Patents by Inventor WOJCIECH POWIERTOWSKI
WOJCIECH POWIERTOWSKI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11838113Abstract: Embodiments are generally directed apparatuses, methods, techniques and so forth to receive a sled manifest comprising identifiers for physical resources of a sled, receive results of an authentication and validation operations performed to authenticate and validate the physical resources of the sled, determine whether the results of the authentication and validation operations indicate the physical resources are authenticate or not authenticate. Further and in response to the determination that the results indicate the physical resources are authenticated, permit the physical resources to process a workload, and in response to the determination that the results indicate the physical resources are not authenticated, prevent the physical resources from processing the workload.Type: GrantFiled: October 17, 2019Date of Patent: December 5, 2023Assignee: INTEL CORPORATIONInventors: Alberto J. Munoz, Murugasamy K. Nachimuthu, Mohan J. Kumar, Wojciech Powiertowski, Sergiu D. Ghetie, Neeraj S. Upasani, Sagar V. Dalvi, Chukwunenye S. Nnebe, Jeanne Guillory
-
Publication number: 20230342156Abstract: Methods and apparatuses relating to mitigations for speculative execution side channels are described. Speculative execution hardware and environments that utilize the mitigations are also described. For example, three indirect branch control mechanisms and their associated hardware are discussed herein: (i) indirect branch restricted speculation (IBRS) to restrict speculation of indirect branches, (ii) single thread indirect branch predictors (STIBP) to prevent indirect branch predictions from being controlled by a sibling thread, and (iii) indirect branch predictor barrier (IBPB) to prevent indirect branch predictions after the barrier from being controlled by software executed before the barrier.Type: ApplicationFiled: April 24, 2023Publication date: October 26, 2023Inventors: Jason W. Brandt, Deepak K. Gupta, Rodrigo Branco, Joseph Nuzman, Robert S. Chappell, Sergiu Ghetie, Wojciech Powiertowski, Jared W. Stark, IV, Ariel Sabba, Scott J. Cape, Hisham Shafi, Lihu Rappoport, Yair Berger, Scott P. Bobholz, Gilad Holzstein, Sagar V. Dalvi, Yogesh Bijlani
-
Patent number: 11635965Abstract: Methods and apparatuses relating to mitigations for speculative execution side channels are described. Speculative execution hardware and environments that utilize the mitigations are also described. For example, three indirect branch control mechanisms and their associated hardware are discussed herein: (i) indirect branch restricted speculation (IBRS) to restrict speculation of indirect branches, (ii) single thread indirect branch predictors (STIBP) to prevent indirect branch predictions from being controlled by a sibling thread, and (iii) indirect branch predictor barrier (IBPB) to prevent indirect branch predictions after the barrier from being controlled by software executed before the barrier.Type: GrantFiled: October 31, 2018Date of Patent: April 25, 2023Assignee: Intel CorporationInventors: Jason W. Brandt, Deepak K. Gupta, Rodrigo Branco, Joseph Nuzman, Robert S. Chappell, Sergiu D. Ghetie, Wojciech Powiertowski, Jared W. Stark, IV, Ariel Sabba, Scott J. Cape, Hisham Shafi, Lihu Rappoport, Yair Berger, Scott P. Bobholz, Gilad Holzstein, Sagar V. Dalvi, Yogesh Bijlani
-
Patent number: 11468170Abstract: A processor can be configured to access boot firmware from a remote location independent from use of a chipset. After a processor powers-on or reboots, the processor can execute microcode. The microcode will cause the processor to train a link with a remote device. The remote device can provide the processor with access to boot firmware. The processor can copy the boot firmware to the processor's cache or memory. The processor will attempt to authenticate the boot firmware. If the boot firmware is authenticated, the processor executes the copy of the boot firmware.Type: GrantFiled: December 7, 2018Date of Patent: October 11, 2022Assignee: Intel CorporationInventors: Sergiu D. Ghetie, Wojciech Powiertowski, Jeanne Guillory, Neeraj S. Upasani, Srihari Narayanan, Mohan J. Kumar, Sagar V. Dalvi, Francisco Orlando C. Arbildo
-
Patent number: 11023258Abstract: Dynamically configurable server platforms and associated apparatus and methods. A server platform including a plurality of CPUs installed in respective sockets may be dynamically configured as multiple single-socket servers and as a multi-socket server. The CPUs are connected to a platform manager component comprising an SoC including one or more processors and an embedded FPGA. Following a platform reset, an FPGA image is loaded, dynamically configuring functional blocks and interfaces on the platform manager. The platform manager also includes pre-defined functional blocks and interfaces. During platform initialization the dynamically-configured functional blocks and interfaces are used to initialize the server platform, while both the pre-defined and dynamically-configured functional blocks and interfaces are used to support run-time operations.Type: GrantFiled: December 30, 2016Date of Patent: June 1, 2021Assignee: Intel CorporationInventors: Neeraj S. Upasani, Jeanne Guillory, Wojciech Powiertowski, Sergiu D Ghetie, Mohan J. Kumar, Murugasamy K. Nachimuthu
-
Publication number: 20200133679Abstract: Methods and apparatuses relating to mitigations for speculative execution side channels are described. Speculative execution hardware and environments that utilize the mitigations are also described. For example, three indirect branch control mechanisms and their associated hardware are discussed herein: (i) indirect branch restricted speculation (IBRS) to restrict speculation of indirect branches, (ii) single thread indirect branch predictors (STIBP) to prevent indirect branch predictions from being controlled by a sibling thread, and (iii) indirect branch predictor barrier (IBPB) to prevent indirect branch predictions after the barrier from being controlled by software executed before the barrier.Type: ApplicationFiled: October 31, 2018Publication date: April 30, 2020Inventors: Jason W. Brandt, Deepak K. Gupta, Rodrigo Branco, Joseph Nuzman, Robert S. Chappell, Sergiu Ghetie, Wojciech Powiertowski, Jared W. Stark, IV, Ariel Sabba, Scott J. Cape, Hisham Shafi, Lihu Rappoport, Yair Berger, Scott P. Bobholz, Gilad Holzstein, Sagar V. Dalvi, Yogesh Bijlani
-
Publication number: 20200053438Abstract: Embodiments are generally directed apparatuses, methods, techniques and so forth to receive a sled manifest comprising identifiers for physical resources of a sled, receive results of an authentication and validation operations performed to authenticate and validate the physical resources of the sled, determine whether the results of the authentication and validation operations indicate the physical resources are authenticate or not authenticate. Further and in response to the determination that the results indicate the physical resources are authenticated, permit the physical resources to process a workload, and in response to the determination that the results indicate the physical resources are not authenticated, prevent the physical resources from processing the workload.Type: ApplicationFiled: October 17, 2019Publication date: February 13, 2020Applicant: INTEL CORPORATIONInventors: ALBERTO J. MUNOZ, MURUGASAMY K. NACHIMUTHU, MOHAN J. KUMAR, WOJCIECH POWIERTOWSKI, SERGIU D. GHETIE, NEERAJ S. UPASANI, SAGAR V. DALVI, CHUKWUNENYE S. NNEBE, JEANNE GUILLORY
-
Patent number: 10489156Abstract: Embodiments are generally directed apparatuses, methods, techniques and so forth to receive a sled manifest comprising identifiers for physical resources of a sled, receive results of an authentication and validation operations performed to authenticate and validate the physical resources of the sled, determine whether the results of the authentication and validation operations indicate the physical resources are authenticate or not authenticate. Further and in response to the determination that the results indicate the physical resources are authenticated, permit the physical resources to process a workload, and in response to the determination that the results indicate the physical resources are not authenticated, prevent the physical resources from processing the workload.Type: GrantFiled: July 21, 2017Date of Patent: November 26, 2019Assignee: INTEL CORPORATIONInventors: Alberto J. Munoz, Murugasamy K. Nachimuthu, Mohan J. Kumar, Wojciech Powiertowski, Sergiu D. Ghetie, Neeraj S. Upasani, Sagar V. Dalvi, Chukwunenye S. Nnebe, Jeanne Guillory
-
Publication number: 20190108347Abstract: A processor can be configured to access boot firmware from a remote location independent from use of a chipset. After a processor powers-on or reboots, the processor can execute microcode. The microcode will cause the processor to train a link with a remote device. The remote device can provide the processor with access to boot firmware. The processor can copy the boot firmware to the processor's cache or memory. The processor will attempt to authenticate the boot firmware. If the boot firmware is authenticated, the processor executes the copy of the boot firmware.Type: ApplicationFiled: December 7, 2018Publication date: April 11, 2019Inventors: Sergiu D. GHETIE, Wojciech POWIERTOWSKI, Jeanne GUILLORY, Neeraj S. UPASANI, Srihari NARAYANAN, Mohan J. KUMAR, Sagar V. DALVI
-
Publication number: 20180189081Abstract: Dynamically configurable server platforms and associated apparatus and methods. A server platform including a plurality of CPUs installed in respective sockets may be dynamically configured as multiple single-socket servers and as a multi-socket server. The CPUs are connected to a platform manager component comprising an SoC including one or more processors and an embedded FPGA. Following a platform reset, an FPGA image is loaded, dynamically configuring functional blocks and interfaces on the platform manager. The platform manager also includes pre-defined functional blocks and interfaces. During platform initialization the dynamically-configured functional blocks and interfaces are used to initialize the server platform, while both the pre-defined and dynamically-configured functional blocks and interfaces are used to support run-time operations.Type: ApplicationFiled: December 30, 2016Publication date: July 5, 2018Inventors: Neeraj S. Upasani, Jeanne Guillory, Wojciech Powiertowski, Sergiu D Ghetie, Mohan J. Kumar, Murugasamy K. Nachimuthu
-
Publication number: 20180097839Abstract: Embodiments detailed herein describe a system comprising a manageability server to generate an encrypted sideband message having at least one command; a server including: a radio frequency identification (RFID) device, the RFID device to include storage to store at least one encrypted sideband message having at least one command, and a security circuit coupled to the RFID device, the security circuit to: retrieve at least one encrypted sideband message from the RFID device storage, decrypt the one encrypted sideband message, determine validity of the decrypted sideband message using information from the decrypted sideband message, and perform an action in response to the at least one command.Type: ApplicationFiled: October 1, 2016Publication date: April 5, 2018Inventors: NEERAJ S. UPASANI, SAGAR V. DALVI, WOJCIECH POWIERTOWSKI, SERGIU D GHETIE, WON LEE, JEANNE GUILLORY, CHUKWUNENYE S. NNEBE
-
Publication number: 20180026800Abstract: Embodiments are generally directed apparatuses, methods, techniques and so forth to receive a sled manifest comprising identifiers for physical resources of a sled, receive results of an authentication and validation operations performed to authenticate and validate the physical resources of the sled, determine whether the results of the authentication and validation operations indicate the physical resources are authenticate or not authenticate. Further and in response to the determination that the results indicate the physical resources are authenticated, permit the physical resources to process a workload, and in response to the determination that the results indicate the physical resources are not authenticated, prevent the physical resources from processing the workload.Type: ApplicationFiled: July 21, 2017Publication date: January 25, 2018Inventors: ALBERTO J. MUNOZ, MURUGASAMY K. NACHIMUTHU, MOHAN J. KUMAR, WOJCIECH POWIERTOWSKI, SERGIU D. GHETIE, NEERAJ S. UPASANI, SAGAR V. DALVI, CHUKWUNENYE S. NNEBE, JEANNE GUILLORY