公开(公告)号：US12222873B2

公开(公告)日：2025-02-11

申请号：US17473468

申请日：2021-09-13

Applicant: Intel Corporation

Inventor： Rupin Vakharwala ,  Vedvyas Shanbhogue

IPC: G06F12/1027 ,  G06F13/16 ,  G06F13/42

Abstract: Embodiments described herein may include apparatus, systems, techniques, or processes that are directed to PCIe Address Translation Service (ATS) to allow devices to have a DevTLB that caches address translation (per page) information in conjunction with a Device ProcessInfoCache (DevPIC) that will store process specific information. Other embodiments may be described and/or claimed.

公开(公告)号：US11921646B2

公开(公告)日：2024-03-05

申请号：US17842094

申请日：2022-06-16

Applicant: Intel Corporation

Inventor： David Koufaty ,  Rajesh Sankaran ,  Anna Trikalinou ,  Rupin Vakharwala

IPC: G06F12/14 ,  G06F12/0862 ,  G06F12/1009 ,  G06F13/16 ,  G06F13/42

CPC classification number: G06F12/1483 ,  G06F12/0862 ,  G06F12/1009 ,  G06F13/1668 ,  G06F13/4282 ,  G06F2212/1052 ,  G06F2212/305 ,  G06F2212/6028 ,  G06F2213/0026

Abstract: Embodiments are directed to providing a secure address translation service. An embodiment of a system includes memory for storage of data, an IOMMU coupled to the memory, and a host-to-device link to couple the IOMMU with one or more devices and to operate as a translation agent on behalf of one or more devices in connection with memory operations relating to the memory, including receiving a translated request from a discrete device via the host-to-device link specifying a memory operation and a physical address within the memory pertaining to the memory operation, determining page access permissions assigned to a context of the discrete device for a physical page of the memory within which the physical address resides, allowing the memory operation to proceed when the page access permissions permit the memory operation, and blocking the memory operation when the page access permissions do not permit the memory operation.

公开(公告)号：US20230205562A1

公开(公告)日：2023-06-29

申请号：US17560251

申请日：2021-12-23

Applicant: Intel Corporation

Inventor： Abhishek Basak ,  Vedvyas Shanbhogue ,  Rajesh Sankaran ,  Rupin Vakharwala ,  Utkarsh Y. Kakaiya ,  Eric Geisler ,  Ravi Sahita

IPC: G06F9/455 ,  G06F13/42

CPC classification number: G06F9/45558 ,  G06F13/4221 ,  G06F2009/45587 ,  G06F2009/45583 ,  G06F2009/45579 ,  G06F2213/0026

Abstract: Systems, methods, and apparatuses for implementing input/output extensions for trust domains are described. In one example, a hardware processor includes a hardware processor core comprising a trust domain manager to manage one or more hardware isolated virtual machines as a respective trust domain with a region of protected memory, and input/output memory management unit (IOMMU) circuitry coupled between the hardware processor core and an input/output device, wherein the IOMMU circuitry is to, for a request from the input/output device for a direct memory access of a protected memory of a trust domain, allow the direct memory access in response to a field in the request being set to indicate the input/output device is in a trusted computing base of the trust domain.

公开(公告)号：US20230103000A1

公开(公告)日：2023-03-30

申请号：US17485386

申请日：2021-09-25

Applicant: Intel Corporation

Inventor： Rupin Vakharwala ,  Prashant Sethi ,  Rajesh M. Sankaran ,  Philip R. Lantz ,  David J. Harriman ,  Utkarsh Y. Kakaiya ,  Vinay Raghav ,  Ashok Raj ,  Siva Bhanu Krishna Boga

IPC: G06F12/1027 ,  G06F12/0802 ,  G06F13/42

Abstract: Embodiments of apparatuses, methods, and systems for hardware manage address translation services are described. In an embodiment, an apparatus includes a first interconnect, a second interconnect, address translation hardware, a device, a translation lookaside buffer. The address translation hardware is coupled to the interconnect and is to provide a translation of a first address to a second address. The device is coupled to the first interconnect and the second interconnect and is to provide the first address to the address translation hardware through the first interconnect. The translation lookaside buffer includes an entry to store the translation, which is to be provided to the translation lookaside buffer through the first interconnect by the address translation hardware. The device is to access a system memory through the second interconnect using the second address from the entry in the translation lookaside buffer. The second interconnect is in the only path between the device and the system memory.

公开(公告)号：US11900115B2

公开(公告)日：2024-02-13

申请号：US18126920

申请日：2023-03-27

Applicant: Intel Corporation

Inventor： Ashok Raj ,  Andreas Kleen ,  Gilbert Neiger ,  Beeman Strong ,  Jason Brandt ,  Rupin Vakharwala ,  Jeff Huxel ,  Larisa Novakovsky ,  Ido Ouziel ,  Sarathy Jayakumar

IPC: G06F9/30 ,  G06F15/80 ,  G06F9/50 ,  G06F9/48

CPC classification number: G06F9/30098 ,  G06F9/4812 ,  G06F9/5005 ,  G06F15/80

Abstract: An apparatus and method for processing non-maskable interrupt source information. For example, one embodiment of a processor comprises: a plurality of cores comprising execution circuitry to execute instructions and process data; local interrupt circuitry comprising a plurality of registers to store interrupt-related data including non-maskable interrupt (NMI) data related to a first NMI; and non-maskable interrupt (NMI) processing mode selection circuitry, responsive to a request, to select between at least two NMI processing modes to process the first NMI including: a first NMI processing mode in which the plurality of registers are to store first data related to a first NMI, wherein no NMI source information related to a source of the NMI is included in the first data, and a second NMI processing mode in which the plurality of registers are to store both the first data related to the first NMI and second data comprising NMI source information indicating the NMI source.

公开(公告)号：US11169929B2

公开(公告)日：2021-11-09

申请号：US15958591

申请日：2018-04-20

Applicant: Intel Corporation

Inventor： Rupin Vakharwala ,  Amin Firoozshahian ,  Stephen Van Doren ,  Rajesh Sankaran ,  Mahesh Madhav ,  Omid Azizi ,  Andreas Kleen ,  Mahesh Maddury ,  Ashok Raj

IPC: G06F12/1009 ,  G06F3/06 ,  G06F12/0862 ,  G06F9/38 ,  G06F12/1081 ,  G06F12/1045 ,  G06F12/1027

Abstract: A processing device includes a core to execute instructions, and memory management circuitry coupled to, memory, the core and an I/O device that supports page faults. The memory management circuitry includes an express invalidations circuitry, and a page translation permission circuitry. The memory management circuitry is to, while the core is executing the instructions, receive a command to pause communication between the I/O device and the memory. In response to receiving the command to pause the communication, modify permissions of page translations by the page translation permission circuitry and transmit an invalidation request, by the express invalidations circuitry to the I/O device, to cause cached page translations in the I/O device to be invalidated.

公开(公告)号：US11048512B1

公开(公告)日：2021-06-29

申请号：US16833598

申请日：2020-03-28

Applicant: Intel Corporation

Inventor： Ashok Raj ,  Andreas Kleen ,  Gilbert Neiger ,  Beeman Strong ,  Jason Brandt ,  Rupin Vakharwala ,  Jeff Huxel ,  Larisa Novakovsky ,  Ido Ouziel ,  Sarathy Jayakumar

IPC: G06F9/50 ,  G06F9/30 ,  G06F15/80 ,  G06F9/48

Abstract: An apparatus and method for processing non-maskable interrupt source information. For example, one embodiment of a processor comprises: a plurality of cores comprising execution circuitry to execute instructions and process data; local interrupt circuitry comprising a plurality of registers to store interrupt-related data including non-maskable interrupt (NMI) data related to a first NMI; and non-maskable interrupt (NMI) processing mode selection circuitry, responsive to a request, to select between at least two NMI processing modes to process the first NMI including: a first NMI processing mode in which the plurality of registers are to store first data related to a first NMI, wherein no NMI source information related to a source of the NMI is included in the first data, and a second NMI processing mode in which the plurality of registers are to store both the first data related to the first NMI and second data comprising NMI source information indicating the NMI source.

公开(公告)号：US20200026661A1

公开(公告)日：2020-01-23

申请号：US16582919

申请日：2019-09-25

Applicant: Intel Corporation

Inventor： Michael Kounavis ,  David Koufaty ,  Anna Trikalinou ,  Rupin Vakharwala

IPC: G06F12/1027 ,  G06F12/0831 ,  G06F12/0868 ,  G06F12/14 ,  G11C15/04

Abstract: Embodiments are directed to providing a secure address translation service. An embodiment of a system includes a memory for storage of data, an Input/Output Memory Management Unit (IOMMU) coupled to the memory via a host-to-device link the IOMMU to perform operations, comprising receiving a memory access request from a remote device via a host-to-device link, wherein the memory access request comprises a host physical address (HPA) that identifies a physical address within the memory pertaining to the memory access request and a first message authentication code (MAC), generating a second message authentication code (MAC) using the host physical address received with the memory access request and a private key associated with the remote device, and performing at least one of allowing the memory access to proceed when the first MAC and the second MAC match and the HPA is not in an invalidation tracking table (ITT) maintained by the IOMMU; or blocking the memory operation when the first MAC and the second MAC do not match.

公开(公告)号：US20200019515A1

公开(公告)日：2020-01-16

申请号：US16582956

申请日：2019-09-25

Applicant: Intel Corporation

Inventor： David Koufaty ,  Rajesh Sankaran ,  Anna Trikalinou ,  Rupin Vakharwala

IPC: G06F12/14 ,  G06F12/0862 ,  G06F12/1009 ,  G06F13/16 ,  G06F13/42

Abstract: Embodiments are directed to providing a secure address translation service. An embodiment of a system includes DRAM for storage of data, an IOMMU coupled to the DRAM, and a host-to-device link to couple the IOMMU with one or more devices and to operate as a translation agent on behalf of one or more devices in connection with memory operations relating to the DRAM, including receiving a translated request from a discrete device via the host-to-device link specifying a memory operation and a physical address within the DRAM pertaining to the memory operation, determining page access permissions assigned to a context of the discrete device for a physical page of the DRAM within which the physical address resides, allowing the memory operation to proceed when the page access permissions permit the memory operation, and blocking the memory operation when the page access permissions do not permit the memory operation.