Abstract: In some embodiments, the invention involves a system and method relating to managing power utilization in partitioned systems. In at least one embodiment, the present invention is intended to control the sleeping/wakefulness of devices, as necessary, to minimize power utilization of devices whose accesses are routed away. Inter-partition communication is used to utilize devices in a sequestered partition while devices in the OS partition are put into a sleep state to save power. Other embodiments are described and claimed.

Abstract: Implementing fair scalable reader writer mutual exclusion for access to a critical section by a plurality of processing threads in a processing system is accomplished by creating a first queue node for a first thread on the first thread's stack, the queue node representing a request by the first thread to access the critical section; adding the first queue node to a queue pointed to by a single word reader writer mutex for the critical section, the queue representing a list of threads desiring access to the critical section, each queue node in the queue being on a stack of a thread of the plurality of processing threads; waiting until the first queue node has no preceding write requests as indicated by predecessor queue nodes on the queue; entering the critical section by the first thread; exiting the critical section by the first thread; and removing the first queue node from the queue.

Abstract: Systems, methods, and other embodiments associated with random number generators are described. One system embodiment includes a random number generator logic that may produce an initial random number from a first set of three inputs. The system embodiment may receive the three inputs from sources including an internal counter entropy source (ICES), an internal arbitrary entropy source (IAES), and an external entropy source (EES). The system embodiment may generate a first random number from a first set of three inputs (e.g., value from ICES, value from IAES, value from EES) but may then generate subsequent random numbers from a different set of three inputs (e.g., value from ICES, value from IAES, previous random number).

Abstract: A system for proactive forced renewal of content protection implementations in devices includes a key generation facility to generate and allocate keys for the devices, and to generate revocation data corresponding to revoked keys in response to at least one of a security compromise and on a periodic basis independent of a security compromise; and a device manufacturer to receive the keys from the key generation facility, to embed the keys in content protection implementations for the devices, to distribute the devices, and to renew the content protection implementations in devices after the devices are distributed, in response to at least one of a security compromise and on a periodic basis independent of a security compromise.

Abstract: Embodiments of the present invention provide for minimizing the number of procedure frame unwinding operations to be performed when restoring the program control flow information. A first data structure may be constructed to contain procedure linkage information along with references to the conventional memory area where each procedure linkage information element (procedure return address or a procedure frame pointer) was originally found. The first data structure may be initialized upon the initial request for program control flow information. Upon each subsequent request, the contents of the conventional memory area as referenced by the first data structure may be compared with the corresponding elements of the first data structure. As a result of said comparison, changed and unchanged regions within the conventional memory area may be determined. Then, procedure frame unwinding operations may be performed for the changed regions.

Abstract: Instructions that have no dependence constraint between them and other instructions in a loop of a critical section may be moved out of the critical section so that the size of the critical section may be reduced. A flow graph of a program including the critical section may be generated, which includes loops. The flow graph may be transformed based on which any unnecessary instructions in loops may be moved out of the critical section. Subsequently, the original flow graph of the critical section may be recovered from the transformed flow graph.

Abstract: A method, system, apparatus, and computer-readable medium to detect rapidly propagating threats in a network. A rapidly propagating threat is detected by capturing a series of packets as the packets are communicated to nodes of the organizational network. The rapidly propagating threat can be detected without relying upon a known signature for the threat. Behavior of nodes when sending and receiving packets is examined for patterns typical of worm propagation.

Abstract: A virtual machine monitor (VMM) in a data processing system handles errors involving virtual machines (VMs) in the processing system. For instance, an error manager in the VMM may detect an uncorrectable error in involving a component associated with a first VM in the processing system. In response to detection of that error, the error manager may terminate the first VM, while allowing a second VM in the processing system to continue operating. In one embodiment, the error manager automatically determines which VM is affected by the uncorrectable error, in response to detecting the uncorrectable error. The error manager may also automatically spawn a new VM to replace the first VM, if the processing system has sufficient resources to support the new VM. Other embodiments are described and claimed.

Abstract: In one embodiment, the present invention includes a method for determining if an isolation driver is present and a processor supports virtualization, launching the isolation driver in a first privilege level different than a system privilege level and user privilege level, creating a 1:1 virtual mapping between a virtual address and a physical address, using the isolation driver, and controlling access to a memory page using the isolation driver. Other embodiments are described and claimed.

Abstract: A processing system may include a first processing unit for a legacy partition and a second processing unit for a sequestered partition. In one embodiment, a first interrupt handler in the legacy partition may support power management for the first processing unit. A second interrupt handler in the sequestered partition may cause the sequestered partition to take control of power management hardware in the processing system when the legacy partition enters reduced power mode. For example, the second interrupt handler may program the power management hardware to route interrupts to the second processing unit. The sequestered partition may relinquish control of power management hardware to the legacy partition when the legacy partition exits reduced power mode. A power policy manager in the sequestered partition may support features such as wake for incoming communications, wake to record, etc. Other embodiments are described and claimed.

Abstract: Providing adaptive visual browsing of digital content may be accomplished by presenting a scrolling ticker on a display for browsing of digital content available for viewing by a user of a processing system, the ticker having a plurality of items, each item including an image representing at least one of a content title and a content service provider; receiving a user input selection from a remote control device operated by the user, the user input selection selecting one of the ticker items to indicate the user's interest in the selected item; and changing at least one of the items in the ticker to another item in response to the user input selection, wherein the other item has metatags similar to or related to metatags of the selected item.

Abstract: Estimation of a 3D layout of roads and paths traveled by pedestrians is achieved by observing the pedestrians and estimating road parameters from the pedestrian's size and position in a sequence of video frames. The system includes a foreground object detection unit to analyze video frames of a 3D scene and detect objects and object positions in video frames, an object scale prediction unit to estimate 3D transformation parameters for the objects and to predict heights of the objects based at least in part on the parameters, and a road map detection unit to estimate road boundaries of the 3D scene using the object positions to generate the road map.

Abstract: Implementing fair scalable reader writer mutual exclusion for access to a critical section by a plurality of processing threads in a processing system is accomplished by creating a first queue node for a first thread on the first thread's stack, the queue node representing a request by the first thread to access the critical section; adding the first queue node to a queue pointed to by a single word reader writer mutex for the critical section, the queue representing a list of threads desiring access to the critical section, each queue node in the queue being on a stack of a thread of the plurality of processing threads; waiting until the first queue node has no preceding write requests as indicated by predecessor queue nodes on the queue; entering the critical section by the first thread; exiting the critical section by the first thread; and removing the first queue node from the queue.

Abstract: A first virtual machine (VM) in a processing system may emulate a first server blade, and a second VM in the processing system may emulate a second server blade. The emulated server blades may be referred to as virtual server blades. A virtual machine monitor (VMM) in the processing system may provide a communication channel to at least one of the virtual server blades. Other embodiments are described and claimed.

Abstract: A data processing system supports a virtualization enabled (VE) operating mode. An operating system (OS) is launched during a boot process. However, a trap agent is launched before the OS is launched. The trap agent may intercept an attempt to transition the data processing system to virtual machine (VM) operating mode. In response to intercepting the attempt to transition the data processing system to VM operating mode, the trap agent may automatically determine whether the program that requested the transition is an authorized program. If the program is not authorized, the trap agent may prevent the program from transitioning the data processing system to VM operating mode. In one embodiment, the trap agent is launched before the data processing system selects a boot device. In another embodiment, the trap agent is launched before executing any code from any third-party option ROMs. Other embodiments are described and claimed.

Abstract: A processing system may include a first processing unit for a first partition and a second processing unit for a second partition. To support power management, an interrupt handler in the processing system may receive a standby command from an operating system. In response to receiving the standby command, the interrupt handler may cause the first processing unit to transition into a reduced power mode. After the second partition detects a wake event, the second partition may cause the first processing unit to transition out of the reduced power mode. In an example embodiment, the interrupt handler executes within the first partition, and the first processing unit transitions into the reduced power mode by entering an idle loop within the interrupt handler. The first partition may determine from within the idle loop whether the first partition has been released from the low power state. Other embodiments are described and claimed.

Abstract: Methods for encrypting a clear text message into hidden cipher text are disclosed. Embodiments of the present invention may be used to encrypt clear text into a contextual altered form that does not appear to an observer to be cipher text. Embodiments of the present invention produce encrypted text without using a mathematical model of prime number factorization. Embodiments of the present invention provide better security by producing better quality cipher text output than known linguistic steganography approaches.

Abstract: A first partition of a processing system may use polling to communicate with a device. In addition, the first partition may provide an interface that allows a second partition of the processing system to communicate with the device without requiring the second partition to use polling. For example, the first partition may present the device to the second partition as an interrupt-driven device. In one embodiment, the first partition creates an interface that presents a universal serial bus (USB) peripheral device to the second partition as a legacy peripheral device. The second partition my therefore use the device without conducting polling, and may consume less energy than a partition that conducts polling. Other embodiments are described and claimed.

Abstract: A mole analysis program generates a digital signature for a first mole, based on a digital image of first, second, and third moles. The program may then determine whether the first mole matches a previously imaged mole, based on the digital signature for the first mole and baseline data with baseline signatures for previously imaged moles. In response to determining that the first mole matches a previously imaged mole, the program may automatically determine whether the first mole has changed. In various embodiments, the digital signature may include angle entries for the digital signature and/or distance entries for the first signature. An angle entry may represent an angle between two lines to connect the first mole with the second mole and the third mole. A distance entry may correspond to the distance between the first mole and the second mole. Other embodiments are described and claimed.

Abstract: A processing system with multiple processing units may support separate operating systems (OSs) in separate partitions. During an initialization process, a preboot manager in the processing system may copy software to a sequestered area of memory in the processing system. The preboot manager may also configure the processing system to hide the sequestered area of memory from a first partition of the processing system. Also, the preboot manager may use a first processing unit in the processing system to boot an OS on the first partition, and the preboot manager may transmit a boot trigger from the first processing unit to a second processing unit in the processing system. The boot trigger may cause the second processing unit to use the software in the sequestered area of memory to boot a second partition of the processing system. Other embodiments are described and claimed.