsai ,  David M. Durham ,  Jeffrey D. Chamberlain ,  Vadim A. Sukhomlinov ,  Eric J. Dahlen ,  Sara Baghsorkhi ,  Harshad Sane ,  Areg Melik-Adamyan ,  Ravi Sahita ,  Dmitry Yurievich Babokin ,  Ian M. Steiner ,  Alexander Bachmutsky ,  Anil Rao ,  Mingwei Zhang ,  Nilesh K. Jain ,  Amin Firoozshahian ,  Baiju V. Patel ,  Wenyong Huang ,  Yeluri Raghuram

IPC: G06F9/50 ,  G06F21/53 ,  G06F9/52 ,  G06F21/60 ,  G06F11/30 ,  G06F11/34

Abstract: Embodiments of systems, apparatuses and methods provide enhanced function as a service (FaaS) to users, e.g., computer developers and cloud service providers (CSPs). A computing system configured to provide such enhanced FaaS service include one or more controls architectural subsystems, software and orchestration subsystems, network and storage subsystems, and security subsystems. The computing system executes functions in response to events triggered by the users in an execution environment provided by the architectural subsystems, which represent an abstraction of execution management and shield the users from the burden of managing the execution. The software and orchestration subsystems allocate computing resources for the function execution by intelligently spinning up and down containers for function code with decreased instantiation latency and increased execution scalability while maintaining secured execution. Furthermore, the computing system enables customers to pay only when their code gets executed with a granular billing down to millisecond increments.

公开(公告)号：US20210232199A1

公开(公告)日：2021-07-29

申请号：US15734820

申请日：2018-12-31

Applicant: Intel Corporation

Inventor： Ke Han ,  Mingqiu Sun ,  Dong Wang ,  Prakash Iyer ,  Stephan Jourdan ,  Andrzej Mialkowski

IPC: G06F1/329 ,  G06F1/3296 ,  G06F9/48

Abstract: Methods and apparatus to implement always-on context sensor hubs for processing multiple different types of data inputs are disclosed. An examples apparatus includes a first processor core to implement a host controller, and a second processor core to implement an offload engine. The host controller includes first logic to process sensor data associated with an electronic device when the electronic device is in a low power mode. The host controller is to offload a computational task associated with the sensor data to the offload engine. The offload engine includes second logic to execute the computational task.

公开(公告)号：US10540193B2

公开(公告)日：2020-01-21

申请号：US15590781

申请日：2017-05-09

Applicant: INTEL CORPORATION

Inventor： Mingqiu Sun ,  Noah Zentzis ,  Vincent J. Zimmer ,  Peggy J. Irelan ,  Timothy E. Abels ,  Gopinatth Selvaraje ,  Rajesh Poornachandran

IPC: G06F9/455 ,  G06F16/28 ,  G06F12/14

Abstract: A microservice infrastructure that securely maintains the currency of computing platform microservices implemented within a process virtual machine is provided. The computing platform microservices maintained by the infrastructure may include protected methods that provide and control access to components of the underlying computing environment. These components may include, for example, storage devices, peripherals, and network interfaces. By providing a software-defined microservice layer between these hardware components and workflows that specify high-level application logic, the embodiments disclosed herein have enhanced flexibility and scalability when compared to conventional technology.