公开(公告)号：US20240427728A1

公开(公告)日：2024-12-26

申请号：US18670721

申请日：2024-05-21

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Stephen J. Robinson ,  Christopher D. Bryant ,  Jason W. Brandt

IPC: G06F15/80 ,  G06F9/30 ,  G06F9/38

Abstract: A processor includes a widest set of data registers that corresponds to a given logical processor. Each of the data registers of the widest set have a first width in bits. A decode unit that corresponds to the given logical processor is to decode instructions that specify the data registers of the widest set, and is to decode an atomic store to memory instruction. The atomic store to memory instruction is to indicate data that is to have a second width in bits that is wider than the first width in bits. The atomic store to memory instruction is to indicate memory address information associated with a memory location. An execution unit is coupled with the decode unit. The execution unit, in response to the atomic store to memory instruction, is to atomically store the indicated data to the memory location.

公开(公告)号：US12135780B2

公开(公告)日：2024-11-05

申请号：US18232810

申请日：2023-08-10

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Barry E. Huntley ,  Baiju V. Patel ,  Deepak K. Gupta

IPC: G06F21/52 ,  G06F3/06 ,  G06F9/30 ,  G06F9/46 ,  G06F12/14

Abstract: A processor implementing techniques for processor extensions to protect stacks during ring transitions is provided. In one embodiment, the processor includes a plurality of registers and a processor core, operatively coupled to the plurality of registers. The plurality of registers is used to store data used in privilege level transitions. Each register of the plurality of registers is associated with a privilege level. An indicator to change a first privilege level of a currently active application to a second privilege level is received. In view of the second privilege level, a shadow stack pointer (SSP) stored in a register of the plurality of registers is selected. The register is associated with the second privilege level. By using the SSP, a shadow stack for use by the processor at the second privilege level is identified.

公开(公告)号：US12099841B2

公开(公告)日：2024-09-24

申请号：US17212977

申请日：2021-03-25

Applicant: Intel Corporation

Inventor： Rajesh Sankaran ,  Gilbert Neiger ,  Vedvyas Shanbhogue ,  David Koufaty

IPC: G06F9/54 ,  G06F9/30 ,  G06F9/48

CPC classification number: G06F9/30076 ,  G06F9/30101 ,  G06F9/4825

Abstract: An embodiment of an apparatus comprises decode circuitry to decode a single instruction, the single instruction to include a field for an identifier of a first source operand, a field for an identifier of a destination operand, and a field for an opcode, the opcode to indicate execution circuitry is to program a user timer, and execution circuitry to execute the decoded instruction according to the opcode to retrieve timer program information from a location indicated by the first source operand, and program a user timer indicated by the destination operand based on the retrieved timer program information. Other embodiments are disclosed and claimed.

公开(公告)号：US20230409340A1

公开(公告)日：2023-12-21

申请号：US18307650

申请日：2023-04-26

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Ravi L. Sahita ,  Vincent Scarlata ,  Barry E. Huntley

IPC: G06F9/4401 ,  G06F9/455 ,  G06F12/1009 ,  H04L9/30 ,  H04L9/32 ,  G06F21/78

CPC classification number: G06F9/4403 ,  G06F9/45558 ,  G06F12/1009 ,  H04L9/30 ,  G06F2009/45579 ,  G06F21/78 ,  G06F2009/45583 ,  G06F2009/45591 ,  G06F2009/45595 ,  H04L9/32

Abstract: A processor includes a range register to store information that identifies a reserved range of memory associated with a secure arbitration mode (SEAM) and a core coupled to the range register. The core includes security logic to unlock the range register on a logical processor, of the processor core, that is to initiate the SEAM. The logical processor is to, via execution of the security logic, store, in the reserved range, a SEAM module and a manifest associated with the SEAM module, wherein the SEAM module supports execution of one or more trust domains; initialize a SEAM virtual machine control structure (VMCS) within the reserved range of the memory that is to control state transitions between a virtual machine monitor (VMM) and the SEAM module; and authenticate the SEAM module using a manifest signature of the manifest.

公开(公告)号：US11782849B2

公开(公告)日：2023-10-10

申请号：US17367349

申请日：2021-07-03

Applicant: Intel Corporation

Inventor： Carlos V. Rozas ,  Mona Vij ,  Rebekah M. Leslie-Hurd ,  Krystof C. Zmudzinski ,  Somnath Chakrabarti ,  Francis X. Mckeen ,  Vincent R. Scarlata ,  Simon P. Johnson ,  Ilya Alexandrovich ,  Gilbert Neiger ,  Vedvyas Shanbhogue ,  Ittai Anati

IPC: G06F12/14 ,  G06F21/60 ,  G06F9/30 ,  G06F21/53 ,  G06F8/41 ,  G06F9/455

CPC classification number: G06F12/1408 ,  G06F8/41 ,  G06F9/30145 ,  G06F9/45558 ,  G06F12/1441 ,  G06F12/1483 ,  G06F21/53 ,  G06F21/602 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2212/1052

Abstract: A processor includes a decode unit to decode an instruction that is to indicate a page of a protected container memory, and a storage location outside of the protected container memory. An execution unit, in response to the instruction, is to ensure that there are no writable references to the page of the protected container memory while it has a write protected state. The execution unit is to encrypt a copy of the page of the protected container memory. The execution unit is to store the encrypted copy of the page to the storage location outside of the protected container memory, after it has been ensured that there are no writable references. The execution unit is to leave the page of the protected container memory in the write protected state, which is also valid and readable, after the encrypted copy has been stored to the storage location.

公开(公告)号：US11782716B2

公开(公告)日：2023-10-10

申请号：US17517580

申请日：2021-11-02

Applicant: Intel Corporation

Inventor： Michael LeMay ,  Vedvyas Shanbhogue ,  Deepak Gupta ,  Ravi Sahita ,  David M. Durham ,  Willem Pinckaers ,  Enrico Perla

IPC: G06F9/30 ,  G06F9/38 ,  G06F9/448 ,  G06F9/46 ,  G06F16/901 ,  G06F9/455 ,  G06F12/14 ,  G06F21/52 ,  G06F21/79 ,  G06F9/35

CPC classification number: G06F9/30145 ,  G06F9/3836 ,  G06F9/449 ,  G06F9/468 ,  G06F16/9017

Abstract: Systems, methods, and apparatuses relating to circuitry to implement individually revocable capabilities for enforcing temporal memory safety are described. In one embodiment, a hardware processor comprises an execution unit to execute an instruction to request access to a block of memory through a pointer to the block of memory, and a memory controller circuit to allow access to the block of memory when an allocated object tag in the pointer is validated with an allocated object tag in an entry of a capability table in memory that is indexed by an index value in the pointer, wherein the memory controller circuit is to clear the allocated object tag in the capability table when a corresponding object is deallocated.

公开(公告)号：US11700135B2

公开(公告)日：2023-07-11

申请号：US17134360

申请日：2020-12-26

Applicant: Intel Corporation

Inventor： Siddhartha Chhabra ,  Prashant Dewan ,  Baiju Patel ,  Vedvyas Shanbhogue

IPC: H04L9/32 ,  G06F9/30 ,  G06F12/14 ,  H04L9/08

CPC classification number: H04L9/3278 ,  G06F9/30145 ,  G06F12/1408 ,  H04L9/0866 ,  H04L9/3242

Abstract: Techniques for encrypting data using a key generated by a physical unclonable function (PUF) are described. An apparatus according to the present disclosure may include decoder circuitry to decode an instruction and generate a decoded instruction. The decoded instruction includes operands and an opcode. The opcode indicates that execution circuitry is to encrypt data using a key generated by a PUF. The apparatus may further include execution circuitry to execute the decoded instruction according to the opcode to encrypt the data to generate encrypted data using the key generated by the PUF.

公开(公告)号：US11650818B2

公开(公告)日：2023-05-16

申请号：US17404890

申请日：2021-08-17

Applicant: Intel Corporation

Inventor： Vedvyas Shanbhogue ,  Jason W. Brandt ,  Ravi L. Sahita ,  Xiaoning Li

IPC: G06F21/54 ,  G06F21/00 ,  G06F9/30 ,  G06F9/38 ,  G06F21/55

CPC classification number: G06F9/3005 ,  G06F9/30054 ,  G06F9/30145 ,  G06F9/3857 ,  G06F9/3861 ,  G06F9/3865 ,  G06F9/3867 ,  G06F21/554

Abstract: A processor includes an execution unit and a processing logic operatively coupled to the execution unit, the processing logic to: enter a first execution state and transition to a second execution state responsive to executing a control transfer instruction. Responsive to executing a target instruction of the control transfer instruction, the processing logic further transitions to the first execution state responsive to the target instruction being a control transfer termination instruction of a mode identical to a mode of the processing logic following the execution of the control transfer instruction; and raises an execution exception responsive to the target instruction being a control transfer termination instruction of a mode different than the mode of the processing logic following the execution of the control transfer instruction.

公开(公告)号：US20220222358A1

公开(公告)日：2022-07-14

申请号：US17710723

申请日：2022-03-31

Applicant: Intel Corporation

Inventor： Ravi Sahita ,  Dror Caspi ,  Vedvyas Shanbhogue ,  Vincent Scarlata ,  Anjo Lucas Vahldiek-Oberwagner ,  Haidong Xia ,  Mona Vij

IPC: G06F21/60 ,  G06F21/53 ,  G06F21/54 ,  G06F9/455

Abstract: Scalable cloning and replication for trusted execution environments is described. An example of a computer-readable storage medium includes instructions for receiving a selection of a point to capture a snapshot of a baseline trust domain (TD) or secure enclave, the TD or secure enclave being associated with a trusted execution environment (TEE) of a processor utilized for processing of a workload; initiating cloning of the TD or secure enclave from a source platform to an escrow platform; generating an escrow key to export the snapshot to the escrow platform; and exporting a state of the TD or secure enclave to the escrow platform, the state being sealed with a sealing key.

公开(公告)号：US20220197643A1

公开(公告)日：2022-06-23

申请号：US17133618

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： Jayesh Gaur ,  Adarsh Chauhan ,  Vinodh Gopal ,  Vedvyas Shanbhogue ,  Sreenivas Subramoney ,  Wajdi Feghali

IPC: G06F9/30 ,  G06F12/0875

Abstract: Methods and apparatus relating to speculative decompression within processor core caches are described. In an embodiment, decode circuitry decodes a decompression instruction into a first micro operation and a second micro operation. The first micro operation causes one or more load operations to fetch data into a plurality of cachelines of a cache of a processor core. Decompression Engine (DE) circuitry decompresses the fetched data from the plurality of cachelines of the cache of the processor core in response to the second micro operation. The decompression instruction causes the DE circuitry to perform an out-of-order decompression of the plurality of cachelines. Other embodiments are also disclosed and claimed.