Abstract: The present disclosure is directed to secure sensor data transport and processing. End-to-end security may prevent attackers from altering data during the sensor-based security procedure. For example, following sensor data capture execution in a device may be temporarily suspended. During the suspension of execution, sensor interface circuitry in the device may copy the sensor data from a memory location associated with the sensor to a trusted execution environment (TEE) within the device. The TEE may provide a secure location in which the sensor data may be processed and a determination may be made as to whether to grant access to the secure resources. The TEE may comprise, for example, match circuitry to compare the sensor data to previously captured sensor data for users that are allowed to access the secured resources and output circuitry to grant access to the secured resources or to perform activities associated with a security exception.

Abstract: Embodiments are directed to securing system management mode (SMM) in a computer system. A CPU is configurable to execute first code in a normal mode, and second code in a SSM. A SMM control engine is operative to transition the CPU from the normal mode to the SMM in response to a SMM transition call, and to control access by the CPU in the SMM to data from an originator of the SMM transition call. The access is controlled based on an authorization state assigned to the SMM transition call. An authorization engine is operative to perform authentication of the originator of the SMM transition call and to assign the authorization state based on an authentication result. The CPU in the SMM is prevented from accessing the data in response to the authentication result being a failure of authentication.

Abstract: The present disclosure is directed to secure sensor data transport and processing. End-to-end security may prevent attackers from altering data during the sensor-based security procedure. For example, following sensor data capture execution in a device may be temporarily suspended. During the suspension of execution, sensor interface circuitry in the device may copy the sensor data from a memory location associated with the sensor to a trusted execution environment (TEE) within the device. The TEE may provide a secure location in which the sensor data may be processed and a determination may be made as to whether to grant access to the secure resources. The TEE may comprise, for example, match circuitry to compare the sensor data to previously captured sensor data for users that are allowed to access the secured resources and output circuitry to grant access to the secured resources or to perform activities associated with a security exception.

Abstract: Examples may include sleds for a rack in a data center including physical compute resources and memory for the physical compute resources. The memory can be disaggregated, or organized into near and far memory. A first sled can comprise the physical compute resources and a first set of physical memory resources while a second sled can comprise a second set of physical memory resources. The first set of physical memory resources can be coupled to the physical compute resources via a local interface while the second set of physical memory resources can be coupled to the physical compute resources via a fabric.

Abstract: The present disclosure is directed to secure sensor data transport and processing. End-to-end security may prevent attackers from altering data during the sensor-based security procedure. For example, following sensor data capture execution in a device may be temporarily suspended. During the suspension of execution, sensor interface circuitry in the device may copy the sensor data from a memory location associated with the sensor to a trusted execution environment (TEE) within the device. The TEE may provide a secure location in which the sensor data may be processed and a determination may be made as to whether to grant access to the secure resources. The TEE may comprise, for example, match circuitry to compare the sensor data to previously captured sensor data for users that are allowed to access the secured resources and output circuitry to grant access to the secured resources or to perform activities associated with a security exception.

Abstract: Configurable central processing unit (CPU) package substrates are disclosed. A package substrate is described that includes a processing device interface. The package substrate also includes a memory device electrical interface disposed on the package substrate. The package substrate also includes a removable memory mechanical interface disposed proximately to the memory device electrical interface. The removable memory mechanical interface is to allow a memory device to be easily removed from the package substrate after attachment of the memory device to the package substrate.

Abstract: Configurable central processing unit (CPU) package substrates are disclosed. A package substrate is described that includes a processing device interface. The package substrate also includes a memory device electrical interface disposed on the package substrate. The package substrate also includes a removable memory mechanical interface disposed proximately to the memory device electrical interface. The removable memory mechanical interface is to allow a memory device to be easily removed from the package substrate after attachment of the memory device to the package substrate.

Abstract: The present disclosure is directed to secure sensor data transport and processing. End-to-end security may prevent attackers from altering data during the sensor-based security procedure. For example, following sensor data capture execution in a device may be temporarily suspended. During the suspension of execution, sensor interface circuitry in the device may copy the sensor data from a memory location associated with the sensor to a trusted execution environment (TEE) within the device. The TEE may provide a secure location in which the sensor data may be processed and a determination may be made as to whether to grant access to the secure resources. The TEE may comprise, for example, match circuitry to compare the sensor data to previously captured sensor data for users that are allowed to access the secured resources and output circuitry to grant access to the secured resources or to perform activities associated with a security exception.

Abstract: A system and method are described for integrating a memory and storage hierarchy including a non-volatile memory tier within a computer system. In one embodiment, PCMS memory devices are used as one tier in the hierarchy, sometimes referred to as “far memory.” Higher performance memory devices such as DRAM placed in front of the far memory and are used to mask some of the performance limitations of the far memory. These higher performance memory devices are referred to as “near memory.

Abstract: The present disclosure is directed to secure sensor data transport and processing. End-to-end security may prevent attackers from altering data during the sensor-based security procedure. For example, following sensor data capture execution in a device may be temporarily suspended. During the suspension of execution, sensor interface circuitry in the device may copy the sensor data from a memory location associated with the sensor to a trusted execution environment (TEE) within the device. The TEE may provide a secure location in which the sensor data may be processed and a determination may be made as to whether to grant access to the secure resources. The TEE may comprise, for example, match circuitry to compare the sensor data to previously captured sensor data for users that are allowed to access the secured resources and output circuitry to grant access to the secured resources or to perform activities associated with a security exception.

Abstract: A system and method are described for integrating a memory and storage hierarchy including a non-volatile memory tier within a computer system. In one embodiment, PCMS memory devices are used as one tier in the hierarchy, sometimes referred to as “far memory.” Higher performance memory devices such as DRAM placed in front of the far memory and are used to mask some of the performance limitations of the far memory. These higher performance memory devices are referred to as “near memory.

Abstract: Systems and methods of implementing server architectures that can facilitate the servicing of memory components in computer systems. The systems and methods employ nonvolatile memory/storage modules that include nonvolatile memory (NVM) that can be used for system memory and mass storage, as well as firmware memory. The respective NVM/storage modules can be received in front or rear-loading bays of the computer systems. The systems and methods further employ single, dual, or quad socket processors, in which each processor is communicably coupled to at least some of the NVM/storage modules disposed in the front or rear-loading bays by one or more memory and/or input/output (I/O) channels. By employing NVM/storage modules that can be received in front or rear-loading bays of computer systems, the systems and methods provide memory component serviceability heretofore unachievable in computer systems implementing conventional server architectures.

Abstract: Configurable central processing unit (CPU) package substrates are disclosed. A package substrate is described that includes a processing device interface. The package substrate also includes a memory device electrical interface disposed on the package substrate. The package substrate also includes a removable memory mechanical interface disposed proximately to the memory device electrical interface. The removable memory mechanical interface is to allow a memory device to be easily removed from the package substrate after attachment of the memory device to the package substrate.

Abstract: A system and method are described for integrating a memory and storage hierarchy including a non-volatile memory tier within a computer system. In one embodiment, PCMS memory devices are used as one tier in the hierarchy, sometimes referred to as “far memory.” Higher performance memory devices such as DRAM placed in front of the far memory and are used to mask some of the performance limitations of the far memory. These higher performance memory devices are referred to as “near memory.

Abstract: A system and method are described for integrating a memory and storage hierarchy including a non-volatile memory tier within a computer system. In one embodiment, PCMS memory devices are used as one tier in the hierarchy, sometimes referred to as “far memory.” Higher performance memory devices such as DRAM placed in front of the far memory and are used to mask some of the performance limitations of the far memory. These higher performance memory devices are referred to as “near memory.

Abstract: A system and method are described for integrating a memory and storage hierarchy including a non-volatile memory tier within a computer system. In one embodiment, PCMS memory devices are used as one tier in the hierarchy, sometimes referred to as “far memory.” Higher performance memory devices such as DRAM placed in front of the far memory and are used to mask some of the performance limitations of the far memory. These higher performance memory devices are referred to as “near memory.

Abstract: A system that may optionally be partitioned into multiple domains is disclosed. Each domain is capable of independently powering on, executing a firmware program, and loading an operating system, including a legacy operating system, as well as running an application program that is distinct from programs running on another domain. Interrupts, including boot interrupts, reset handlers, and inter-chassis communications are initialized differently, depending on whether the system is to be partitioned or not. The cost of redundant hardware and/or firmware is substantially avoided, yet the system fully supports multiple domains.