Patents by Inventor Andrei Warkentin
Andrei Warkentin has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20250147796Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system (OS). A management hypervisor installer executed on a host device launches or causes a server component to provide a management operating system (OS) installer image at a particular URI accessible over a network internal to the host device. A baseboard management controller (BMC) transfers the DPU management OS installer image to the DPU device. A volatile memory based virtual disk is created using the DPU management OS installer image. The DPU device is booted to a DPU management OS installer on the volatile memory based virtual disk. The DPU management OS installer installs a DPU management operating system to a nonvolatile memory of the DPU device on reboot of the DPU device.Type: ApplicationFiled: January 13, 2025Publication date: May 8, 2025Inventors: Andrei Warkentin, Aravinda Haryadi, Lingyuan He, Suman Boro, Karthik Ramachandra, Anjaneya Prasad Gondi, Renaud Benjamin Voltz
-
Patent number: 12277422Abstract: Systems and methods are included for causing a computing device to boot by retrieving hardware information from a device tree and further properties by utilizing a native access method call identified in the device tree. The access method can allow for getting a property, getting a property length, or setting a property. A table within firmware can identify the method, which then can retrieve the property information from memory. This Device tree Runtime (“DTRT”) mechanism can allow the computing device to retrieve the hardware configuration and act as a power management interface for turning on the correct hardware and hardware properties on the computing device.Type: GrantFiled: January 27, 2023Date of Patent: April 15, 2025Assignee: VMware LLCInventors: Andrei Warkentin, Regis Duchesne, Renukanthan Raman
-
Patent number: 12253956Abstract: A hybrid scheme is provided for performing translation lookaside buffer (TLB) shootdowns in a computer system whose processing cores support both inter-processor interrupt (IPI) and broadcast TLB invalidate (TLBI) shootdown mechanisms. In one set of embodiments, this hybrid scheme dynamically determines, for each instance where a TLB shootdown is needed, whether to use the IPI mechanism or the broadcast TLBI mechanism to optimize shootdown performance (or otherwise make the TLB shootdown operation functional/practical).Type: GrantFiled: November 7, 2022Date of Patent: March 18, 2025Assignee: VMWare LLCInventors: Andrei Warkentin, Jared McNeill, Grant Foudree, Anil Veliyankaramadam
-
Patent number: 12248799Abstract: An example method of managing guest time for a virtual machine (VM) supported by a hypervisor of a virtualized host computer includes: configuring, by the hypervisor, a central processing unit (CPU) of the host computer to trap, to the hypervisor, access by guest code in the VM to a physical counter and timer of the CPU; configuring, by the hypervisor, the guest code in the VM to use the physical counter and timer of the CPU rather than a virtual counter and timer of the CPU; trapping, at the hypervisor, an access to the physical counter and timer by the guest code; and executing, by the hypervisor, the access to the physical counter and timer on behalf of the guest code while compensating for an adjustment of a system count of the physical counter and timer to maintain the guest time as scaled with respect to frequency of the physical counter and timer.Type: GrantFiled: December 16, 2021Date of Patent: March 11, 2025Assignee: VMware LLCInventors: Andrei Warkentin, Ye Li, Alexander Fainkichen, Regis Duchesne, Cyprien Laplace, Shruthi Muralidhara Hiriyuru, Sunil Kumar Kotian
-
Patent number: 12197939Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system (OS). A management hypervisor installer executed on a host device launches or causes a server component to provide a management operating system (OS) installer image at a particular URI accessible over a network internal to the host device. A baseboard management controller (BMC) transfers the DPU management OS installer image to the DPU device. A volatile memory based virtual disk is created using the DPU management OS installer image. The DPU device is booted to a DPU management OS installer on the volatile memory based virtual disk. The DPU management OS installer installs a DPU management operating system to a nonvolatile memory of the DPU device on reboot of the DPU device.Type: GrantFiled: March 25, 2022Date of Patent: January 14, 2025Assignee: VMware LLCInventors: Andrei Warkentin, Aravinda Haryadi, Lingyuan He, Suman Boro, Karthik Ramachandra, Anjaneya Prasad Gondi, Renaud Benjamin Voltz
-
Patent number: 12190122Abstract: Examples provide for automatically provisioning hosts in a cloud environment. A cloud daemon generates a cloud host-state configuration, for a given cloud instance of a host, stored on a cloud metadata service prior to first boot of the given cloud instance of the host. A first boot of a plurality of cloud instances of hosts is performed using a stateless, master boot image lacking host-specific configuration data. On completion of the first boot of a given cloud instance of a host, the cloud host-state configuration is installed on the master boot image to generate a self-configured boot image including host-specific configuration data for the given cloud instance of the host. A second boot is performed on the given cloud instance of the host by executing the self-configured boot image to automatically provision the given cloud instance of the host in the cloud environment.Type: GrantFiled: August 16, 2021Date of Patent: January 7, 2025Assignee: VMware LLCInventors: Andrei Warkentin, Harvey Tuch, William Lam
-
Patent number: 12182602Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system using a capsule. A management hypervisor installer executed on a host device receives a listing DPU device from a baseboard management controller (BMC). A preinstalled DPU management operating system image is identified for a DPU device from the listing, and is wrapped with a capsule that specifies the capsule as a DPU management operating system image capsule. A server component provides the DPU management operating system image capsule at a particular URI, and the URI is transmitted to the BMC.Type: GrantFiled: March 25, 2022Date of Patent: December 31, 2024Assignee: VMware LLCInventors: Andrei Warkentin, Karthik Ramachandra, Timothy P. Mann, Jared Mcneill, Sunil Kotian, Cyprien Laplace, David A Dunn
-
Patent number: 12175257Abstract: Disclosed are various examples of provisioning a data processing unit (DPU) management operating system (OS). A host device boots a host provisioning image, which executes a host provisioning agent. The host provisioning agent launches a server component that serves a DPU management OS. A provisioning command is transmitted to a DPU device installed to the host device. The server component transmits the DPU management OS from the host device to the DPU device. A host OS is executed once an indication that the DPU device is executing on the DPU management OS is received.Type: GrantFiled: April 7, 2022Date of Patent: December 24, 2024Assignee: VMware LLCInventors: Andrei Warkentin, Sunil Kotian
-
Patent number: 12147530Abstract: The disclosure herein describes deploying a Virtual Secure Enclave (VSE) using a universal enclave binary and a Trusted Runtime (TR). A universal enclave binary is generated that includes a set of binaries of Instruction Set Architectures (ISAs) associated with Trusted Execution Environment (TEE) hardware backends. A TEE hardware backend is identified in association with a VSE-compatible device. A VSE that is compatible with the identified TEE hardware backend is generated on the VSE-compatible device and an ISA binary that matches the TEE hardware backend is selected from the universal enclave binary. The selected binary is linked to a runtime library of the TR and loads the linked binary into memory of the generated VSE. The execution of a trusted application is initiated in the generated VSE using a set of interfaces of the TR. The trusted application depends on the TR interfaces rather than the selected ISA binary.Type: GrantFiled: October 5, 2022Date of Patent: November 19, 2024Assignee: VMware LLCInventors: Ye Li, Anoop Jaishankar, John Manferdelli, David Ott, Andrei Warkentin
-
Patent number: 12118362Abstract: An example method of exception handling in a computer system is described. The computer system includes a physical central processing unit (PCPU) and a system memory, the system memory storing a first stack, a second stack, and a double fault stack associated with the PCPU. The method includes: storing, by an exception handler executing in the computer system, an exception frame on the double fault stack in response to a stack overflow condition of the first stack; switching, by the exception handler, a first stack pointer of the PCPU from pointing to the first stack to pointing to the double fault stack; setting a current stack pointer of the PCPU to the first stack pointer; and executing software on the PCPU with the current stack pointer pointing to the double fault stack.Type: GrantFiled: December 22, 2021Date of Patent: October 15, 2024Assignee: VMware LLCInventors: Cyprien Laplace, Sunil Kumar Kotian, Andrei Warkentin, Regis Duchesne, Alexander Fainkichen, Shruthi Muralidhara Hiriyuru, Ye Li
-
Publication number: 20240256286Abstract: Systems and methods are included for causing a computing device to boot by retrieving hardware information from a device tree and further properties by utilizing a native access method call identified in the device tree. The access method can allow for getting a property, getting a property length, or setting a property. A table within firmware can identify the method, which then can retrieve the property information from memory. This Device tree Runtime (“DTRT”) mechanism can allow the computing device to retrieve the hardware configuration and act as a power management interface for turning on the correct hardware and hardware properties on the computing device.Type: ApplicationFiled: January 27, 2023Publication date: August 1, 2024Inventors: Andrei Warkentin, Regis Duchesne, Renukanthan Raman
-
Patent number: 12007936Abstract: Disclosed are various examples of providing provide efficient waiting for detection of memory value updates for Advanced RISC Machines (ARM) architectures. An ARM processor component instructs a memory agent to perform a processing action, and executes a waiting function. The waiting function ensures that the processing action is completed by the memory agent. The waiting function performs an exclusive load at a memory location, and a wait for event (WFE) instruction that causes the ARM processor component to wait in a low-power mode for an event register to be set. Once the event register is set, the waiting function completes and a second processing action is executed by the ARM processor component.Type: GrantFiled: January 21, 2022Date of Patent: June 11, 2024Assignee: VMware LLCInventors: Regis Duchesne, Andrei Warkentin, Cyprien Laplace, Ye Li, Alexander Fainkichen, Shruthi Hiriyuru, Sunil Kotian
-
Publication number: 20240184608Abstract: Techniques for enabling live migration of a VM across host systems that use different CPU platforms of the same ISA (e.g., ARM, RISC-V, etc.) via improved CPU errata handling are provided. In one set of embodiments, these techniques involve paravirtualizing the VM's guest OS to determine the CPU platforms and corresponding microarchitectures of all possible live migration targets (i.e., destination host systems) for the VM. This allows the guest OS to apply/enable appropriate software workarounds for addressing the errata of those various platforms and microarchitectures, which in turn allows the VM to be correctly live migrated to any of the targets.Type: ApplicationFiled: December 2, 2022Publication date: June 6, 2024Inventors: Andrei Warkentin, Jared McNeill
-
Publication number: 20240163260Abstract: Systems and methods are described for secure management of a data processing unit (“DPU”). In an example, a baseboard management controller (“BMC”) can provision a DPU. Provisioning can include configuring a local storage device for DPU storage and locking access to the DPU storage with an encrypted access key. To boot the DPU, the BMC can initiate DPU firmware on the DPU. The DPU firmware can retrieve the access key from the BMC and unlock the DPU storage with the access key. The DPU firmware can be configured to then delete the access key. Once the DPU storage is unlocked, the DPU firmware can load an operating system of the DPU. The BMC can be the only entity that retains the access key. To perform a secure wipe, instructions can be provided to the BMC to delete the access key, which renders the DPU storage and all data therein inaccessible.Type: ApplicationFiled: November 10, 2022Publication date: May 16, 2024Inventors: Andrei Warkentin, Adithya Uligere Narasimhamurthy, Alexander Fainkichen, Jared McNeil
-
Publication number: 20240152465Abstract: A hybrid scheme is provided for performing translation lookaside buffer (TLB) shootdowns in a computer system whose processing cores support both inter-processor interrupt (IPI) and broadcast TLB invalidate (TLBI) shootdown mechanisms. In one set of embodiments, this hybrid scheme dynamically determines, for each instance where a TLB shootdown is needed, whether to use the IPI mechanism or the broadcast TLBI mechanism to optimize shootdown performance (or otherwise make the TLB shootdown operation functional/practical).Type: ApplicationFiled: November 7, 2022Publication date: May 9, 2024Inventors: Andrei Warkentin, Jared McNeill, Grant Foudree, Anil Veliyankaramadam
-
Patent number: 11971839Abstract: Disclosed are various approaches for exposing peripheral component interconnect express (PCIe) configuration space implementations as Enhanced Configuration Access Mechanism (ECAM)-compatible. In some examples, a bridge device is identified on a segment corresponding to a root complex of a computing device. An endpoint device is connected to a bus downstream from the bridge device. A synthetic segment identifier is assigned to the bus once the endpoint device is identified as connected to the bus. Synthetic address data is generated for the endpoint device. The synthetic address data includes the synthetic segment identifier for the bus and sets a bus identifier of the bus to zero regardless of a hierarchical position of the bus in a standard peripheral component interconnect express (PCIe) bus hierarchy.Type: GrantFiled: July 20, 2022Date of Patent: April 30, 2024Assignee: VMware, Inc.Inventor: Andrei Warkentin
-
Publication number: 20240119138Abstract: The disclosure herein describes deploying a Virtual Secure Enclave (VSE) using a universal enclave binary and a Trusted Runtime (TR). A universal enclave binary is generated that includes a set of binaries of Instruction Set Architectures (ISAs) associated with Trusted Execution Environment (TEE) hardware backends. A TEE hardware backend is identified in association with a VSE-compatible device. A VSE that is compatible with the identified TEE hardware backend is generated on the VSE-compatible device and an ISA binary that matches the TEE hardware backend is selected from the universal enclave binary. The selected binary is linked to a runtime library of the TR and loads the linked binary into memory of the generated VSE. The execution of a trusted application is initiated in the generated VSE using a set of interfaces of the TR. The trusted application depends on the TR interfaces rather than the selected ISA binary.Type: ApplicationFiled: October 5, 2022Publication date: April 11, 2024Inventors: Ye LI, Anoop JAISHANKAR, John MANFERDELLI, David OTT, Andrei WARKENTIN
-
Patent number: 11954198Abstract: System and method for creating and managing trusted execution environments (TEEs) using different underlying hardware TEE mechanisms use a virtual secure enclave device which runs in a virtualized environment in a computer system. The device enables an enclave command transmitted to the virtual secure enclave device to be retrieved and parsed to extract an enclave operation to be executed. A TEE backend module is used to interact with a particular hardware TEE mechanism among those available in the computer system. The module ensures the enclave operation for the software process is executed by the particular hardware TEE mechanism, or the TEE scheme based on a particular hardware TEE mechanism.Type: GrantFiled: October 31, 2019Date of Patent: April 9, 2024Assignee: VMware, Inc.Inventors: Ye Li, David Ott, Cyprien Laplace, Andrei Warkentin, Regis Duchesne
-
Publication number: 20240028547Abstract: Disclosed are various approaches for exposing peripheral component interconnect express (PCIe) configuration space implementations as Enhanced Configuration Access Mechanism (ECAM)-compatible. In some examples, a bridge device is identified on a segment corresponding to a root complex of a computing device. An endpoint device is connected to a bus downstream from the bridge device. A synthetic segment identifier is assigned to the bus once the endpoint device is identified as connected to the bus. Synthetic address data is generated for the endpoint device. The synthetic address data includes the synthetic segment identifier for the bus and sets a bus identifier of the bus to zero regardless of a hierarchical position of the bus in a standard peripheral component interconnect express (PCIe) bus hierarchy.Type: ApplicationFiled: July 20, 2022Publication date: January 25, 2024Inventor: Andrei Warkentin
-
Patent number: 11880301Abstract: Techniques for enabling efficient guest OS access to PCIe configuration space are provided. In one set of embodiments, a hypervisor can reserve a single host physical memory page in the host physical memory of a host system and can populate the single host physical memory page with a value indicating non-presence of PCIe device functions. The hypervisor can then create, for each guest physical memory page in a guest physical memory of a virtual machine (VM) corresponding to a PCIe configuration space of an absent PCIe device function in the VM, a mapping in the hypervisor's second-level page tables that maps the guest physical memory page to the single host physical memory page.Type: GrantFiled: December 21, 2022Date of Patent: January 23, 2024Assignee: VMware LLCInventors: Andrei Warkentin, Alexander Fainkichen, Ye Li, Regis Duchesne, Cyprien Laplace, Shruthi Hiriyuru, Sunil Kotian