公开(公告)号：US11550917B2

公开(公告)日：2023-01-10

申请号：US16457184

申请日：2019-06-28

Applicant: Intel Corporation

Inventor： Aditya Katragada ,  Prashant Dewan ,  Karunakara Kotary ,  Vinupama Godavarthi ,  Kumar Dwarakanath ,  Alex Izbinsky ,  Purushottam Goel

IPC: G06F21/57 ,  G06F21/72 ,  G06F9/445

Abstract: There is disclosed in one example, a system-on-a-chip (SoC), including: a processor core; a fabric; an intellectual property (IP) block communicatively coupled to the processor core via the fabric, the IP block having a microcontroller configured to provide a microcontroller architecture; a firmware load interface configured to provide a standardized hardware interface to the microcontroller architecture, wherein the standardized hardware interface provides an architecture-agnostic mechanism to securely load a firmware to the intellectual property block; and logic to provide a loader to load a firmware to the IP block via the firmware load interface.

公开(公告)号：US20200225994A1

公开(公告)日：2020-07-16

申请号：US16832372

申请日：2020-03-27

Applicant: Intel Corporation

Inventor： Pannerkumar Rajagopal ,  Murali R. Iyengar ,  Karunakara Kotary ,  Ovais Pir ,  Sagar C. Pawar ,  Prakash Pillai ,  Raghavendra N. ,  Aneesh A. Tuljapurkar

IPC: G06F9/50 ,  G06F9/4401 ,  G06F9/54 ,  G06F12/1009 ,  G06T1/60

Abstract: Described is a system where memory can be allocated for use by an adapter pre-boot and preserved for use post-boot. A BIOS can allocate for pre-boot hardware operations (e.g., graphics drivers, framebuffers, etc.) and mark this allocated memory as preserved. An indication of the allocated memory can be provided for an OS, such that post-boot, the OS can reclaim and reallocate this memory.

公开(公告)号：US10585721B2

公开(公告)日：2020-03-10

申请号：US15558116

申请日：2016-03-21

Applicant: Intel Corporation

Inventor： Peter S. Adamson ,  Nivedita Aggarwal ,  Karunakara Kotary ,  Abdul Rahman Ismail ,  Tin-Cheung Kung ,  David T. Hines ,  Chia-Hung Sophia Kuo ,  Ajay V. Bhatt ,  Karthi R. Vadivelu ,  Prashant Sethi

IPC: G06F9/54

Abstract: Particular embodiments described herein provide for an electronic device that can receive data from an operating system in an electronic device, where the data is related to hardware that is in communication with the electronic device through a multimodal interface and communicate the data and/or related data to a local policy manager, where the local policy manager is in communication with the multimodal interface. The multimodal interface can be configured to support power transfers, directionality, and multiple input/output (I/O) protocols on the same interface.

公开(公告)号：US10248428B2

公开(公告)日：2019-04-02

申请号：US15300086

申请日：2014-04-28

Applicant: INTEL CORPORATION

Inventor： Karunakara Kotary ,  Nicholas J. Yoke ,  Brett P. Wang ,  Genliu Xing

IPC: G06F9/4401 ,  G06F21/57 ,  G06F21/72 ,  G06F3/06 ,  G06F12/14 ,  H04L9/32

Abstract: Technologies for securely booting a computing device includes a security engine of the computing device that consecutively determines a hash value for each block of initial boot firmware and generates an aggregated hash value from the hash value determined for each of the blocks. A processor of the computing device determines whether the aggregated hash value matches a reference checksum value. Initialization of the processor is completed in response to a determination that the aggregated hash value matches the reference checksum value. In some embodiments, the security engine consecutively retrieves each block of the initial boot firmware from a memory of the computing device, stores each retrieved block in a secure memory of the security engine, and determines the hash value for each stored block. Each block stored in the secure memory is copied to a portion of a cache memory of the processor initialized as Cache as RAM.

公开(公告)号：US20180173294A1

公开(公告)日：2018-06-21

申请号：US15387214

申请日：2016-12-21

Applicant: Intel Corporation

Inventor： Karunakara Kotary ,  Ashish Hira ,  Krishnakumar Narasimhan

IPC: G06F1/32 ,  G06F9/44

CPC classification number: G06F1/3234 ,  G06F1/3228 ,  G06F9/4416 ,  G06F9/4418

Abstract: Technologies for secure hybrid standby power management include a computing device with a processor supporting low-power idle standby. An operating system writes a power management sleep request, such as an ACPI S3 request, to a power management control register of the computing device. The processor traps the write to the power management control register and executes a firmware sleep mapper that causes the processor to enter an idle standby power state such as S0ix. The firmware sleep mapper may be included in a firmware isolated memory region. The address of the firmware sleep mapper may be included in a model-specific register of the processor. The processor may verify the firmware sleep mapper before execution. In response to a wake event, the processor resumes the firmware sleep mapper, which switches the processor to real mode and jumps to a waking vector of the operating system. Other embodiments are described and claimed.

公开(公告)号：US20210096840A1

公开(公告)日：2021-04-01

申请号：US16988976

申请日：2020-08-10

Applicant: Intel Corporation

Inventor： Karunakara Kotary ,  Michael Kubacki ,  Sean Dardis

IPC: G06F8/65 ,  G06F9/4401 ,  G06F21/44 ,  G06F21/57 ,  G06F8/654

Abstract: Systems, apparatuses and methods may provide for technology that assumes, by a root of trust located in a trusted region of a system on chip (SOC), control over a reset of the SOC and conducting, by the root of trust, an authentication of an update package in response to an update condition. The root of trust technology may also apply the update package to firmware located in non-volatile memory (NVM) associated with a microcontroller of the SOC if the authentication is successful.

公开(公告)号：US20210026649A1

公开(公告)日：2021-01-28

申请号：US17028315

申请日：2020-09-22

Applicant: Intel Corporation

Inventor： Karunakara Kotary ,  Pannerkumar Rajagopal ,  Satish Muthiyalu ,  Rajesh Poornachandran

IPC: G06F9/4401 ,  G06F9/451 ,  G06F9/445 ,  G06F12/0873 ,  G06F11/30 ,  G06F11/34 ,  G06F13/16 ,  G06F13/40 ,  G06F1/3212 ,  G11C11/406

Abstract: Systems, apparatuses and methods may provide for technology that enables, during a boot sequence, a first set of ranks in a memory module based on a battery status and a user interface and disables, during the boot sequence, a second set of ranks in the memory module based on the battery status and the user interface. The technology may also generate a map between a system address space and a first set of banks in the first set of ranks and exclude a second set of banks in the first set of ranks from the map.

公开(公告)号：US10802998B2

公开(公告)日：2020-10-13

申请号：US15083961

申请日：2016-03-29

Applicant: Intel Corporation

Inventor： Karunakara Kotary ,  Gaurav Khanna ,  Abhinav R. Karhu

IPC: G06F13/24 ,  G06F9/4401

Abstract: Technologies for processor core soft-offlining include a computing device having a processor with multiple processor cores. On boot, an operating system queries a firmware interface to retrieve a potential offline set of processor cores. The operating system prevents the processor cores of the potential offline set from receiving device interrupts. The computing device detects a platform management event from the firmware interface and, in response to the platform management event, queries the firmware interface to determine a requested offline set of processor cores. Each of the processor cores in the requested offline set is included in the potential offline set. The computing device brings the processor cores of the requested offline set into a low-power state, and then the computing device may start performing a platform management operation. The platform management event may include a memory hot-plug event or a specialized workload event. Other embodiments are described and claimed.

公开(公告)号：US20200226260A1

公开(公告)日：2020-07-16

申请号：US16832147

申请日：2020-03-27

Applicant: Intel Corporation

Inventor： Nivedita Aggarwal ,  Anoop Mukker ,  Michael Berger ,  Karunakara Kotary ,  Arijit Chattopadhyay ,  Rajesh Poornachandran

IPC: G06F21/57 ,  G06F21/56 ,  G06F11/14

Abstract: An apparatus to facilitate firmware resiliency in a computer system platform is disclosed. The apparatus comprises a first non-volatile memory to store primary firmware for a computer system platform, a second non-volatile memory to store a firmware copy of the primary firmware and a resiliency hardware, coupled to the first non-volatile memory via the system fabric, to detect unauthorized access to the primary firmware and restore the primary firmware stored in the first non-volatile memory with the firmware copy.

公开(公告)号：US10552613B2

公开(公告)日：2020-02-04

申请号：US15715773

申请日：2017-09-26

Applicant: INTEL CORPORATION

Inventor： Krishnakumar Narasimhan ,  Sudhakar Otturu ,  Karunakara Kotary ,  Vincent J. Zimmer

IPC: G06F21/57 ,  G06F21/44 ,  G06F21/62 ,  G06F8/65

Abstract: A computing device that implements a secure and transparent firmware update process is provided. The computing device includes a secure memory area and a secure device that separately executes firmware updates in parallel with other processes executed by a CPU. The secure memory area may be allocated by the CPU and/or a memory controller using any of a variety of memory protection techniques. System software executed by the CPU receives update firmware requests from a trusted source, stores a firmware payload included in these requests in the secure memory area, and executes the next scheduled process. Firmware executed by the secure device retrieves the firmware payload from the secure memory area, authenticates the firmware payload, and applies the firmware payload to a firmware storage device. The secure device performs these acts transparently from the point of view of the CPU, these avoiding consumption of resources of the CPU.