公开(公告)号：WO2011078855A1

公开(公告)日：2011-06-30

申请号：PCT/US2009069212

申请日：2009-12-22

Applicant: INTEL CORP ,  MCKEEN FRANCIS X ,  ROZAS CARLOS V ,  SAVAGANKAR UDAY R ,  JOHNSON SIMON P ,  SCARLATA VINCENT R ,  GOLDSMITH MICHAEL A ,  BRICKELL ERNIE ,  LI JIANGTAO ,  HERBERT HOWARD C ,  DEWAN PRASHANT ,  TOLOPKA STEPHEN J ,  NEIGER GILBERT ,  DURHAM DAVID ,  GRAUNKE GARY ,  LINT BERNARD ,  VAN DYKE DON A ,  CIHULA JOSEPH ,  JEYASINGH STALINSELVARAJ ,  VAN DOREN STEPHEN R ,  RODGERS DION ,  GARNEY JOHN

Inventor： MCKEEN FRANCIS X ,  ROZAS CARLOS V ,  SAVAGANKAR UDAY R ,  JOHNSON SIMON P ,  SCARLATA VINCENT R ,  GOLDSMITH MICHAEL A ,  BRICKELL ERNIE ,  LI JIANGTAO ,  HERBERT HOWARD C ,  DEWAN PRASHANT ,  TOLOPKA STEPHEN J ,  NEIGER GILBERT ,  DURHAM DAVID ,  GRAUNKE GARY ,  LINT BERNARD ,  VAN DYKE DON A ,  CIHULA JOSEPH ,  JEYASINGH STALINSELVARAJ ,  VAN DOREN STEPHEN R ,  RODGERS DION ,  GARNEY JOHN

IPC: G06F9/44 ,  G06F12/02 ,  G06F13/14 ,  G06F21/72 ,  G06F21/74

CPC classification number: G06F12/1491 ,  G06F12/0802 ,  G06F12/10 ,  G06F21/72 ,  G06F21/74 ,  G06F2221/2105

Abstract: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.

Abstract translation: 一种在计算机系统内实现安全应用和数据完整性的技术。 在一个实施例中，建立一个或多个安全空间，其中可以存储和执行应用和数据。

公开(公告)号：WO2004061659A3

公开(公告)日：2005-07-28

申请号：PCT/US0338728

申请日：2003-12-04

Applicant: INTEL CORP

Inventor： BENNETT STEVEN ,  NEIGER GILBERT ,  COTA-ROBLES ERIK ,  JEYASINGH STALINSELVARAJ ,  KAGI ALAIN ,  KOZUCH MICHAEL ,  UHLIG RICHARD

IPC: G06F9/455 ,  G06F9/46

CPC classification number: G06F9/45558 ,  G06F2009/4557

Abstract: Methods and systems are provided to control transitions between a virtual machine (VM) and Virtual Machine Monitor (VMM). A processor uses state action indicators to load and/or store associated elements of machine state before completing the transition. The state action indicators may be stored in a Virtual Machine Control Structure (VMCS), predetermined, and/or calculated dynamically. In some embodiments, the values loaded can be directly acquired from the VMCS, predetermined and/or calculated dynamically. In some embodiments, the values stored may be acquired directly from machine state, predetermined and/or calculated dynamically.

Abstract translation: 提供了方法和系统来控制虚拟机（VM）和虚拟机监视器（VMM）之间的转换。 在完成转换之前，处理器使用状态动作指示器来加载和/或存储机器状态的相关元件。 状态动作指示符可以存储在虚拟机控制结构（VMCS）中，预定的和/或动态地计算。 在一些实施例中，可以从VMCS直接获取加载的值，预先确定和/或动态地计算。 在一些实施例中，存储的值可以直接从机器状态获取，预定和/或动态地计算。

公开(公告)号：WO2004003745A2

公开(公告)日：2004-01-08

申请号：PCT/US0319099

申请日：2003-06-19

Applicant: INTEL CORP

Inventor： UHLIG RICHARD ,  ANDERSON ANDREW ,  BENNETT STEVEN ,  COTA-ROBLES ERIK ,  JEYASINGH STALINSELVARAJ ,  KAGI ALAIN ,  NEIGER GILBERT

IPC: G06F11/07 ,  G06F11/00

CPC classification number: G06F11/0712 ,  G06F11/0751

Abstract: In one embodiment, fault information relating to a fault associated with the operation of guest software is received. Further, a determination is made as to whether the fault information satisfies one or more fault filtering criteria. If the determination is positive, the guest software is permitted to disregard the fault.

Abstract translation: 在一个实施例中，接收与与客户软件的操作相关联的故障有关的故障信息。 此外，确定故障信息是否满足一个或多个故障过滤标准。 如果确定是肯定的，则允许访客软件忽略该错误。

公开(公告)号：WO02056172A3

公开(公告)日：2004-01-08

申请号：PCT/US0150415

申请日：2001-12-20

Applicant: INTEL CORP

Inventor： CHOU STEPHEN ,  NEIGER GILBERT ,  COTA-ROBLES ERIK ,  JEYASINGH STALINSELVARAJ ,  UHLIG RICHARD ,  KAGI ALAIN ,  SCHOENBERG SEBASTIAN

IPC: G06F12/10 ,  G06F9/40 ,  G06F9/455 ,  G06F9/46 ,  G06F12/08

CPC classification number: G06F9/45558 ,  G06F12/0284 ,  G06F12/109 ,  G06F2009/45583

Abstract: In one embodiment, a method for resolving address space conflicts includes detecting that a guest operating system attempts to access a region occupied by a first portion of a virtual machine monitor and relocating the first portion of the virtual machine monitor within the first address space to allow the guest operating system to access the region previously occupied by the first portion of the virtual machine monitor.

Abstract translation: 在一个实施例中，一种用于解决地址空间冲突的方法包括检测客户机操作系统尝试访问由虚拟机监视器的第一部分占据的区域，并将虚拟机监视器的第一部分重新定位在第一地址空间内以允许 访客操作系统访问先前由虚拟机监控器的第一部分占据的区域。

公开(公告)号：WO0175595A3

公开(公告)日：2002-07-25

申请号：PCT/US0108374

申请日：2001-03-14

Applicant: INTEL CORP ,  ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

Inventor： ELLISON CARL M ,  GOLLIVER ROGER A ,  HERBERT HOWARD C ,  LIN DERRICK C ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  RENERIS KEN ,  SUTTON JAMES A ,  THAKKAR SHREEKANT S ,  MITTAL MILLIND

IPC: G06F21/00 ,  G06F12/14

CPC classification number: G06F21/53 ,  G06F9/30189 ,  G06F12/1491 ,  G06F21/567 ,  G06F21/71 ,  G06F21/74 ,  G06F21/85 ,  G06F2221/2105 ,  G06F2221/2141 ,  G06F2221/2145

Abstract: An access transaction generated by a processor is configured using a configuration storage containing a configuration setting. The processor has a normal execution mode and an isolated execution mode. The access transaction has access information. Access to the configuration storage is controlled. An access grant signal is generated using the configuration setting and the access information. The access grant signal indicates if the access transaction is valid.

Abstract translation: 使用包含配置设置的配置存储来配置由处理器生成的访问事务。 处理器具有正常执行模式和隔离执行模式。 访问事务具有访问信息。 控制对配置存储的访问。 使用配置设置和访问信息生成访问许可信号。 访问许可信号指示访问事务是否有效。

公开(公告)号：EP3198402A4

公开(公告)日：2018-06-20

申请号：EP15843881

申请日：2015-08-31

Applicant: INTEL CORP

Inventor： ANVIN H PETER ,  NEIGER GILBERT

IPC: G06F9/30 ,  G06F9/32 ,  G06F9/48 ,  G06F11/07 ,  G06F13/24

CPC classification number: G06F13/24 ,  G06F9/327 ,  G06F9/4812 ,  G11C7/1072

Abstract: A processor of an aspect includes a decode unit to decode an exception handler return instruction. The processor also includes an exception handler return execution unit coupled with the decode unit. The exception handler return execution unit, responsive to the exception handler return instruction, is to not configure the processor to enable delivery of a subsequently received nonmaskable interrupt (NMI) to an NMI handler if an exception, which corresponds to the exception handler return instruction, was taken within the NMI handler. The exception handler return execution unit, responsive to the exception handler return instruction, is to configure the processor to enable the delivery of the subsequently received NMI to the NMI handler if the exception was not taken within the NMI handler. Other processors, methods, systems, and instructions are disclosed.

公开(公告)号：EP3049992A4

公开(公告)日：2017-05-03

申请号：EP14849831

申请日：2014-09-16

Applicant: INTEL CORP

Inventor： CHHABRA SIDDHARTHA ,  SAVAGAONKAR UDAY R ,  GOLDSMITH MICHAEL A ,  JOHNSON SIMON P ,  LESLIE-HURD REBEKAH M ,  MCKEEN FRANCIS X ,  NEIGER GILBERT ,  MAKARAM RAGHUNANDAN ,  ROZAS CARLOS V ,  SANTONI AMY L ,  SCARLATA VINCENT R ,  SHANBHOGUE VEDVYAS ,  SMITH WESLEY H ,  ANATI ITTAI ,  ALEXANDROVICH ILYA

IPC: G06F21/79 ,  G06F12/14

CPC classification number: G06F12/1408 ,  G06F9/45558 ,  G06F12/0808 ,  G06F12/0897 ,  G06F12/1027 ,  G06F2009/45587 ,  G06F2212/1032 ,  G06F2212/1048 ,  G06F2212/152

Abstract: Secure memory repartitioning technologies are described. A processor includes a processor core and a memory controller coupled between the processor core and main memory. The main memory includes a memory range including a section of convertible pages that are convertible to secure pages or non-secure pages. The processor core, in response to a page conversion instruction, is to determine from the instruction a convertible page in the memory range to be converted and convert the convertible page to be at least one of a secure page or a non-secure page. The memory range may also include a hardware reserved section that is convertible in response to a section conversion instruction.

Abstract translation: 描述了安全内存重新分区技术。 处理器包括处理器核心和耦合在处理器核心与主存储器之间的存储器控​​制器。 主存储器包括一个存储器范围，包括一部分可转换页面可转换为安全页面或非安全页面。 响应于页面转换指令，处理器核心根据指令确定要转换的存储器范围中的可转换页面并将可转换页面转换为安全页面或非安全页面中的至少一个。 存储器范围还可以包括响应于区段转换指令而可转换的硬件保留区段。

公开(公告)号：WO2013016345A2

公开(公告)日：2013-01-31

申请号：PCT/US2012047991

申请日：2012-07-24

Applicant: INTEL CORP ,  SANKARAN RAJESH M ,  KOKER ALTUG ,  LANTZ PHILIP ,  MALLICK ASIT K ,  CROSSLAND JAMES B ,  NAVALE ADITVA ,  NEIGER GILBERT ,  ANDERSON ANDREW V

Inventor： SANKARAN RAJESH M ,  KOKER ALTUG ,  LANTZ PHILIP ,  MALLICK ASIT K ,  CROSSLAND JAMES B ,  NAVALE ADITVA ,  NEIGER GILBERT ,  ANDERSON ANDREW V

IPC: G06F12/10 ,  G06F15/80

CPC classification number: G06F12/1027 ,  G06F12/1081 ,  G06F2212/1016 ,  G06F2212/1048 ,  G06F2212/303 ,  G06F2212/682 ,  G06F2212/683

Abstract: Methods and apparatus are disclosed for efficient TLB (translation look-aside buffer) shoot-downs for heterogeneous devices sharing virtual memory in a multi-core system. Embodiments of an apparatus for efficient TLB shoot-downs may include a TLB to store virtual address translation entries, and a memory management unit, coupled with the TLB, to maintain PASID (process address space identifier) state entries corresponding to the virtual address translation entries. The PASID state entries may include an active reference state and a lazy-invalidation state. The memory management unit may perform atomic modification of PASID state entries responsive to receiving PASID state update requests from devices in the multi-core system and read the lazy-invalidation state of the PASID state entries. The memory management unit may send PASID state update responses to the devices to synchronize TLB entries prior to activation responsive to the respective lazy-invalidation state.

Abstract translation: 公开了用于在多核系统中共享虚拟存储器的异构设备的有效TLB（转换后备缓冲器）击穿的方法和装置。 用于有效的TLB击倒的装置的实施例可以包括用于存储虚拟地址转换条目的TLB和与TLB耦合的存储器管理单元，以维护对应于虚拟地址转换条目的PASID（进程地址空间标识符）状态条目 。 PASID状态条目可以包括活动参考状态和惰性无效状态。 响应于从多核系统中的设备接收到PASID状态更新请求并且读取PASID状态条目的惰性无效状态，存储器管理单元可执行PASID状态条目的原子修改。 存储器管理单元可以在响应于相应的惰性无效化状态的激活之前向设备发送PASID状态更新响应以同步TLB条目。

公开(公告)号：WO2006039057A3

公开(公告)日：2006-06-29

申请号：PCT/US2005031471

申请日：2005-09-01

Applicant: INTEL CORP ,  SCHOINAS IOANNIS ,  NEIGER GILBERT ,  MADUKKARUMUKUMANA RAJESH ,  KING KU-JEI ,  UHLIG RICHARD ,  ZAHIR ACHMED ,  YAMADA KOICHI

Inventor： SCHOINAS IOANNIS ,  NEIGER GILBERT ,  MADUKKARUMUKUMANA RAJESH ,  KING KU-JEI ,  UHLIG RICHARD ,  ZAHIR ACHMED ,  YAMADA KOICHI

IPC: G06F12/10

CPC classification number: G06F12/1081 ,  G06F12/1036 ,  G06F12/109

Abstract: An embodiment of the present invention is a technique to enhance address translation performance. A register stores capability indicators to indicate capability supported by a circuit in a chipset for address translation of a guest physical address to a host physical address. A plurality of multi-level page tables is used for page walking in the address translation. Each of the page tables has page entries. Each of the page table entries has at least an entry specifier corresponding to the capability indicated by the capability indicators.

Abstract translation: 本发明的实施例是用于增强地址翻译性能的技术。 寄存器存储能力指示器以指示芯片组中的电路所支持的用于客户物理地址到主机物理地址的地址转换的能力。 多个多级页面表用于地址转换中的页面行进。 每个页表都有页面条目。 每个页表项至少具有与能力指示符所指示的能力相对应的条目说明符。

公开(公告)号：WO2006019914A3

公开(公告)日：2006-06-22

申请号：PCT/US2005024997

申请日：2005-07-14

Applicant: INTEL CORP ,  BRANDT JASON ,  MONDAL SANJOY K ,  UHLIG RICHARD ,  NEIGER GILBERT ,  GEORGE ROBERT

Inventor： BRANDT JASON ,  MONDAL SANJOY K ,  UHLIG RICHARD ,  NEIGER GILBERT ,  GEORGE ROBERT

IPC: G06F12/10 ,  G06F9/455 ,  G06F12/14

CPC classification number: G06F12/1027 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/4843 ,  G06F12/0292 ,  G06F12/0804 ,  G06F12/0891 ,  G06F12/1036 ,  G06F12/1063 ,  G06F12/109 ,  G06F12/12 ,  G06F12/123 ,  G06F2009/45583 ,  G06F2009/45591 ,  G06F2212/1016 ,  G06F2212/152 ,  G06F2212/30 ,  G06F2212/50 ,  G06F2212/604 ,  G06F2212/657 ,  G06F2212/68 ,  G06F2212/683 ,  G06F2212/684 ,  G06F2212/69

Abstract: In one embodiment of the present invention, a method includes switching between a first address space and a second address space, determining if the second address space exists in a list of address spaces; and maintaining entries of the first address space in a translation buffer after the switching. In such manner, overhead associated with such a context switch may be reduced.

Abstract translation: 在本发明的一个实施例中，一种方法包括在第一地址空间和第二地址空间之间切换，确定地址空间列表中是否存在第二地址空间; 并且在切换之后保持翻译缓冲器中的第一地址空间的条目。 以这种方式，可以减少与这种上下文切换相关联的开销。