Patents by Inventor Jonathan D. Bradbury
Jonathan D. Bradbury has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11449367Abstract: A method is provided that includes receiving, by a firmware from an originating software, an asynchronous request for an instruction of an algorithm for compression of data. The firmware operates on a first processor and the originating software operates on a second processor. The firmware issues a synchronous request to the first processor to cause the processor to execute the instruction synchronously. It is determined, by the firmware, whether an interrupt is received from the first processor with respect to the first processor executing the instruction. The firmware retries the issuance of the synchronous request each time the interrupt is received until a retry threshold is reached.Type: GrantFiled: February 27, 2019Date of Patent: September 20, 2022Assignee: International Business Machines CorporationInventors: Matthias Klein, Simon Weishaupt, Anthony Thomas Sofia, Jonathan D. Bradbury, Mark S. Farrell, Mahmoud Amin, Timothy Slegel
-
Patent number: 11442726Abstract: Vector pack and unpack instructions are described. An instruction to perform a conversion between one decimal format and another decimal format is executed, in which the one decimal format or the other decimal format is a zoned decimal format. The executing includes obtaining a value from at least one register specified using the instruction. At least a portion of the value is converted from the one decimal format to the other decimal format different from the one decimal format to provide a converted result. A result obtained from the converted result is written into a single register specified using the instruction.Type: GrantFiled: February 26, 2021Date of Patent: September 13, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Eric Mark Schwarz, Timothy Slegel, Jonathan D. Bradbury, Michael Klein, Reid Copeland, Xin Guo
-
Patent number: 11443040Abstract: A method, computer program product, and a system where a secure interface control determines whether an instance of a secure guest image can execute based on metadata. The secure interface control (“SC”) obtains metadata linked to an image of a secure guest of an owner and managed by the hypervisor that includes control(s) that indicates whether the hypervisor is permitted to execute an instance of a secure guest generated with the image in the computing system based on system setting(s) in the computing system. The SC intercepts a command by the hypervisor to initiate the instance. The SC determines the presence or the absence of system setting(s) in the computing system. The SC determines if the hypervisor is permitted to execute the instance. If so, the SC enables initiation of the instance by the hypervisor. If not, the SC ignores the command.Type: GrantFiled: March 8, 2019Date of Patent: September 13, 2022Assignee: International Business Machines CorporationInventors: Reinhard T. Buendgen, Jonathan D. Bradbury, Lisa Cranton Heller
-
Publication number: 20220276866Abstract: Vector pack and unpack instructions are described. An instruction to perform a conversion between one decimal format and another decimal format is executed, in which the one decimal format or the other decimal format is a zoned decimal format. The executing includes obtaining a value from at least one register specified using the instruction. At least a portion of the value is converted from the one decimal format to the other decimal format different from the one decimal format to provide a converted result. A result obtained from the converted result is written into a single register specified using the instruction.Type: ApplicationFiled: February 26, 2021Publication date: September 1, 2022Inventors: Eric Mark Schwarz, Timothy Slegel, Jonathan D. Bradbury, Michael Klein, Reid Copeland, Xin Guo
-
Patent number: 11403409Abstract: An example computer-implemented method includes presenting, by a hardware control of a computing system, an exception to an untrusted entity when the untrusted entity accesses a secure page stored in a memory of the computing system, the exception preventing the untrusted entity from accessing the secure page. The method further includes, in response to the exception, issuing, by the untrusted entity, an export call routine. The method further includes executing, by a secure interface control of the computing system, the export call routine.Type: GrantFiled: March 8, 2019Date of Patent: August 2, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jonathan D. Bradbury, Martin Schwidefsky, Christian Borntraeger, Lisa Cranton Heller, Heiko Carstens, Fadi Y. Busaba
-
Publication number: 20220222357Abstract: A method, computer program product, and a system where a secure interface control determines functionality of a secure guest based on metadata. The secure interface control (“SC”) obtains metadata linked to an image of a secure guest to be started by an owner and managed by the hypervisor, where the metadata comprises control(s) that indicate whether a secure guest generated with the image is permitted to obtain a response to a particular request. The SC intercepts, from the secure guest generated with the image, during runtime, a request. The SC determines, based on the control(s), if the secure guest is permitted to obtain a response to the request. If permitted, the SC commences fulfillment of the request, within the computing system. If not permitted, the SC ignores the request.Type: ApplicationFiled: March 30, 2022Publication date: July 14, 2022Inventors: Reinhard T. Buendgen, Jonathan D. Bradbury
-
Patent number: 11372983Abstract: A select processor obtains a request to perform a requested operation. The request includes encrypted data and a protected key. The protected key is to be used by the select processor on behalf of an entity unauthorized to use the protected key. The encrypted data is decrypted using the protected key to obtain decrypted data. The requested operation is performed on the decrypted data to obtain resulting data. The resulting data is encrypted (e.g., using the protected key) to obtain encrypted resulting data. The encrypted resulting data is provided to a requestor of the request.Type: GrantFiled: March 26, 2019Date of Patent: June 28, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Anthony T. Sofia, Jonathan D. Bradbury
-
Publication number: 20220188412Abstract: Aspects include circuitry that includes a first global generation counter (GGC) that is increased upon decoding of a branch instruction and a second GGC that is increased upon a completion of the branch instruction. Upon a triggered rollback, the first GGC is reset. The circuitry also includes a generation tag memory associated with a register that receives loads during a side-channel attacks which is set to the first GGC upon a first load, and a determination unit to determine, for a second load from an address depending on the register of the first load, a generation tag value associated with the register of the second load as a function of the first GGC, the second GGC, and the generation tag value associated with the register of the first load. A wait queue is configured to block the second load, if the generation tag is larger than the second GGC.Type: ApplicationFiled: December 15, 2020Publication date: June 16, 2022Inventors: Christian Borntraeger, Jonathan D. Bradbury, Martin Recktenwald, Anthony Saporito
-
Patent number: 11354418Abstract: Secure processing within a computing environment is provided by incrementally decrypting a secure operating system image, including receiving, for a page of the secure operating system image, a page address and a tweak value used during encryption of the page. Processing determines that the tweak value has not previously been used during decryption of another page of the secure operating system image, and decrypts memory page content at the page address using an image encryption key and the tweak value to facilitate obtaining a decrypted secure operating system image. Further, integrity of the secure operating system image is verified, and based on verifying integrity of the secure operating system image, execution of the decrypted secure operating system image is started.Type: GrantFiled: March 8, 2019Date of Patent: June 7, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Reinhard T. Buendgen, Christian Borntraeger, Jonathan D. Bradbury, Fadi Y. Busaba, Lisa C. Heller, Viktor Mihajlovski
-
Patent number: 11354421Abstract: A method, computer program product, and a system where a secure interface control determines functionality of a secure guest based on metadata. The secure interface control (“SC”) obtains metadata linked to an image of a secure guest to be started by an owner and managed by the hypervisor, where the metadata comprises control(s) that indicate whether a secure guest generated with the image is permitted to obtain a response to a particular request. The SC intercepts, from the secure guest generated with the image, during runtime, a request. The SC determines, based on the control(s), if the secure guest is permitted to obtain a response to the request. If permitted, the SC commences fulfillment of the request, within the computing system. If not permitted, the SC ignores the request.Type: GrantFiled: March 8, 2019Date of Patent: June 7, 2022Assignee: International Business Machines CorporationInventors: Reinhard T. Buendgen, Jonathan D. Bradbury
-
Patent number: 11347529Abstract: According to one or more embodiments of the present invention, a computer implemented method includes initiating, by a non-secure entity that is executing on a host server, a secure entity, the non-secure entity prohibited from directly accessing any data of the secure entity. The method further includes injecting, into the secure entity, an interrupt that is generated by the host server. The injecting includes adding, by the non-secure entity, information about the interrupt into a portion of non-secure storage, which is then associated with the secure entity. The injecting further includes injecting, by a secure interface control of the host server, the interrupt into the secure entity.Type: GrantFiled: March 8, 2019Date of Patent: May 31, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Claudio Imbrenda, Fadi Y. Busaba, Lisa Cranton Heller, Jonathan D. Bradbury
-
Patent number: 11347869Abstract: A method is provided. The method is implemented by a secure interface control of a computer that prevents unauthorized accesses to locations in a memory of the computer. The secure interface control determines that a host absolute page is not previously mapped to a virtual page in accordance with securing the host absolute page and a host virtual page is not already mapped to an absolute page in accordance with securing the host absolute page.Type: GrantFiled: March 8, 2019Date of Patent: May 31, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Martin Schwidefsky, Heiko Carstens, Jonathan D. Bradbury, Lisa Cranton Heller
-
Patent number: 11334503Abstract: An input/output store instruction is handled. A data processing system includes a system nest coupled to at least one input/output bus by an input/output bus controller. The data processing system further includes at least a data processing unit including a core, system firmware and an asynchronous core-nest interface. The data processing unit is coupled to the system nest via an aggregation buffer. The system nest is configured to asynchronously load from and/or store data to at least one external device which is coupled to the at least one input/output bus. The data processing unit is configured to complete the input/output store instruction before an execution of the input/output store instruction in the system nest is completed. The asynchronous core-nest interface includes an input/output status array with multiple input/output status buffers.Type: GrantFiled: January 29, 2020Date of Patent: May 17, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christoph Raisch, Marco Kraemer, Frank Siegfried Lehnert, Matthias Klein, Jonathan D. Bradbury, Christian Jacobi, Brenton Belmar, Peter Dana Driever
-
Patent number: 11321240Abstract: A method for processing an instruction by a processor operationally connected to one or more buses comprises determining the instruction is to access an address of an address space that maps a memory and comprises a range of MMIO addresses. The method determines the address being accessed is within the range of MMIO addresses and generates, based on the determination, a first translation of the address being accessed to a bus identifier identifying one of the buses and a bus address of a bus address space. The bus address resulting from the translation is assigned to a device accessible via the identified bus. The method generates an entry in a translation lookaside buffer. A request directed to the device is sent via the identified bus to the bus address resulting from the translation.Type: GrantFiled: June 8, 2018Date of Patent: May 3, 2022Assignee: International Business Machines CorporationInventors: Christoph Raisch, Marco Kraemer, Carsten Otte, Jonathan D. Bradbury, David Craddock
-
Patent number: 11308229Abstract: An example computer-implemented method includes presenting, by a hardware control of a computing system, an exception to an untrusted entity when the untrusted entity accesses a secure page stored in a memory of the computing system, the exception preventing the untrusted entity from accessing the secure page. The method further includes, in response to the exception, issuing, by the untrusted entity, an export call routine. The method further includes executing, by a secure interface control of the computing system, the export call routine.Type: GrantFiled: March 8, 2019Date of Patent: April 19, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jonathan D. Bradbury, Martin Schwidefsky, Christian Borntraeger, Lisa Cranton Heller, Heiko Carstens, Fadi Y. Busaba
-
Patent number: 11308215Abstract: A method is provided by a secure interface control of a computer that provides a partial instruction interpretation for an instruction which enables an interruption. The secure interface control fetches a program status word or a control register value from a secure guest storage. The secure interface control notifies an untrusted entity of guest interruption mask updates. The untrusted entity is executed on and in communication with hardware of the computer through the secure interface control to support operations of a secure entity executing on the untrusted entity. The secure interface control receives, from the untrusted entity, a request to present a highest priority, enabled guest interruption in response to the notifying of the guest interruption mask updates. The secure interface control moves interruption information into a guest prefix page and injecting the interruption in the secure entity when an injection of the interruption is determined to be valid.Type: GrantFiled: March 8, 2019Date of Patent: April 19, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christian Borntraeger, Claudio Imbrenda, Fadi Y. Busaba, Jonathan D. Bradbury, Lisa Cranton Heller
-
Patent number: 11308277Abstract: A method, computer program product, and system includes a processor obtaining data including values and generating a value conversion dictionary by applying a parse tree based compression algorithm to the data, where the value conversion dictionary includes dictionary entries that represent the values. The processor obtains a distribution of the values and estimates a likelihood for each based on the distribution. The processor generates a code word to represent each value, a size of each code word is inversely proportional to the likelihood of the word. The processor assigns a rank to each code word, the rank for each represents the likelihood of the value represented by the code word; and based on the rank associated with each code word, the processor reorders each dictionary entry in the value conversion dictionary to associate each dictionary entry with an equivalent rank, the reordered value conversion dictionary comprises an architected dictionary.Type: GrantFiled: November 22, 2019Date of Patent: April 19, 2022Assignee: International Business Machines CorporationInventors: Jonathan D. Bradbury, Markus Helms, Christian Jacobi, Aditya N. Puranik, Christian Zoellin
-
Patent number: 11303456Abstract: A single architected instruction to produce a signature for a message is obtained. The instruction is executed, and the executing includes determining a sign function of a plurality of sign functions supported by the instruction to be performed. Input for the instruction is obtained, and the input includes a message and a cryptographic key. A signature is produced based on the sign function to be performed and the input. The signature is to be used to verify the message.Type: GrantFiled: February 15, 2019Date of Patent: April 12, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Eric M. Schwarz, Jonathan D. Bradbury, Edward T. Malley, Christian Jacobi
-
Patent number: 11281469Abstract: Saving and restoring machine state between multiple executions of an instruction. A determination is made that processing of an operation of an instruction executing on a processor has been interrupted prior to completion. Based on determining that the processing of the operation has been interrupted, current metadata of the processor is extracted. The metadata is stored in a location associated with the instruction and used to re-execute the instruction to resume forward processing of the instruction from where it was interrupted.Type: GrantFiled: December 15, 2020Date of Patent: March 22, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Bruce C. Giamei, Martin Recktenwald, Donald W. Schmidt, Timothy Slegel, Aditya N. Puranik, Mark S. Farrell, Christian Jacobi, Jonathan D. Bradbury, Christian Zoellin
-
Patent number: 11283800Abstract: A method is provided. A secure interface control in communication with an untrusted entity perform the method. In this regard, the secure interface control implements an initialization instruction to set donated storage as secure. The implementing of the initialization instruction is responsive to an instruction call issued from the untrusted entity.Type: GrantFiled: March 8, 2019Date of Patent: March 22, 2022Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Lisa Cranton Heller, Fadi Y. Busaba, Jonathan D. Bradbury