公开(公告)号：US11416415B2

公开(公告)日：2022-08-16

申请号：US16444053

申请日：2019-06-18

Applicant: Intel Corporation

Inventor： Reshma Lal ,  Pradeep M. Pappachan ,  Luis Kida ,  Krystof Zmudzinski ,  Siddhartha Chhabra ,  Abhishek Basak ,  Alpa Narendra Trivedi ,  Anna Trikalinou ,  David M. Lee ,  Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya

IPC: G06F12/14 ,  H04L9/32 ,  G06F21/76 ,  G06F21/60 ,  H04L9/08 ,  G06F9/455 ,  G06F21/57 ,  G06F21/64 ,  H04L41/28 ,  G06F21/79 ,  H04L41/046 ,  H04L9/06 ,  G06F9/38 ,  G06F12/0802

Abstract: Technologies for secure device configuration and management include a computing device having an I/O device. A trusted agent of the computing device is trusted by a virtual machine monitor of the computing device. The trusted agent securely commands the I/O device to enter a trusted I/O mode, securely commands the I/O device to set a global lock on configuration registers, receives configuration data from the I/O device, and provides the configuration data to a trusted execution environment. In the trusted I/O mode, the I/O device rejects a configuration command if a configuration register associated with the configuration command is locked and the configuration command is not received from the trusted agent. The trusted agent may provide attestation information to the trusted execution environment. The trusted execution environment may verify the configuration data and the attestation information. Other embodiments are described and claimed.

公开(公告)号：US11216396B2

公开(公告)日：2022-01-04

申请号：US15280730

申请日：2016-09-29

Applicant: Intel Corporation

Inventor： Mark A. Schmisseur ,  Raj K. Ramanujan ,  Filip Schmole ,  David M. Lee ,  Ishwar Agarwal ,  David J. Harriman

IPC: G06F13/16 ,  G06F13/42 ,  G06F12/02 ,  G06F12/12

Abstract: Aspects of the disclosure are directed to systems, methods, and devices that include an application processor. The application processor includes an interface logic to interface with a communication module using a bidirectional interconnect link compliant with a peripheral component interconnect express (PCIe) protocol. The interface logic to receive a data packet from across the link, the data packet comprises a header and data payload; determine a hint bit set in the header of the data packet; determine a steering tag value in the data packet header based on the hint bit set; and transmit the data payload to non-volatile memory based on the steering tag set in the header.

公开(公告)号：US10789370B2

公开(公告)日：2020-09-29

申请号：US15470270

申请日：2017-03-27

Applicant: INTEL CORPORATION

Inventor： Mohan K. Nair ,  Rajesh M. Sankaran ,  Utkarsh Y. Kakaiya ,  Zhenfu Chai ,  David M. Lee ,  Pratik M. Marolia

IPC: G06F9/4401 ,  G06F21/60 ,  G06F21/85 ,  G06F21/57 ,  G06F12/0815 ,  G06F13/42 ,  H04L29/06

Abstract: In accordance with embodiments disclosed herein, there is provided systems and methods for extending a root complex to encompass an external component. A processor includes a processor core and root complex circuitry coupled to the processor core. The processor core is to execute a basic input/output system (BIOS) and an operating system (OS). The root complex circuitry includes a coherent interface port and a downstream port. The root complex circuitry is to couple to an external component via the downstream port and the coherent interface port. The BIOS, to extend a root complex beyond the root complex circuitry to encompass the external component, is to obfuscate the downstream port from the OS, define a virtual root bridge for the external component, and enable a security check at the external component to provide protection for the coherent interface port and the downstream port.

公开(公告)号：US10560081B2

公开(公告)日：2020-02-11

申请号：US15632836

申请日：2017-06-26

Applicant: Intel Corporation

Inventor： Mahesh Wagh ,  Zuoguo J. Wu ,  Venkatraman Iyer ,  Gerald S. Pasdast ,  Todd A. Hinck ,  David M. Lee ,  Narasimha R. Lanka

IPC: H03K5/26 ,  G01R31/04 ,  H03L9/00 ,  G06F1/3296 ,  G06F13/42 ,  H03K5/131

Abstract: In an example, a system and method for centering in a high-performance interconnect (HPI) are disclosed. When an interconnect is powered up from a dormant state, it may be necessary to “center” the clock signal to ensure that data are read at the correct time. A multi-phase method may be used, in which a first phase comprises a reference voltage sweep to identify an optimal reference voltage. A second phase comprises a phase sweep to identify an optimal phase. A third sweep comprises a two-dimensional “eye” phase, in which a plurality of values within a two-dimensional eye derived from the first two sweeps are tested. In each case, the optimal value is the value that results in the fewest bit error across multiple lanes. In one example, the second and third phases are performed in software, and may include testing a “victim” lane, with adjacent “aggressor” lanes having a complementary bit pattern.

公开(公告)号：US20190311123A1

公开(公告)日：2019-10-10

申请号：US16444053

申请日：2019-06-18

Applicant: Intel Corporation

Inventor： Reshma Lal ,  Pradeep M. Pappachan ,  Luis Kida ,  Krystof Zmudzinski ,  Siddhartha Chhabra ,  Abhishek Basak ,  Alpa Narendra Trivedi ,  Anna Trikalinou ,  David M. Lee ,  Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya

IPC: G06F21/57 ,  G06F21/64 ,  H04L12/24 ,  H04L9/08 ,  G06F9/455

Abstract: Technologies for secure device configuration and management include a computing device having an I/O device. A trusted agent of the computing device is trusted by a virtual machine monitor of the computing device. The trusted agent securely commands the I/O device to enter a trusted I/O mode, securely commands the I/O device to set a global lock on configuration registers, receives configuration data from the I/O device, and provides the configuration data to a trusted execution environment. In the trusted I/O mode, the I/O device rejects a configuration command if a configuration register associated with the configuration command is locked and the configuration command is not received from the trusted agent. The trusted agent may provide attestation information to the trusted execution environment. The trusted execution environment may verify the configuration data and the attestation information. Other embodiments are described and claimed.

公开(公告)号：US20180321948A1

公开(公告)日：2018-11-08

申请号：US15640524

申请日：2017-07-01

Applicant: Intel Corporation

Inventor： Georges Manuel Faure Vaquero ,  John Cruz Mejia ,  Scott M. Rider ,  David M. Lee

IPC: G06F9/44 ,  G06F11/14 ,  G06F11/30 ,  G06F11/07

CPC classification number: G06F9/4413 ,  G06F11/0736 ,  G06F11/1417 ,  G06F11/3051

Abstract: Aspects of the embodiments are directed to propagating an in-band hot reset through an add-in card compliant with a peripheral component interconnect express (PCIe) protocol. A host system can transmit an in-band hot reset to the add-in card across a link compliant with the PCIe protocol. A non-transparent bridge (NTB) on the add-in card can receive the in-band hot reset and reset configuration registers on the NTB. A system management controller can poll the NTB register values to determine that the polled configuration registers are different from expected values stored on an electrically erasable programmable random access memory (EEPROM). The SMC can signal a warm reset to a peripheral component based on the determination that the polled configuration register value is different from the expected register value.

公开(公告)号：US20180089115A1

公开(公告)日：2018-03-29

申请号：US15280730

申请日：2016-09-29

Applicant: Intel Corporation

Inventor： Mark A. Schmisseur ,  Raj K. Ramanujan ,  Filip Schmole ,  David M. Lee ,  Ishwar Agarwal ,  David J. Harriman

IPC: G06F13/16 ,  G06F13/42 ,  G06F12/02 ,  G06F12/128

CPC classification number: G06F13/1694 ,  G06F12/0246 ,  G06F12/12 ,  G06F13/4282

Abstract: Aspects of the disclosure are directed to systems, methods, and devices that include an application processor. The application processor includes an interface logic to interface with a communication module using a bidirectional interconnect link compliant with a peripheral component interconnect express (PCIe) protocol. The interface logic to receive a data packet from across the link, the data packet comprises a header and data payload; determine a hint bit set in the header of the data packet; determine a steering tag value in the data packet header based on the hint bit set; and transmit the data payload to non-volatile memory based on the steering tag set in the header.

公开(公告)号：US12189542B2

公开(公告)日：2025-01-07

申请号：US17543267

申请日：2021-12-06

Applicant: Intel Corporation

Inventor： Reshma Lal ,  Pradeep M. Pappachan ,  Luis Kida ,  Krystof Zmudzinski ,  Siddhartha Chhabra ,  Abhishek Basak ,  Alpa Narendra Trivedi ,  Anna Trikalinou ,  David M. Lee ,  Vedvyas Shanbhogue ,  Utkarsh Y. Kakaiya

IPC: G06F12/14 ,  G06F9/38 ,  G06F9/455 ,  G06F12/0802 ,  G06F21/57 ,  G06F21/60 ,  G06F21/64 ,  G06F21/76 ,  G06F21/79 ,  H04L9/06 ,  H04L9/08 ,  H04L9/32 ,  H04L41/046 ,  H04L41/28

Abstract: Technologies for secure device configuration and management include a computing device having an I/O device. A trusted agent of the computing device is trusted by a virtual machine monitor of the computing device. The trusted agent securely commands the I/O device to enter a trusted I/O mode, securely commands the I/O device to set a global lock on configuration registers, receives configuration data from the I/O device, and provides the configuration data to a trusted execution environment. In the trusted I/O mode, the I/O device rejects a configuration command if a configuration register associated with the configuration command is locked and the configuration command is not received from the trusted agent. The trusted agent may provide attestation information to the trusted execution environment. The trusted execution environment may verify the configuration data and the attestation information. Other embodiments are described and claimed.

公开(公告)号：US10884758B2

公开(公告)日：2021-01-05

申请号：US15640524

申请日：2017-07-01

Applicant: Intel Corporation

Inventor： Georges Manuel Faure Vaquero ,  John Cruz Mejia ,  Scott M. Rider ,  David M. Lee

IPC: G06F11/00 ,  G06F9/4401 ,  G06F11/14 ,  G06F11/30 ,  G06F11/07 ,  G06F13/00

Abstract: Aspects of the embodiments are directed to propagating an in-band hot reset through an add-in card compliant with a peripheral component interconnect express (PCIe) protocol. A host system can transmit an in-band hot reset to the add-in card across a link compliant with the PCIe protocol. A non-transparent bridge (NTB) on the add-in card can receive the in-band hot reset and reset configuration registers on the NTB. A system management controller can poll the NTB register values to determine that the polled configuration registers are different from expected values stored on an electrically erasable programmable random access memory (EEPROM). The SMC can signal a warm reset to a peripheral component based on the determination that the polled configuration register value is different from the expected register value.

公开(公告)号：US10599178B2

公开(公告)日：2020-03-24

申请号：US16036419

申请日：2018-07-16

Applicant: Intel Corporation

Inventor： Michael C. Rifani ,  Alan B. Kyker ,  Alan S. Geist ,  David M. Lee

IPC: G06F1/12 ,  G06F13/42

Abstract: Some implementations disclosed herein provide techniques and arrangements for transferring data between asynchronous clock domains. A synchronization signal may be generated by a first of the clock domains, and data may be transferred between the domains in response to the synchronization signal. Clock cycles of the second of the clock domains may be monitored in comparison to the synchronization signal to report the number of second clock domain cycles occurring per occurrence of the synchronization signal. This information may be recorded by testing and validation equipment to facilitate error analyses.