Patents by Inventor Lyle Cool
Lyle Cool has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10120695Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: GrantFiled: July 11, 2013Date of Patent: November 6, 2018Assignee: Intel CorporationInventors: Lyle Cool, Saul Lewites
-
Publication number: 20170046172Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: ApplicationFiled: July 11, 2013Publication date: February 16, 2017Applicant: Intel CorporationInventors: Lyle Cool, Saul Lewites
-
Patent number: 9235707Abstract: Methods and arrangements to launch trusted, distinct, co-existing environments are disclosed. Embodiments may launch trusted, distinct, co-existing environments in pre-OS space with high assurance. A hardware-enforced isolation scheme may isolate the partitions to facilitate storage and execution of code and data. In many embodiments, the system may launch a partition manager to establish embedded and main partitions. Embedded partitions may not be visible to the main OS and may host critical operations. A main partition may host a general-purpose OS and user applications, and may manage resources that are not assigned to the embedded partitions. Trustworthiness in the launch of the embedded partition is established by comparing integrity metrics for the runtime environment against integrity measurements of a trusted runtime environment for the embedded partition, e.g., by sealing a cryptographic key with the integrity metrics in a trusted platform module. Other embodiments are described and claimed.Type: GrantFiled: August 9, 2013Date of Patent: January 12, 2016Assignee: Intel CorporationInventors: Vincent J Zimmer, Lyle Cool
-
Patent number: 9189246Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: GrantFiled: February 7, 2013Date of Patent: November 17, 2015Assignee: Intel CorporationInventors: Lyle Cool, Saul Lewites
-
Publication number: 20140223156Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: ApplicationFiled: July 11, 2013Publication date: August 7, 2014Applicant: Intel CorporationInventors: Lyle Cool, Saul Lewites
-
Publication number: 20130326216Abstract: Methods and arrangements to launch trusted, distinct, co-existing environments are disclosed. Embodiments may launch trusted, distinct, co-existing environments in pre-OS space with high assurance. A hardware-enforced isolation scheme may isolate the partitions to facilitate storage and execution of code and data. In many embodiments, the system may launch a partition manager to establish embedded and main partitions. Embedded partitions may not be visible to the main OS and may host critical operations. A main partition may host a general-purpose OS and user applications, and may manage resources that are not assigned to the embedded partitions. Trustworthiness in the launch of the embedded partition is established by comparing integrity metrics for the runtime environment against integrity measurements of a trusted runtime environment for the embedded partition, e.g., by sealing a cryptographic key with the integrity metrics in a trusted platform module. Other embodiments are described and claimed.Type: ApplicationFiled: August 9, 2013Publication date: December 5, 2013Inventors: Vincent J. Zimmer, Lyle Cool
-
Publication number: 20130254522Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: ApplicationFiled: February 7, 2013Publication date: September 26, 2013Inventors: Lyle Cool, Saul Lewites
-
Patent number: 8510859Abstract: Methods and arrangements to launch trusted, distinct, co-existing environments are disclosed. Embodiments may launch trusted, distinct, co-existing environments in pre-OS space with high assurance. A hardware-enforced isolation scheme may isolate the partitions to facilitate storage and execution of code and data. In many embodiments, the system may launch a partition manager to establish embedded and main partitions. Embedded partitions may not be visible to the main OS and may host critical operations. A main partition may host a general-purpose OS and user applications, and may manage resources that are not assigned to the embedded partitions. Trustworthiness in the launch of the embedded partition is established by comparing integrity metrics for the runtime environment against integrity measurements of a trusted runtime environment for the embedded partition, e.g., by sealing a cryptographic key with the integrity metrics in a trusted platform module. Other embodiments are described and claimed.Type: GrantFiled: September 26, 2006Date of Patent: August 13, 2013Assignee: Intel CorporationInventors: Vincent J. Zimmer, Lyle Cool
-
Patent number: 8380973Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: GrantFiled: October 26, 2009Date of Patent: February 19, 2013Assignee: Intel CorporationInventors: Lyle Cool, Saul Lewites
-
Publication number: 20100131746Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: ApplicationFiled: October 26, 2009Publication date: May 27, 2010Inventors: Lyle Cool, Saul Lewites
-
Patent number: 7656409Abstract: In a many core system, receiving a call to a graphics driver; translating the call into a command executable on a core of the many core system; and executing the translated call on the core.Type: GrantFiled: December 23, 2005Date of Patent: February 2, 2010Assignee: Intel CorporationInventors: Lyle Cool, Yasser Rasheed
-
Patent number: 7610481Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: GrantFiled: April 19, 2006Date of Patent: October 27, 2009Assignee: Intel CorporationInventors: Lyle Cool, Saul Lewites
-
Publication number: 20080077993Abstract: Methods and arrangements to launch trusted, distinct, co-existing environments are disclosed. Embodiments may launch trusted, distinct, co-existing environments in pre-OS space with high assurance. A hardware-enforced isolation scheme may isolate the partitions to facilitate storage and execution of code and data. In many embodiments, the system may launch a partition manager to establish embedded and main partitions. Embedded partitions may not be visible to the main OS and may host critical operations. A main partition may host a general-purpose OS and user applications, and may manage resources that are not assigned to the embedded partitions. Trustworthiness in the launch of the embedded partition is established by comparing integrity metrics for the runtime environment against integrity measurements of a trusted runtime environment for the embedded partition, e.g., by sealing a cryptographic key with the integrity metrics in a trusted platform module. Other embodiments are described and claimed.Type: ApplicationFiled: September 26, 2006Publication date: March 27, 2008Inventors: Vincent J. Zimmer, Lyle Cool
-
Publication number: 20070250691Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.Type: ApplicationFiled: April 19, 2006Publication date: October 25, 2007Inventors: Lyle Cool, Saul Lewites
-
Publication number: 20070146373Abstract: In a many core system, receiving a call to a graphics driver; translating the call into a command executable on a core of the many core system; and executing the translated call on the core.Type: ApplicationFiled: December 23, 2005Publication date: June 28, 2007Inventors: Lyle Cool, Yasser Rasheed