Patents by Inventor Andrei Warkentin

Andrei Warkentin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20250147796
    Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system (OS). A management hypervisor installer executed on a host device launches or causes a server component to provide a management operating system (OS) installer image at a particular URI accessible over a network internal to the host device. A baseboard management controller (BMC) transfers the DPU management OS installer image to the DPU device. A volatile memory based virtual disk is created using the DPU management OS installer image. The DPU device is booted to a DPU management OS installer on the volatile memory based virtual disk. The DPU management OS installer installs a DPU management operating system to a nonvolatile memory of the DPU device on reboot of the DPU device.
    Type: Application
    Filed: January 13, 2025
    Publication date: May 8, 2025
    Inventors: Andrei Warkentin, Aravinda Haryadi, Lingyuan He, Suman Boro, Karthik Ramachandra, Anjaneya Prasad Gondi, Renaud Benjamin Voltz
  • Patent number: 12277422
    Abstract: Systems and methods are included for causing a computing device to boot by retrieving hardware information from a device tree and further properties by utilizing a native access method call identified in the device tree. The access method can allow for getting a property, getting a property length, or setting a property. A table within firmware can identify the method, which then can retrieve the property information from memory. This Device tree Runtime (“DTRT”) mechanism can allow the computing device to retrieve the hardware configuration and act as a power management interface for turning on the correct hardware and hardware properties on the computing device.
    Type: Grant
    Filed: January 27, 2023
    Date of Patent: April 15, 2025
    Assignee: VMware LLC
    Inventors: Andrei Warkentin, Regis Duchesne, Renukanthan Raman
  • Patent number: 12253956
    Abstract: A hybrid scheme is provided for performing translation lookaside buffer (TLB) shootdowns in a computer system whose processing cores support both inter-processor interrupt (IPI) and broadcast TLB invalidate (TLBI) shootdown mechanisms. In one set of embodiments, this hybrid scheme dynamically determines, for each instance where a TLB shootdown is needed, whether to use the IPI mechanism or the broadcast TLBI mechanism to optimize shootdown performance (or otherwise make the TLB shootdown operation functional/practical).
    Type: Grant
    Filed: November 7, 2022
    Date of Patent: March 18, 2025
    Assignee: VMWare LLC
    Inventors: Andrei Warkentin, Jared McNeill, Grant Foudree, Anil Veliyankaramadam
  • Patent number: 12248799
    Abstract: An example method of managing guest time for a virtual machine (VM) supported by a hypervisor of a virtualized host computer includes: configuring, by the hypervisor, a central processing unit (CPU) of the host computer to trap, to the hypervisor, access by guest code in the VM to a physical counter and timer of the CPU; configuring, by the hypervisor, the guest code in the VM to use the physical counter and timer of the CPU rather than a virtual counter and timer of the CPU; trapping, at the hypervisor, an access to the physical counter and timer by the guest code; and executing, by the hypervisor, the access to the physical counter and timer on behalf of the guest code while compensating for an adjustment of a system count of the physical counter and timer to maintain the guest time as scaled with respect to frequency of the physical counter and timer.
    Type: Grant
    Filed: December 16, 2021
    Date of Patent: March 11, 2025
    Assignee: VMware LLC
    Inventors: Andrei Warkentin, Ye Li, Alexander Fainkichen, Regis Duchesne, Cyprien Laplace, Shruthi Muralidhara Hiriyuru, Sunil Kumar Kotian
  • Patent number: 12197939
    Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system (OS). A management hypervisor installer executed on a host device launches or causes a server component to provide a management operating system (OS) installer image at a particular URI accessible over a network internal to the host device. A baseboard management controller (BMC) transfers the DPU management OS installer image to the DPU device. A volatile memory based virtual disk is created using the DPU management OS installer image. The DPU device is booted to a DPU management OS installer on the volatile memory based virtual disk. The DPU management OS installer installs a DPU management operating system to a nonvolatile memory of the DPU device on reboot of the DPU device.
    Type: Grant
    Filed: March 25, 2022
    Date of Patent: January 14, 2025
    Assignee: VMware LLC
    Inventors: Andrei Warkentin, Aravinda Haryadi, Lingyuan He, Suman Boro, Karthik Ramachandra, Anjaneya Prasad Gondi, Renaud Benjamin Voltz
  • Patent number: 12190122
    Abstract: Examples provide for automatically provisioning hosts in a cloud environment. A cloud daemon generates a cloud host-state configuration, for a given cloud instance of a host, stored on a cloud metadata service prior to first boot of the given cloud instance of the host. A first boot of a plurality of cloud instances of hosts is performed using a stateless, master boot image lacking host-specific configuration data. On completion of the first boot of a given cloud instance of a host, the cloud host-state configuration is installed on the master boot image to generate a self-configured boot image including host-specific configuration data for the given cloud instance of the host. A second boot is performed on the given cloud instance of the host by executing the self-configured boot image to automatically provision the given cloud instance of the host in the cloud environment.
    Type: Grant
    Filed: August 16, 2021
    Date of Patent: January 7, 2025
    Assignee: VMware LLC
    Inventors: Andrei Warkentin, Harvey Tuch, William Lam
  • Patent number: 12182602
    Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system using a capsule. A management hypervisor installer executed on a host device receives a listing DPU device from a baseboard management controller (BMC). A preinstalled DPU management operating system image is identified for a DPU device from the listing, and is wrapped with a capsule that specifies the capsule as a DPU management operating system image capsule. A server component provides the DPU management operating system image capsule at a particular URI, and the URI is transmitted to the BMC.
    Type: Grant
    Filed: March 25, 2022
    Date of Patent: December 31, 2024
    Assignee: VMware LLC
    Inventors: Andrei Warkentin, Karthik Ramachandra, Timothy P. Mann, Jared Mcneill, Sunil Kotian, Cyprien Laplace, David A Dunn
  • Patent number: 12175257
    Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system (OS). A host device boots a host provisioning image, which executes a host provisioning agent. The host provisioning agent launches a server component that serves a DPU management OS. A provisioning command is transmitted to a DPU device installed to the host device. The server component transmits the DPU management OS from the host device to the DPU device. A host OS is executed once an indication that the DPU device is executing on the DPU management OS is received.
    Type: Grant
    Filed: April 7, 2022
    Date of Patent: December 24, 2024
    Assignee: VMware LLC
    Inventors: Andrei Warkentin, Sunil Kotian
  • Patent number: 12147530
    Abstract: The disclosure herein describes deploying a Virtual Secure Enclave (VSE) using a universal enclave binary and a Trusted Runtime (TR). A universal enclave binary is generated that includes a set of binaries of Instruction Set Architectures (ISAs) associated with Trusted Execution Environment (TEE) hardware backends. A TEE hardware backend is identified in association with a VSE-compatible device. A VSE that is compatible with the identified TEE hardware backend is generated on the VSE-compatible device and an ISA binary that matches the TEE hardware backend is selected from the universal enclave binary. The selected binary is linked to a runtime library of the TR and loads the linked binary into memory of the generated VSE. The execution of a trusted application is initiated in the generated VSE using a set of interfaces of the TR. The trusted application depends on the TR interfaces rather than the selected ISA binary.
    Type: Grant
    Filed: October 5, 2022
    Date of Patent: November 19, 2024
    Assignee: VMware LLC
    Inventors: Ye Li, Anoop Jaishankar, John Manferdelli, David Ott, Andrei Warkentin
  • Patent number: 12118362
    Abstract: An example method of exception handling in a computer system is described. The computer system includes a physical central processing unit (PCPU) and a system memory, the system memory storing a first stack, a second stack, and a double fault stack associated with the PCPU. The method includes: storing, by an exception handler executing in the computer system, an exception frame on the double fault stack in response to a stack overflow condition of the first stack; switching, by the exception handler, a first stack pointer of the PCPU from pointing to the first stack to pointing to the double fault stack; setting a current stack pointer of the PCPU to the first stack pointer; and executing software on the PCPU with the current stack pointer pointing to the double fault stack.
    Type: Grant
    Filed: December 22, 2021
    Date of Patent: October 15, 2024
    Assignee: VMware LLC
    Inventors: Cyprien Laplace, Sunil Kumar Kotian, Andrei Warkentin, Regis Duchesne, Alexander Fainkichen, Shruthi Muralidhara Hiriyuru, Ye Li
  • Publication number: 20240256286
    Abstract: Systems and methods are included for causing a computing device to boot by retrieving hardware information from a device tree and further properties by utilizing a native access method call identified in the device tree. The access method can allow for getting a property, getting a property length, or setting a property. A table within firmware can identify the method, which then can retrieve the property information from memory. This Device tree Runtime (“DTRT”) mechanism can allow the computing device to retrieve the hardware configuration and act as a power management interface for turning on the correct hardware and hardware properties on the computing device.
    Type: Application
    Filed: January 27, 2023
    Publication date: August 1, 2024
    Inventors: Andrei Warkentin, Regis Duchesne, Renukanthan Raman
  • Patent number: 12007936
    Abstract: Disclosed are various examples of providing provide efficient waiting for detection of memory value updates for Advanced RISC Machines (ARM) architectures. An ARM processor component instructs a memory agent to perform a processing action, and executes a waiting function. The waiting function ensures that the processing action is completed by the memory agent. The waiting function performs an exclusive load at a memory location, and a wait for event (WFE) instruction that causes the ARM processor component to wait in a low-power mode for an event register to be set. Once the event register is set, the waiting function completes and a second processing action is executed by the ARM processor component.
    Type: Grant
    Filed: January 21, 2022
    Date of Patent: June 11, 2024
    Assignee: VMware LLC
    Inventors: Regis Duchesne, Andrei Warkentin, Cyprien Laplace, Ye Li, Alexander Fainkichen, Shruthi Hiriyuru, Sunil Kotian
  • Publication number: 20240184608
    Abstract: Techniques for enabling live migration of a VM across host systems that use different CPU platforms of the same ISA (e.g., ARM, RISC-V, etc.) via improved CPU errata handling are provided. In one set of embodiments, these techniques involve paravirtualizing the VM's guest OS to determine the CPU platforms and corresponding microarchitectures of all possible live migration targets (i.e., destination host systems) for the VM. This allows the guest OS to apply/enable appropriate software workarounds for addressing the errata of those various platforms and microarchitectures, which in turn allows the VM to be correctly live migrated to any of the targets.
    Type: Application
    Filed: December 2, 2022
    Publication date: June 6, 2024
    Inventors: Andrei Warkentin, Jared McNeill
  • Publication number: 20240163260
    Abstract: Systems and methods are described for secure management of a data processing unit (“DPU”). In an example, a baseboard management controller (“BMC”) can provision a DPU. Provisioning can include configuring a local storage device for DPU storage and locking access to the DPU storage with an encrypted access key. To boot the DPU, the BMC can initiate DPU firmware on the DPU. The DPU firmware can retrieve the access key from the BMC and unlock the DPU storage with the access key. The DPU firmware can be configured to then delete the access key. Once the DPU storage is unlocked, the DPU firmware can load an operating system of the DPU. The BMC can be the only entity that retains the access key. To perform a secure wipe, instructions can be provided to the BMC to delete the access key, which renders the DPU storage and all data therein inaccessible.
    Type: Application
    Filed: November 10, 2022
    Publication date: May 16, 2024
    Inventors: Andrei Warkentin, Adithya Uligere Narasimhamurthy, Alexander Fainkichen, Jared McNeil
  • Publication number: 20240152465
    Abstract: A hybrid scheme is provided for performing translation lookaside buffer (TLB) shootdowns in a computer system whose processing cores support both inter-processor interrupt (IPI) and broadcast TLB invalidate (TLBI) shootdown mechanisms. In one set of embodiments, this hybrid scheme dynamically determines, for each instance where a TLB shootdown is needed, whether to use the IPI mechanism or the broadcast TLBI mechanism to optimize shootdown performance (or otherwise make the TLB shootdown operation functional/practical).
    Type: Application
    Filed: November 7, 2022
    Publication date: May 9, 2024
    Inventors: Andrei Warkentin, Jared McNeill, Grant Foudree, Anil Veliyankaramadam
  • Patent number: 11971839
    Abstract: Disclosed are various approaches for exposing peripheral component interconnect express (PCIe) configuration space implementations as Enhanced Configuration Access Mechanism (ECAM)-compatible. In some examples, a bridge device is identified on a segment corresponding to a root complex of a computing device. An endpoint device is connected to a bus downstream from the bridge device. A synthetic segment identifier is assigned to the bus once the endpoint device is identified as connected to the bus. Synthetic address data is generated for the endpoint device. The synthetic address data includes the synthetic segment identifier for the bus and sets a bus identifier of the bus to zero regardless of a hierarchical position of the bus in a standard peripheral component interconnect express (PCIe) bus hierarchy.
    Type: Grant
    Filed: July 20, 2022
    Date of Patent: April 30, 2024
    Assignee: VMware, Inc.
    Inventor: Andrei Warkentin
  • Publication number: 20240119138
    Abstract: The disclosure herein describes deploying a Virtual Secure Enclave (VSE) using a universal enclave binary and a Trusted Runtime (TR). A universal enclave binary is generated that includes a set of binaries of Instruction Set Architectures (ISAs) associated with Trusted Execution Environment (TEE) hardware backends. A TEE hardware backend is identified in association with a VSE-compatible device. A VSE that is compatible with the identified TEE hardware backend is generated on the VSE-compatible device and an ISA binary that matches the TEE hardware backend is selected from the universal enclave binary. The selected binary is linked to a runtime library of the TR and loads the linked binary into memory of the generated VSE. The execution of a trusted application is initiated in the generated VSE using a set of interfaces of the TR. The trusted application depends on the TR interfaces rather than the selected ISA binary.
    Type: Application
    Filed: October 5, 2022
    Publication date: April 11, 2024
    Inventors: Ye LI, Anoop JAISHANKAR, John MANFERDELLI, David OTT, Andrei WARKENTIN
  • Patent number: 11954198
    Abstract: System and method for creating and managing trusted execution environments (TEEs) using different underlying hardware TEE mechanisms use a virtual secure enclave device which runs in a virtualized environment in a computer system. The device enables an enclave command transmitted to the virtual secure enclave device to be retrieved and parsed to extract an enclave operation to be executed. A TEE backend module is used to interact with a particular hardware TEE mechanism among those available in the computer system. The module ensures the enclave operation for the software process is executed by the particular hardware TEE mechanism, or the TEE scheme based on a particular hardware TEE mechanism.
    Type: Grant
    Filed: October 31, 2019
    Date of Patent: April 9, 2024
    Assignee: VMware, Inc.
    Inventors: Ye Li, David Ott, Cyprien Laplace, Andrei Warkentin, Regis Duchesne
  • Publication number: 20240028547
    Abstract: Disclosed are various approaches for exposing peripheral component interconnect express (PCIe) configuration space implementations as Enhanced Configuration Access Mechanism (ECAM)-compatible. In some examples, a bridge device is identified on a segment corresponding to a root complex of a computing device. An endpoint device is connected to a bus downstream from the bridge device. A synthetic segment identifier is assigned to the bus once the endpoint device is identified as connected to the bus. Synthetic address data is generated for the endpoint device. The synthetic address data includes the synthetic segment identifier for the bus and sets a bus identifier of the bus to zero regardless of a hierarchical position of the bus in a standard peripheral component interconnect express (PCIe) bus hierarchy.
    Type: Application
    Filed: July 20, 2022
    Publication date: January 25, 2024
    Inventor: Andrei Warkentin
  • Patent number: 11880301
    Abstract: Techniques for enabling efficient guest OS access to PCIe configuration space are provided. In one set of embodiments, a hypervisor can reserve a single host physical memory page in the host physical memory of a host system and can populate the single host physical memory page with a value indicating non-presence of PCIe device functions. The hypervisor can then create, for each guest physical memory page in a guest physical memory of a virtual machine (VM) corresponding to a PCIe configuration space of an absent PCIe device function in the VM, a mapping in the hypervisor's second-level page tables that maps the guest physical memory page to the single host physical memory page.
    Type: Grant
    Filed: December 21, 2022
    Date of Patent: January 23, 2024
    Assignee: VMware LLC
    Inventors: Andrei Warkentin, Alexander Fainkichen, Ye Li, Regis Duchesne, Cyprien Laplace, Shruthi Hiriyuru, Sunil Kotian