公开(公告)号：US20220413886A1

公开(公告)日：2022-12-29

申请号：US17359117

申请日：2021-06-25

Applicant: Intel Corporation

Inventor： SCOTT GRIFFY ,  DAVID BRONLEEWE ,  HORMUZD KHOSRAVI ,  SIDDHARTHA CHHABRA

IPC: G06F9/455 ,  G06F21/60 ,  G06F15/173

Abstract: Systems, methods, and apparatuses to support encrypted remote direct memory access for live migration of a virtual machine are described. In one embodiment, a first computer system includes an encryption circuit in a hardware processor of the first computer system to encrypt data, a memory controller circuit, of the first computer system, comprising a port to couple to a network interface controller circuit, a direct memory access engine circuit of the first computer system to access a memory in the first computer system, and the hardware processor to, for a request to perform a live migration of a virtual machine from the first computer system to a second computer system via the network interface controller circuit: encrypt code and data of the virtual machine from the memory with an encryption key by the encryption circuit of the hardware processor, store the encrypted code and data of the virtual machine within a migration buffer of the memory of the first computer system by the direct memory access engine circuit, and cause the network interface controller circuit to send the encrypted code and data of the virtual machine from the migration buffer to the second computer system via the network interface controller circuit without the network interface controller circuit performing an additional encryption.

公开(公告)号：US20220100679A1

公开(公告)日：2022-03-31

申请号：US17033745

申请日：2020-09-26

Applicant: Intel Corporation

Inventor： MAHESH NATU ,  ANAND K. ENAMANDRAM ,  MANJULA PEDDIREDDY ,  ROBERT A. BRANCH ,  TIFFANY J. KASANICKY ,  SIDDHARTHA CHHABRA ,  HORMUZD KHOSRAVI

IPC: G06F12/14 ,  G06F12/02 ,  G06F9/30

Abstract: Systems, methods, and apparatuses to implement spatially unique and location independent persistent memory encryption are described. In one embodiment, a system on a chip (SoC) includes at least one persistent range register to indicate a persistent range of memory, an address modifying circuit to check if an address for a memory store request is within the persistent range indicated by the at least one persistent range register, and append a unique identifier value, for a component corresponding to the memory store request for the address, to the address to generate a modified address and output the modified address as an output address when the address is within the persistent range, and output the address as the output address when the address is not within the persistent range, and an encryption engine circuit to generate a ciphertext based on the output address.