公开(公告)号：US07013481B1

公开(公告)日：2006-03-14

申请号：US09541667

申请日：2000-03-31

Applicant: Carl M. Ellison ,  Roger A. Golliver ,  Howard C. Herbert ,  Derrick C. Lin ,  Francis X. McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James A. Sutton ,  Shreekant S. Thakkar ,  Millind Mittal

Inventor： Carl M. Ellison ,  Roger A. Golliver ,  Howard C. Herbert ,  Derrick C. Lin ,  Francis X. McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James A. Sutton ,  Shreekant S. Thakkar ,  Millind Mittal

IPC: G06F11/30

CPC classification number: G06F12/1491 ,  G06F21/57 ,  G06F2221/2105

Abstract: In an embodiment of the present invention, a technique is provided for remote attestation. An interface maps a device via a bus to an address space of a chipset in a secure environment for an isolated execution mode. The secure environment is associated with an isolated memory area accessible by at least one processor. The at least one processor operates in one of a normal execution mode and the isolated execution mode. A communication storage corresponding to the address space allows the device to exchange security information with the at least one processor in the isolated execution mode in a remote attestation.

Abstract translation: 在本发明的实施例中，提供了用于远程证明的技术。 接口将设备通过总线映射到安全环境中的芯片组的地址空间，用于隔离执行模式。 安全环境与由至少一个处理器可访问的隔离存储器区域相关联。 所述至少一个处理器以正常执行模式和隔离执行模式之一进行操作。 对应于地址空间的通信存储器允许设备在远程证明中以隔离执行模式与至少一个处理器交换安全信息。

公开(公告)号：US06996710B1

公开(公告)日：2006-02-07

申请号：US09538951

申请日：2000-03-31

Applicant: Carl M. Ellison ,  Roger A. Golliver ,  Howard C. Herbert ,  Derrick C. Lin ,  Francis X. McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James A. Sutton ,  Shreekant S. Thakkar ,  Millind Mittal

Inventor： Carl M. Ellison ,  Roger A. Golliver ,  Howard C. Herbert ,  Derrick C. Lin ,  Francis X. McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James A. Sutton ,  Shreekant S. Thakkar ,  Millind Mittal

IPC: H04L9/00

CPC classification number: H04L9/3263 ,  H04L9/0861 ,  H04L9/3271 ,  H04L2209/12

Abstract: In one embodiment, a method for certifying an attestation key comprises generating a remote attestation key pair within a platform and producing a certificate. The certificate includes a public attestation key to attest that a private attestation key, corresponding to the public attestation key, is stored in hardware-protected memory.

Abstract translation: 在一个实施例中，用于证明认证密钥的方法包括在平台内生成远程认证密钥对并产生证书。 证书包括公开证明密钥，证明对应于公共认证密钥的私有认证密钥存储在硬件保护的存储器中。

公开(公告)号：US20050188198A1

公开(公告)日：2005-08-25

申请号：US11115829

申请日：2005-04-26

Applicant: Carl Ellison ,  Roger Golliver ,  Howard Herbert ,  Derrick Lin ,  Francis McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James Sutton ,  Shreekant Thakkar ,  Millind Mittal

Inventor： Carl Ellison ,  Roger Golliver ,  Howard Herbert ,  Derrick Lin ,  Francis McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James Sutton ,  Shreekant Thakkar ,  Millind Mittal

IPC: G06F12/14 ,  G06F15/00 ,  G06F21/00 ,  H04L9/00

CPC classification number: G06F12/1491 ,  G06F21/57 ,  G06F21/74

Abstract: An example processing system comprises a processor to execute in an isolated execution mode in a ring 0 operating mode. The processor also supports one or more higher ring operating modes, as well as a normal execution mode. The processing system also comprises memory, as well as a machine-accessible medium having instructions. When the processing system executes the instructions, the processing system configures the processor to run in the isolated execution mode, configures the processing system to establish an isolated memory area in the memory, and loads initialization software into the isolated memory area. The processing system may provide a manifest that represents the initialization software. The initialization software may be verified, based at least in part on the manifest.

Abstract translation: 示例处理系统包括处理器，其以环0操作模式以孤立执行模式执行。 处理器还支持一个或多个较高环操作模式以及正常执行模式。 处理系统还包括存储器以及具有指令的机器可访问介质。 当处理系统执行指令时，处理系统将处理器配置为以隔离执行模式运行，配置处理系统以在存储器中建立隔离的存储器区域，并将初始化软件加载到隔离存储器区域中。 处理系统可以提供表示初始化软件的清单。 至少部分地基于清单来验证初始化软件。

公开(公告)号：US06934817B2

公开(公告)日：2005-08-23

申请号：US10683542

申请日：2003-10-10

Applicant: Carl M. Ellison ,  Roger A. Golliver ,  Howard C. Herbert ,  Derrick C. Lin ,  Francis X. McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James A. Sutton ,  Shreekant S. Thakkar ,  Millind Mittal

Inventor： Carl M. Ellison ,  Roger A. Golliver ,  Howard C. Herbert ,  Derrick C. Lin ,  Francis X. McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James A. Sutton ,  Shreekant S. Thakkar ,  Millind Mittal

IPC: G06F12/14

CPC classification number: G06F12/1491 ,  G06F12/1441

Abstract: The present invention provides a method, apparatus, and system for controlling memory accesses to multiple memory zones in an isolated execution environment. A processor having a normal execution mode and an isolated execution mode generates an access transaction. The access transaction is configured using a configuration storage that stores configuration settings. The configuration settings include a plurality of subsystem memory range settings defining memory zones. The access transaction also includes access information. A multi-memory zone access checking circuit, coupled to the configuration storage, checks the access transaction using at least one of the configuration settings and the access information. The multi-memory zone access checking circuit generates an access grant signal if the access transaction is valid.

Abstract translation: 本发明提供一种用于控制在隔离执行环境中对多个存储区的存储器访问的方法，装置和系统。 具有正常执行模式和隔离执行模式的处理器生成访问事务。 访问事务使用存储配置设置的配置存储进行配置。 配置设置包括定义存储器区域的多个子系统存储器范围设置。 访问事务还包括访问信息。 耦合到配置存储器的多存储器区域访问检查电路使用配置设置和访问信息中的至少一个来检查访问事务。 如果访问事务有效，则多存储区访问检查电路产生访问授权信号。

公开(公告)号：US20050066153A1

公开(公告)日：2005-03-24

申请号：US10461782

申请日：2003-06-12

Applicant: Harshvardhan Sharangpani ,  Tse-Yu Yeh ,  Michael Paul Corwin ,  Millind Mittal ,  Kent Fielden ,  Dale Morris ,  Rajiv Gupta ,  Michael Schlansker ,  Mircea Poplingher

Inventor： Harshvardhan Sharangpani ,  Tse-Yu Yeh ,  Michael Paul Corwin ,  Millind Mittal ,  Kent Fielden ,  Dale Morris ,  Rajiv Gupta ,  Michael Schlansker ,  Mircea Poplingher

IPC: G06F9/32 ,  G06F9/38 ,  G06F15/00 ,  G06F7/38 ,  G06F9/00 ,  G06F9/44

CPC classification number: G06F9/3806 ,  G06F9/322 ,  G06F9/325 ,  G06F9/3844 ,  G06F9/3846

Abstract: A branch operation is processed using a branch predict instruction and an associated branch instruction. The branch predict instruction indicates a predicted direction, a target address, and an instruction address for the associated branch instruction. When the branch predict instruction is detected, the target address is stored at an entry indicated by the associated branch instruction address and a prefetch request is triggered to the target address. The branch predict instruction may also include hint information for managing the storage and use of the branch prediction information.

Abstract translation: 使用分支预测指令和相关联的分支指令来处理分支操作。 分支预测指示指示相关联的分支指令的预测方向，目标地址和指令地址。 当检测到分支预测指令时，目标地址被存储在由关联的分支指令地址指示的条目上，并且预取请求被触发到目标地址。 分支预测指令还可以包括用于管理分支预测信息的存储和使用的提示信息。

公开(公告)号：US06633963B1

公开(公告)日：2003-10-14

申请号：US09618489

申请日：2000-07-18

Applicant: Carl M. Ellison ,  Roger A. Golliver ,  Howard C. Herbert ,  Derrick C. Lin ,  Francis X. McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James A. Sutton ,  Shreekant S. Thakkar ,  Millind Mittal

Inventor： Carl M. Ellison ,  Roger A. Golliver ,  Howard C. Herbert ,  Derrick C. Lin ,  Francis X. McKeen ,  Gilbert Neiger ,  Ken Reneris ,  James A. Sutton ,  Shreekant S. Thakkar ,  Millind Mittal

IPC: G06F1206

CPC classification number: G06F12/1491 ,  G06F12/1441

Abstract: A processor having a normal execution mode and an isolated execution mode generates an access transaction. The access transaction is configured using a configuration storage that stores configuration settings. The configuration settings include a plurality of subsystem memory range settings defining memory zones. The access transaction also includes access information. A multi-memory zone access checking circuit, coupled to the configuration storage, checks the access transaction using at least one of the configuration settings and the access information. The multi-memory zone access checking circuit generates an access grant signal if the access transaction is valid.

Abstract translation: 具有正常执行模式和隔离执行模式的处理器生成访问事务。 访问事务使用存储配置设置的配置存储进行配置。 配置设置包括定义存储器区域的多个子系统存储器范围设置。 访问事务还包括访问信息。 耦合到配置存储器的多存储器区域访问检查电路使用配置设置和访问信息中的至少一个来检查访问事务。 如果访问事务有效，则多存储区访问检查电路生成访问许可信号。

公开(公告)号：US06308262B1

公开(公告)日：2001-10-23

申请号：US09163521

申请日：1998-09-30

Applicant: Millind Mittal

Inventor： Millind Mittal

IPC: G06F1500

CPC classification number: G06F9/30189 ,  G06F9/3836 ,  G06F9/3842 ,  G06F9/3885

Abstract: An apparatus and method for performing efficient processing of instructions is described. In one embodiment, a processor comprises a storage area to store a data operand and a control unit that is coupled to the storage area. A first circuit is coupled to the storage area and the control unit, which performs a first operation under a first condition. A second circuit is coupled to the storage area and the control unit, which performs a second operation under a second condition. The control unit operates on data elements in the data operand to process an instruction, and determines if processing of the instruction is to be performed under the second condition. If so, the second circuit is selected to process the instruction, otherwise the first circuit is selected to process the instruction. Various embodiments are disclosed.

Abstract translation: 描述用于执行指令的有效处理的装置和方法。 在一个实施例中，处理器包括用于存储数据操作数的存储区域和耦合到存储区域的控制单元。 第一电路耦合到存储区域和控制单元，其在第一条件下执行第一操作。 第二电路耦合到存储区域和控制单元，其在第二条件下执行第二操作。 控制单元对数据操作数中的数据单元进行操作以处理指令，并且确定在第二条件下是否执行指令的处理。 如果是这样，则选择第二个电路来处理指令，否则选择第一个电路来处理指令。 公开了各种实施例。

公开(公告)号：US06192464B1

公开(公告)日：2001-02-20

申请号：US09001255

申请日：1997-12-31

Applicant: Millind Mittal

Inventor： Millind Mittal

IPC: G06F938

CPC classification number: G06F9/3017 ,  G06F9/384 ,  G06F9/3875

Abstract: In one aspect the present invention provides for a method for executing a sequence of instructions in a processor. The method comprises decoding a first the instructions into one or more first micro-ops, renaming destination registers identified in a first portion of the first micro-ops by reassigning available additional physical registers for the destination registers, and decoding a second portion of the first micro-ops into one or more second micro-ops. The act of renaming has renamed a destination register of at least one micro-op of the second portion of the first micro-ops. The method executes a third portion of the first and the second micro-ops.

Abstract translation: 在一个方面，本发明提供了一种用于在处理器中执行指令序列的方法。 该方法包括首先将指令解码为一个或多个第一微操作，通过重新分配用于目的地寄存器的可用附加物理寄存器来重命名在第一微操作的第一部分中识别的目的地寄存器，以及对第一微操作的第二部分进行解码 微操作成一个或多个第二个微操作。 重命名的行为已经重命名了第一微操作的第二部分的至少一个微操作的目的地寄存器。 该方法执行第一和第二微操作的第三部分。

公开(公告)号：US6128614A

公开(公告)日：2000-10-03

申请号：US246575

申请日：1999-02-08

Applicant: Larry Mennemeier ,  Alexander Peleg ,  Carole Dulong ,  Millind Mittal ,  Benny Eitan ,  Eiichi Kowashi

Inventor： Larry Mennemeier ,  Alexander Peleg ,  Carole Dulong ,  Millind Mittal ,  Benny Eitan ,  Eiichi Kowashi

IPC: G06F7/24 ,  G06F9/30 ,  G06F9/302 ,  G06F17/30

CPC classification number: G06F9/30014 ,  G06F7/24 ,  G06F9/30021 ,  G06F9/30036 ,  Y10S707/99936 ,  Y10S707/99937

Abstract: A technique for sorting packed numbers of two operands into minima or maxima operand with their indices to identify the origin of those selected values. After packing two source operands with a plurality of data elements containing numerical values, greater-than comparison operation is performed on the two operands to generate a mask. The mask is used to identify those corresponding pair of data elements of the first and second operands which need to be passed through the subsequent stages in order to generate a sorted minima or maxima. The operands are AND'ed with the mask or the complement of the mask to generate the required minima/maxima result. The same AND'ing technique is used with two other operands containing indices of the values in the first two operands. The indices identify the originating location of the sorted maxima/minima.

Abstract translation: 一种用于将两个操作数的打包数分成最小值或最大值操作数的技术，其索引用于标识这些选定值的起始点。 在使用包含数值的多个数据元素打包两个源操作数之后，对两个操作数进行大于比较的操作以生成掩码。 掩模用于识别需要通过后续阶段的第一和第二操作数的相应数据元素对，以便生成排序的最小值或最大值。 操作数与掩码或掩码的补码进行“和”生成所需的最小/最大值结果。 使用与前两个操作数中包含值的两个其他操作数相同的AND'ing技术。 这些索引标识了排序最大值/最小值的起始位置。

公开(公告)号：US5984515A

公开(公告)日：1999-11-16

申请号：US917671

申请日：1997-08-21

Applicant: Larry M. Mennemeier ,  Alexander D. Peleg ,  Carole Dulong ,  Eiichi Kowashi ,  Millind Mittal ,  Benny Eitan

Inventor： Larry M. Mennemeier ,  Alexander D. Peleg ,  Carole Dulong ,  Eiichi Kowashi ,  Millind Mittal ,  Benny Eitan

IPC: G06F9/302 ,  G06T3/60 ,  G06F17/14

CPC classification number: G06F9/30014 ,  G06F9/30036 ,  G06T3/60

Abstract: In a computer system having stored therein a first and a second packed data having corresponding data elements, a method for generating a two dimensional rotation of said packed data. The method includes the steps of generating a first set of intermediate results in response to a first instruction by multiplying the data elements of the first packed data with corresponding elements of a third packed data. The elements of said third packed data represent either a sine or cosine function. A second step of generating a second set of intermediate results in response to a second instruction by multiplying the data elements of the second packed data with corresponding elements of a fourth packed data. The elements of the fourth packed data represent either a sine or cosine function. A third and final step of generating a set of final results in response to a third instruction by performing an arithmetic operation between corresponding elements of the first and second sets of intermediate results. The final results represent a two dimensional rotation of the elements of the first set of packed data.

Abstract translation: 在其中存储有具有相应数据元素的第一和第二打包数据的计算机系统中，一种用于产生所述打包数据的二维旋转的方法。 该方法包括以下步骤：通过将第一打包数据的数据元素与第三打包数据的相应元素相乘来响应于第一指令来生成第一组中间结果。 所述第三打包数据的元素表示正弦或余弦函数。 第二步骤，通过将第二打包数据的数据元素与第四打包数据的对应元素相乘来响应于第二指令来生成第二组中间结果。 第四打包数据的元素表示正弦或余弦函数。 通过在第一和第二组中间结果的相应元素之间执行算术运算来产生响应于第三指令的一组最终结果的第三和最后一步骤。 最终结果表示第一组打包数据的元素的二维旋转。