公开(公告)号：US11360925B2

公开(公告)日：2022-06-14

申请号：US16232014

申请日：2018-12-25

Applicant: Intel Corporation

Inventor： Joshua David Fender ,  Utkarsh Y. Kakaiya

IPC: G06F9/4401 ,  G06F13/38 ,  G06F13/40 ,  G06F8/61 ,  G06F9/445 ,  G06F30/34

Abstract: A method includes receiving at a management component of an FPGA a persona change request and issuing a request by the management component to a reconfigurable PR slot of the FPGA to change a first persona of a first circuit device of the FPGA to a second persona of a second circuit device of the FPGA. The management component, the reconfigurable PR slot, and the first and second circuit devices are configured in the FPGA core. The method includes switching by the reconfigurable PR slot the first persona to the second persona. The method includes issuing a request by the management component, a host re-enumeration of the reconfigurable PR slot, triggering by the host a re-enumeration component a re-enumeration of the reconfigurable PR slot, and exposing by the reconfigurable PR slot the second persona such that the host is reconfigured to recognize the second circuit device.

公开(公告)号：US20210173794A1

公开(公告)日：2021-06-10

申请号：US17131974

申请日：2020-12-23

Applicant: Intel Corporation

Inventor： David Koufaty ,  Anna Trikalinou ,  Utkarsh Y. Kakaiya ,  Ravi Sahita ,  Ramya Jayaram Masti

IPC: G06F12/14 ,  G06F12/1009 ,  G06F12/1045

Abstract: Embodiments are directed to providing a secure address translation service. An embodiment of a system includes a memory device to store memory data in a plurality of physical pages shared by a plurality of devices, a first table to map each page of memory to an associated bundle identifier (ID) that identifies one or more devices having access to a page of memory, a second table to map each bundle ID to page access permissions that define access to one or more pages associated with a bundle ID and a translation agent to receive requests from the plurality of devices to perform memory operations on the memory and determine page access permissions for requests received from the plurality of devices using the first table and the second table

公开(公告)号：US20190042508A1

公开(公告)日：2019-02-07

申请号：US16146466

申请日：2018-09-28

Applicant: Intel Corporation

Inventor： Vinay Raghav ,  David J. Harriman ,  Utkarsh Y. Kakaiya

IPC: G06F13/40 ,  G06F9/30 ,  G06F13/42 ,  G06F12/06

Abstract: A device includes a plurality of ports and a plurality of capability registers that correspond to a respective one of the plurality of ports. The device is to connect to one or more processors of a host device through the plurality of ports, and each of the plurality of ports comprises a respective protocol stack to support a respective link between the corresponding port and the host device according to a particular interconnect protocol. Each of the plurality of capability registers comprises a respective set of fields for use in configuration of the link between its corresponding port and one of the one or more processors of the host device. The fields include a field to indicate an association between the port and a particular processor, a field to indicate a port identifier for the port, and a field to indicate a total number of ports of the device.

公开(公告)号：US20240248792A1

公开(公告)日：2024-07-25

申请号：US18622897

申请日：2024-03-30

Applicant: Intel Corporation

Inventor： Sundar Nadathur ,  Pratik M. Marolia ,  Henry M. Mitchel ,  Joseph J. Grecco ,  Utkarsh Y. Kakaiya ,  David A. Munday

IPC: G06F11/07

CPC classification number: G06F11/0793 ,  G06F11/0706 ,  G06F11/0721 ,  G06F11/0751

Abstract: Systems, methods, and devices for isolating a misbehaving accelerator circuit, such as an accelerator function unit or an accelerated function context, are provided. An integrated circuit may include a region that includes an accelerator circuit. When the accelerator circuit issues a request, another region of the integrated circuit or a processor connected to the integrated circuit may determine whether there is a misbehavior associated with the request and, in response to determining that there is a misbehavior associated with the request, may perform a misbehavior response to mitigate a negative impact of the misbehavior of the accelerator circuit.

公开(公告)号：US20240220622A1

公开(公告)日：2024-07-04

申请号：US18149055

申请日：2022-12-30

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  Eric Geisler ,  Rupin H. Vakharwala ,  Michael Prinke ,  David Koufaty

IPC: G06F21/57

CPC classification number: G06F21/57 ,  G06F2221/033

Abstract: Circuitry and methods for implementing address translation extensions for confidential computing hosts are described. In certain examples, a system includes a hardware processor core to implement a trust domain manager to manage one or more hardware isolated virtual machines as a respective trust domain with a region of protected memory; an input/output device coupled to the hardware processor core; and input/output memory management unit (IOMMU) circuitry comprising trusted direct memory access translation data and coupled between the hardware processor core and the input/output device, wherein the IOMMU circuitry is to, for a request from the input/output device for a direct memory access of a protected memory of a trust domain: in response to a field in the request being set to indicate the input/output device is in a trusted computing base of the trust domain and an entry in the trusted direct memory access translation data being set into an active state by the trust domain manager, allow the direct memory access by the input/output device.

公开(公告)号：US11907744B2

公开(公告)日：2024-02-20

申请号：US16911445

申请日：2020-06-25

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  Sanjay K. Kumar ,  Philip Lantz ,  Gilbert Neiger ,  Rajesh Sankaran ,  Vedvyas Shanbhogue

IPC: G06F9/455 ,  G06F9/30 ,  G06F9/50 ,  G06F9/54

CPC classification number: G06F9/45558 ,  G06F9/30098 ,  G06F9/5005 ,  G06F9/546 ,  G06F2009/4557 ,  G06F2009/45579

Abstract: In one embodiment, a processor comprises: a first configuration register to store quality of service (QoS) information for a process address space identifier (PASID) value associated with a first process; and an execution circuit coupled to the first configuration register, where the execution circuit, in response to a first instruction, is to obtain command data from a first location identified in a source operand of the first instruction, insert the QoS information and the PASID value into the command data, and send a request comprising the command data to a device coupled to the processor, to enable the device to use the QoS information of a plurality of requests to manage sharing between a plurality of processes. Other embodiments are described and claimed.

公开(公告)号：US11816040B2

公开(公告)日：2023-11-14

申请号：US17712109

申请日：2022-04-02

Applicant: Intel Corporation

Inventor： Vidhya Krishnan ,  Siddhartha Chhabra ,  David Puffer ,  Ankur Shah ,  Daniel Nemiroff ,  Utkarsh Y. Kakaiya

IPC: G06F12/00 ,  G06F12/14 ,  G06F11/10 ,  G06F12/02

CPC classification number: G06F12/1433 ,  G06F11/1004 ,  G06F12/0292 ,  G06F12/1408 ,  G06F12/1466 ,  G06F12/1483

Abstract: Device memory protection for supporting trust domains is described. An example of a computer-readable storage medium includes instructions for allocating device memory for one or more trust domains (TDs) in a system including one or more processors and a graphics processing unit (GPU); allocating a trusted key ID for a TD of the one or more TDs; creating LMTT (Local Memory Translation Table) mapping for address translation tables, the address translation tables being stored in a device memory of the GPU; transitioning the TD to a secure state; and receiving and processing a memory access request associated with the TD, processing the memory access request including accessing a secure version of the address translation tables.

公开(公告)号：US20230289433A1

公开(公告)日：2023-09-14

申请号：US18154334

申请日：2023-01-13

Applicant: Intel Corporation

Inventor： Utkarsh Y. Kakaiya ,  Jiewen Yao

IPC: G06F21/53

CPC classification number: G06F21/53 ,  G06F2221/033

Abstract: Systems, methods, and apparatuses for implementing device security manager architecture for trusted execution environment input/output (TEE-IO) capable system-on-a-chip integrated devices are described. In one example, a system includes a hardware processor core configurable to implement a trust domain manager to manage one or more virtual machines as a respective trust domain isolated from a virtual machine monitor, and an input/output device coupled to the hardware processor core and comprising a device security manager circuit, wherein the device security manager circuit is to, in response to an trusted request from the trust domain manager to a control interface of the device security manager circuit, access a state of a trusted device interface of the input/output device for a trust domain of the trust domain manager, and provide a corresponding response to the trust domain manager.

公开(公告)号：US11734209B2

公开(公告)日：2023-08-22

申请号：US17550977

申请日：2021-12-14

Applicant: Intel Corporation

Inventor： Sanjay Kumar ,  Rajesh M. Sankaran ,  Philip R. Lantz ,  Utkarsh Y. Kakaiya ,  Kun Tian

IPC: G06F13/28 ,  G06F13/24 ,  G06F9/455 ,  G06F9/48

CPC classification number: G06F13/24 ,  G06F9/45558 ,  G06F9/4812 ,  G06F2009/45579

Abstract: Implementations of the disclosure provide processing device comprising: an interrupt managing circuit to receive an interrupt message directed to an application container from an assignable interface (AI) of an input/output (I/O) device. The interrupt message comprises an address space identifier (ASID), an interrupt handle and a flag to distinguish the interrupt message from a direct memory access (DMA) message. Responsive to receiving the interrupt message, a data structure associated with the interrupt managing circuit is identified. An interrupt entry from the data structure is selected based on the interrupt handle. It is determined that the ASID associated with the interrupt message matches an ASID in the interrupt entry. Thereupon, an interrupt in the interrupt entry is forwarded to the application container.

公开(公告)号：US20230032236A1

公开(公告)日：2023-02-02

申请号：US17875198

申请日：2022-07-27

Applicant: Intel Corporation

Inventor： Rajesh M. Sankaran ,  Philip R. Lantz ,  Narayan Ranganathan ,  Saurabh Gayen ,  Sanjay Kumar ,  Nikhil Rao ,  Dhananjay A. Joshi ,  Hai Ming Khor ,  Utkarsh Y. Kakaiya

IPC: G06F3/06

Abstract: Methods and apparatus relating to data streaming accelerators are described. In an embodiment, a hardware accelerator such as a Data Streaming Accelerator (DSA) logic circuitry provides high-performance data movement and/or data transformation for data to be transferred between a processor (having one or more processor cores) and a storage device. Other embodiments are also disclosed and claimed.