公开(公告)号：US10671740B2

公开(公告)日：2020-06-02

申请号：US15946401

申请日：2018-04-05

Applicant: Intel Corporation

Inventor： Binata Bhattacharyya ,  Raghunandan Makaram ,  Amy L. Santoni ,  George Z. Chrysos ,  Simon P. Johnson ,  Brian S. Morris ,  Francis X. McKeen

IPC: G06F21/62 ,  G06F21/64 ,  G06F21/78 ,  G06F21/74 ,  G06F12/14 ,  G06F21/60

Abstract: A processor implementing techniques for supporting configurable security levels for memory address ranges is disclosed. In one embodiment, the processor includes a processing core a memory controller, operatively coupled to the processing core, to access data in an off-chip memory and a memory encryption engine (MEE) operatively coupled to the memory controller. The MEE is to responsive to detecting a memory access operation with respect to a memory location identified by a memory address within a memory address range associated with the off-chip memory, identify a security level indicator associated with the memory location based on a value stored on a security range register. The MEE is further to access at least a portion of a data item associated with the memory address range of the off-chip memory in view of the security level indicator.

公开(公告)号：US09032125B2

公开(公告)日：2015-05-12

申请号：US13780075

申请日：2013-02-28

Applicant: Intel Corporation

Inventor： Jayakrishna Guddeti ,  Binata Bhattacharyya

IPC: G06F9/50 ,  G06F13/24 ,  G06F1/32 ,  G06F1/20

CPC classification number: G06F13/24 ,  G06F1/206 ,  G06F1/3203 ,  G06F1/329 ,  G06F9/5038 ,  G06F9/5094 ,  Y02D10/22

Abstract: In one embodiment, the present invention includes a method for accessing a task stored in an entry of a task queue that identifies the task and a first core of a processor on which the task has been scheduled, reassigning the task to a coldest idle core of the processor, and sending the task to the coldest idle core and maintaining the processor in a turbo mode. Other embodiments are described and claimed.

Abstract translation: 在一个实施例中，本发明包括一种用于访问存储在任务队列的条目中的任务的方法，所述任务识别任务，并且处理器的第一核心已经被安排在其上，将任务重新分配到最冷空闲核心 处理器，并将任务发送到最冷的空闲核心并将处理器维持在turbo模式。 描述和要求保护其他实施例。

公开(公告)号：US20180365438A1

公开(公告)日：2018-12-20

申请号：US15946401

申请日：2018-04-05

Applicant: Intel Corporation

Inventor： Binata Bhattacharyya ,  Raghunandan Makaram ,  Amy L. Santoni ,  George Z. Chrysos ,  Simon P. Johnson ,  Brian S. Morris ,  Francis X. McKeen

IPC: G06F21/62 ,  G06F21/60 ,  G06F21/64 ,  G06F21/78

CPC classification number: G06F21/62 ,  G06F12/1441 ,  G06F21/602 ,  G06F21/64 ,  G06F21/74 ,  G06F21/78 ,  G06F2221/2113

Abstract: A processor implementing techniques for supporting configurable security levels for memory address ranges is disclosed. In one embodiment, the processor includes a processing core a memory controller, operatively coupled to the processing core, to access data in an off-chip memory and a memory encryption engine (MEE) operatively coupled to the memory controller. The MEE is to responsive to detecting a memory access operation with respect to a memory location identified by a memory address within a memory address range associated with the off-chip memory, identify a security level indicator associated with the memory location based on a value stored on a security range register. The MEE is further to access at least a portion of a data item associated with the memory address range of the off-chip memory in view of the security level indicator.

公开(公告)号：US09959418B2

公开(公告)日：2018-05-01

申请号：US14803956

申请日：2015-07-20

Applicant: Intel Corporation

Inventor： Binata Bhattacharyya ,  Raghunandan Makaram ,  Amy L. Santoni ,  George Z. Chrysos ,  Simon P. Johnson ,  Brian S. Morris ,  Francis X. McKeen

IPC: G06F21/64 ,  G06F21/62 ,  G06F21/60 ,  G06F21/78

CPC classification number: G06F21/62 ,  G06F21/602 ,  G06F21/64 ,  G06F21/78 ,  G06F2221/2113

Abstract: A processor implementing techniques for supporting configurable security levels for memory address ranges is disclosed. In one embodiment, the processor includes a processing core a memory controller, operatively coupled to the processing core, to access data in an off-chip memory and a memory encryption engine (MEE) operatively coupled to the memory controller. The MEE is to responsive to detecting a memory access operation with respect to a memory location identified by a memory address within a memory address range associated with the off-chip memory, identify a security level indicator associated with the memory location based on a value stored on a security range register. The MEE is further to access at least a portion of a data item associated with the memory address range of the off-chip memory in view of the security level indicator.

公开(公告)号：US09720488B2

公开(公告)日：2017-08-01

申请号：US15277944

申请日：2016-09-27

Applicant: Intel Corporation

Inventor： Jayakrishna G. Guddeti ,  Binata Bhattacharyya

IPC: G06F13/24 ,  G06F1/32 ,  G06F9/44

CPC classification number: G06F1/3287 ,  G06F1/3228 ,  G06F1/329 ,  G06F9/4418 ,  G06F13/24 ,  Y02D10/24 ,  Y02D50/20

Abstract: An apparatus and method is described herein for providing an early wake scheme before spawning a new thread. An early wake indication may be provided an amount of time, which may include an amount of time to perform a demotion from a current power state to a lower power state that is closer to an active power state, before a new thread is to be spawned and executed on a processing element (e.g., core or thread). Upon encountering the spawn of the new thread, such as a helper thread, the processing element may further transition from the lower power state to an active power state. The new thread may be executed on the processing element without incurring the latency associated with execution of the new thread waiting for the demotion from the current power state to an active power state after the spawn of the new thread.

公开(公告)号：US10230528B2

公开(公告)日：2019-03-12

申请号：US14703420

申请日：2015-05-04

Applicant: Intel Corporation

Inventor： Binata Bhattacharyya ,  Amy L. Santoni ,  Raghunandan Makaram ,  Francis X. McKeen ,  Simon P. Johnson ,  George Z. Chrysos ,  Siddhartha Chhabra

IPC: G06F11/30 ,  G06F12/14 ,  H04L9/32 ,  H04L9/06

Abstract: Systems and methods for memory protection for implementing trusted execution environment. An example processing system comprises: an on-package memory; a memory encryption engine (MEE) comprising a MEE cache, the MEE to: responsive to failing to locate, within the MEE cache, an encryption metadata associated with a data item loaded from an external memory, retrieve at least part of the encryption metadata from the OPM, and validate the data item using the encryption metadata.

公开(公告)号：US10031861B2

公开(公告)日：2018-07-24

申请号：US14865304

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Siddhartha Chhabra ,  Binata Bhattacharyya ,  Raghunandan Makaram ,  Brian S. Morris

IPC: G06F12/14 ,  G06F12/0802 ,  H04L9/30 ,  H04L9/32 ,  H04L9/06

Abstract: A server, processing device and/or processor includes a processing core and a memory controller, operatively coupled to the processing core, to access data in an off-chip memory. A memory encryption engine (MEE) may be operatively coupled to the memory controller and the off-chip memory. The MEE may store non-MEE metadata bits within a modified version line corresponding to ones of a plurality of data lines stored in a protected region of the off-chip memory, compute an embedded message authentication code (eMAC) using the modified version line, and detect an attempt to modify one of the non-MEE metadata bits by using the eMAC within a MEE tree walk to authenticate access to the plurality of data lines. The non-MEE metadata bits may store coherence bits that track changes to a cache line in a remote socket, poison bits that track error containment within the data lines, and possibly other metadata bits.

公开(公告)号：US10185842B2

公开(公告)日：2019-01-22

申请号：US14661044

申请日：2015-03-18

Applicant: Intel Corporation

Inventor： Siddhartha Chhabra ,  Raghunandan Makaram ,  Jim McCormick ,  Binata Bhattacharyya

IPC: G06F21/79 ,  G06F9/54 ,  H04L9/08 ,  H04L29/06

Abstract: This disclosure is directed to cache and data organization for memory protection. Memory protection operations in a device may be expedited by organizing cache and/or data structure while providing memory protection for encrypted data. An example device may comprise processing module and a memory module. The processing module may include a memory encryption engine (MEE) to decrypt encrypted data loaded from the memory module, or to encrypt plaintext data prior to storage in the memory module, using security metadata also stored in the memory module. Example security metadata may include version (VER) data, memory authentication code (MAC) data and counter data. Consistent with the present disclosure, a cache associated with the MEE may be partitioned to separate the VER and MAC data from counter data. Data organization may comprise including the VER and MAC data corresponding to particular data in the same data line.

公开(公告)号：US10007606B2

公开(公告)日：2018-06-26

申请号：US15085599

申请日：2016-03-30

Applicant: Intel Corporation

Inventor： Vedaraman Geetha ,  Brian S. Morris ,  Binata Bhattacharyya ,  Massimo Sutera

IPC: G06F12/08 ,  G06F12/0831 ,  G06F12/0811

CPC classification number: G06F12/0831 ,  G06F12/0811 ,  G06F2212/283 ,  G06F2212/621

Abstract: Electronic circuitry of a computing system is described where the computing system includes a multi-level system memory where the multi-level system memory includes a near memory cache. The computing system directs system memory access requests whose addresses map to a same near memory cache slot to a same home caching agent so that the same home caching agent can characterize individual cache lines as inclusive or non-inclusive before forwarding the requests to a system memory controller, and where the computing system directs other system memory access requests to the system memory controller without passing the other requests through a home caching agent. The electronic circuitry is to modify the respective original addresses of the other requests to include a special code that causes the other system memory access requests to map to a specific pre-determined set of slots within the near memory cache.

公开(公告)号：US20170091119A1

公开(公告)日：2017-03-30

申请号：US14865304

申请日：2015-09-25

Applicant: Intel Corporation

Inventor： Siddhartha Chhabra ,  Binata Bhattacharyya ,  Raghunandan Makaram ,  Brian S. Morris

IPC: G06F12/14 ,  H04L9/30 ,  G06F12/0802 ,  H04L9/32

CPC classification number: G06F12/1408 ,  G06F12/08 ,  G06F12/0802 ,  G06F12/1466 ,  G06F2212/1052 ,  G06F2212/402 ,  G06F2212/60 ,  H04L9/0637 ,  H04L9/30 ,  H04L9/3242

Abstract: A server, processing device and/or processor includes a processing core and a memory controller, operatively coupled to the processing core, to access data in an off-chip memory. A memory encryption engine (MEE) may be operatively coupled to the memory controller and the off-chip memory. The MEE may store non-MEE metadata bits within a modified version line corresponding to ones of a plurality of data lines stored in a protected region of the off-chip memory, compute an embedded message authentication code (eMAC) using the modified version line, and detect an attempt to modify one of the non-MEE metadata bits by using the eMAC within a MEE tree walk to authenticate access to the plurality of data lines. The non-MEE metadata bits may store coherence bits that track changes to a cache line in a remote socket, poison bits that track error containment within the data lines, and possibly other metadata bits.