Patents by Inventor Francis McKeen

Francis McKeen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20220207147
    Abstract: Embodiments for dynamically mitigating speculation vulnerabilities are disclosed. In an embodiment, an apparatus includes decode circuitry and execution circuitry coupled to the decode circuitry. The decode circuitry is to decode a register hardening instruction to mitigate vulnerability to a speculative execution attack. The execution circuitry is to be hardened in response to the register hardening instruction.
    Type: Application
    Filed: December 26, 2020
    Publication date: June 30, 2022
    Applicant: Intel Corporation
    Inventors: Carlos Rozas, Fangfei Liu, Xiang Zou, Francis McKeen, Jason W. Brandt, Joseph Nuzman, Alaa Alameldeen, Abhishek Basak, Scott Constable, Thomas Unterluggauer, Asit Mallick, Matthew Fernandez
  • Publication number: 20220207138
    Abstract: Embodiments for dynamically mitigating speculation vulnerabilities are disclosed. In an embodiment, an apparatus includes a decode circuitry and store circuitry coupled to the decode circuitry. The decode circuitry is to decode a store hardening instruction to mitigate vulnerability to a speculative execution attack. The store circuitry is to be hardened in response to the store hardening instruction.
    Type: Application
    Filed: December 26, 2020
    Publication date: June 30, 2022
    Applicant: Intel Corporation
    Inventors: Carlos Rozas, Fangfei Liu, Xiang Zou, Francis McKeen, Jason W. Brandt, Joseph Nuzman, Alaa Alameldeen, Abhishek Basak, Scott Constable, Thomas Unterluggauer, Asit Mallick, Matthew Fernandez
  • Publication number: 20220207146
    Abstract: Embodiments for dynamically mitigating speculation vulnerabilities are disclosed. In an embodiment, an apparatus includes decode circuitry and load circuitry coupled to the decode circuitry. The decode circuitry is to decode a load hardening instruction to mitigate vulnerability to a speculative execution attack. The load circuitry is to be hardened in response to the load hardening instruction.
    Type: Application
    Filed: December 26, 2020
    Publication date: June 30, 2022
    Applicant: Intel Corporation
    Inventors: Carlos Rozas, Fangfei Liu, Xiang Zou, Francis McKeen, Jason W. Brandt, Joseph Nuzman, Alaa Alameldeen, Abhishek Basak, Scott Constable, Thomas Unterluggauer, Asit Mallick, Matthew Fernandez
  • Publication number: 20220207154
    Abstract: Embodiments for dynamically mitigating speculation vulnerabilities are disclosed. In an embodiment, an apparatus includes a hybrid key generator and memory protection hardware. The hybrid key generator is to generate a hybrid key based on a public key and multiple process identifiers. Each of the process identifiers corresponds to one or more memory spaces in a memory. The memory protection hardware is to use the first hybrid key to protect to the memory spaces.
    Type: Application
    Filed: December 26, 2020
    Publication date: June 30, 2022
    Applicant: Intel Corporation
    Inventors: Richard Winterton, Mohammad Reza Haghighat, Asit Mallick, Alaa Alameldeen, Abhishek Basak, Jason W. Brandt, Michael Chynoweth, Carlos Rozas, Scott Constable, Martin Dixon, Matthew Fernandez, Fangfei Liu, Francis McKeen, Joseph Nuzman, Gilles Pokam, Thomas Unterluggauer, Xiang Zou
  • Publication number: 20220207148
    Abstract: Embodiments for dynamically mitigating speculation vulnerabilities are disclosed. In an embodiment, an apparatus includes decode circuitry and branch circuitry coupled to the decode circuitry. The decode circuitry is to decode a branch hardening instruction to mitigate vulnerability to a speculative execution attack. The branch circuitry is to be hardened in response to the branch hardening instruction.
    Type: Application
    Filed: December 26, 2020
    Publication date: June 30, 2022
    Applicant: Intel Corporation
    Inventors: Carlos Rozas, Fangfei Liu, Xiang Zou, Francis McKeen, Jason W. Brandt, Joseph Nuzman, Alaa Alameldeen, Abhishek Basak, Scott Constable, Thomas Unterluggauer, Asit Mallick, Matthew Fernandez
  • Publication number: 20220206818
    Abstract: Embodiments for dynamically mitigating speculation vulnerabilities are disclosed. In an embodiment, an apparatus includes decode circuitry and execution circuitry coupled to the decode circuitry. The decode circuitry is to decode a single instruction to mitigate vulnerability to a speculative execution attack. The execution circuitry is to be hardened in response to the single instruction.
    Type: Application
    Filed: December 26, 2020
    Publication date: June 30, 2022
    Applicant: Intel Corporation
    Inventors: Alaa Alameldeen, Carlos Rozas, Fangfei Liu, Xiang Zou, Francis McKeen, Jason W. Brandt, Joseph Nuzman, Abhishek Basak, Scott Constable, Thomas Unterluggauer, Asit Mallick, Matthew Fernandez
  • Publication number: 20220200783
    Abstract: Techniques and mechanisms for a victim cache to operate in conjunction with a skewed cache to help mitigate the risk of a side-channel attack. In an embodiment, a first line is evicted from a skewed cache, and moved to a victim cache, based on a message indicating that a second line is to be stored to the skewed cache. Subsequently, a request to access the first line results in a search of both the victim cache and sets of the skewed cache which have been mapped to an address corresponding to the first line. Based on the search, the first line is evicted from the victim cache, and reinserted in the skewed cache. In another embodiment, reinsertion of the first line in the skewed cache includes the first line and a third line being swapped between the skewed cache and the victim cache.
    Type: Application
    Filed: December 18, 2020
    Publication date: June 23, 2022
    Applicant: Intel Corporation
    Inventors: Thomas Unterluggauer, Alaa Alameldeen, Scott Constable, Fangfei Liu, Francis McKeen, Carlos Rozas, Anna Trikalinou
  • Publication number: 20220091851
    Abstract: In one embodiment, a processor includes: a decode circuit to decode a load instruction that is to load an operand to a destination register, the decode circuit to generate at least one fencing micro-operation (?op) associated with the destination register; and a scheduler circuit coupled to the decode circuit. The scheduler circuit is to prevent speculative execution of one or more instructions that consume the operand in response to the at least one fencing ?op. Other embodiments are described and claimed.
    Type: Application
    Filed: September 23, 2020
    Publication date: March 24, 2022
    Inventors: FANGFEI LIU, ALAA ALAMELDEEN, ABHISHEK BASAK, SCOTT CONSTABLE, FRANCIS MCKEEN, JOSEPH NUZMAN, CARLOS ROZAS, THOMAS UNTERLUGGAUER, XIANG ZOU
  • Publication number: 20210200551
    Abstract: An apparatus and method for tracking speculative execution flow and detecting potential vulnerabilities.
    Type: Application
    Filed: December 27, 2019
    Publication date: July 1, 2021
    Applicant: Intel Corporation
    Inventors: CARLOS ROZAS, FRANCIS MCKEEN, PASQUALE COCCHINI, MELTEM OZSOY, MATTHEW FERNANDEZ
  • Publication number: 20210200858
    Abstract: Embodiments of processors, methods, and systems for executing code in a protected memory container by a trust domain are disclosed. In an embodiment, a processor includes a memory controller to enable creation of a trust domain and a core to enable the trust domain to execute code in a protected memory container.
    Type: Application
    Filed: December 28, 2019
    Publication date: July 1, 2021
    Applicant: Intel Corporation
    Inventors: Dror Caspi, Vedvyas Shanbhogue, Ido Ouziel, Francis McKeen, Baruch Chaikin, Carlos V. Rozas
  • Publication number: 20210200552
    Abstract: An apparatus and method for non-speculative resource deallocation.
    Type: Application
    Filed: December 27, 2019
    Publication date: July 1, 2021
    Inventors: FANGFEI LIU, CARLOS ROZAS, THOMAS UNTERLUGGAUER, FRANCIS MCKEEN, ALAA ALAMELDEEN, Abhishek Basak, XIANG ZOU, RON GABOR, JIYONG YU
  • Publication number: 20210110070
    Abstract: Example methods and systems are directed to reducing latency in providing trusted execution environments (TEES). Initializing a TEE includes multiple steps before the TEE starts executing. Besides workload-specific initialization, workload-independent initialization is performed, such as adding memory to the TEE. In function-as-a-service (FaaS) environments, a large portion of the TEE is workload-independent, and thus can be performed prior to receiving the workload. Certain steps performed during TEE initialization are identical for certain classes of workloads. Thus, the common parts of the TEE initialization sequence may be performed before the TEE is requested. When a TEE is requested for a workload in the class and the parts to specialize the TEE for its particular purpose are known, the final steps to initialize the TEE are performed.
    Type: Application
    Filed: December 22, 2020
    Publication date: April 15, 2021
    Inventors: Anjo Lucas Vahldiek-Oberwagner, Ravi L. Sahita, Mona Vij, Rameshkumar Illikkal, Michael Steiner, Thomas Knauth, Dmitrii Kuvaiskii, Sudha Krishnakumar, Krystof C. Zmudzinski, Vincent Scarlata, Francis McKeen
  • Patent number: 10970390
    Abstract: A processor includes a processing core to identify a code comprising a plurality of instructions to be executed in the architecturally-protected environment, determine that a first physical memory page stored in the architecturally-protected memory matches a first virtual memory page referenced by a first instruction of the plurality of instructions, generate a first address mapping between a first address of the first virtual memory page and a second address of the first physical memory page, store, in the cache memory, the address translation data structure comprising the first address mapping, and execute the code by retrieving the first address mapping in the address translation data structures to be executed in the architecturally-protected environment, determine that a first physical memory page stored in the architecturally-protected memory matches a first virtual memory page referenced by a first instruction of the plurality of instructions, generate a first address mapping between a first address of
    Type: Grant
    Filed: February 15, 2018
    Date of Patent: April 6, 2021
    Assignee: Intel Corporation
    Inventors: Francis McKeen, Bin Xing, Krystof Zmudzinski, Carlos Rozas, Mona Vij
  • Patent number: 10922088
    Abstract: Detailed herein are systems, apparatuses, and methods for a computer architecture with instruction set support to mitigate against page fault- and/or cache-based side-channel attacks. In an embodiment, an apparatus includes a decoder to decode a first instruction, the first instruction having a first field for a first opcode that indicates that execution circuitry is to set a first flag in a first register that indicates a mode of operation that redirects program flow to an exception handler upon the occurrence of an event. The apparatus further includes execution circuitry to execute the decoded first instruction to set the first flag in the first register that indicates the mode of operation and to store an address of an exception handler in a second register.
    Type: Grant
    Filed: June 29, 2018
    Date of Patent: February 16, 2021
    Assignee: Intel Corporation
    Inventors: Fangfei Liu, Bin Xing, Michael Steiner, Mona Vij, Carlos Rozas, Francis McKeen, Meltem Ozsoy, Matthew Fernandez, Krystof Zmudzinski, Mark Shanahan
  • Publication number: 20200410094
    Abstract: Embodiments of methods and apparatuses for hardware load hardening are disclosed. In an embodiment, a processor includes safe logic, data forwarding hardware, and data fetching hardware. The safe logic is to determine whether a load is safe. The data forwarding hardware is to, in response to a determination that the load is safe, forward data requested by the load. The data fetching logic is to fetch the data requested by the load, regardless of the determination that the load is safe.
    Type: Application
    Filed: June 29, 2019
    Publication date: December 31, 2020
    Applicant: Intel Corporation
    Inventors: Fangfei Liu, Alaa Alameldeen, Abhishek Basak, Ron Gabor, Francis McKeen, Joseph Nuzman, Carlos Rozas, Igor Yanover, Xiang Zou
  • Publication number: 20200272474
    Abstract: Embodiments of methods and apparatuses for restricted speculative execution are disclosed. In an embodiment, a processor includes configuration storage, an execution circuit, and a controller. The configuration storage is to store an indicator to enable a restricted speculative execution mode of operation of the processor, wherein the processor is to restrict speculative execution when operating in restricted speculative execution mode. The execution circuit is to perform speculative execution. The controller to restrict speculative execution by the execution circuit when the restricted speculative execution mode is enabled.
    Type: Application
    Filed: June 17, 2019
    Publication date: August 27, 2020
    Applicant: Intel Corporation
    Inventors: Ron Gabor, Alaa Alameldeen, Abhishek Basak, Fangfei Liu, Francis McKeen, Joseph Nuzman, Carlos Rozas, Igor Yanover, Xiang Zou
  • Publication number: 20200004552
    Abstract: Detailed herein are systems, apparatuses, and methods for a computer architecture with instruction set support to mitigate against page fault- and/or cache-based side-channel attacks. In an embodiment, an apparatus includes a decoder to decode a first instruction, the first instruction having a first field for a first opcode that indicates that execution circuitry is to set a first flag in a first register that indicates a mode of operation that redirects program flow to an exception handler upon the occurrence of an event. The apparatus further includes execution circuitry to execute the decoded first instruction to set the first flag in the first register that indicates the mode of operation and to store an address of an exception handler in a second register.
    Type: Application
    Filed: June 29, 2018
    Publication date: January 2, 2020
    Inventors: Fangfei LIU, Bin XING, Michael STEINER, Mona VIJ, Carlos ROZAS, Francis MCKEEN, Meltem OZSOY, Matthew FERNANDEZ, Krystof ZMUDZINSKI, Mark SHANAHAN
  • Publication number: 20190251257
    Abstract: A processor includes a processing core to identify a code comprising a plurality of instructions to be executed in the architecturally-protected environment, determine that a first physical memory page stored in the architecturally-protected memory matches a first virtual memory page referenced by a first instruction of the plurality of instructions, generate a first address mapping between a first address of the first virtual memory page and a second address of the first physical memory page, store, in the cache memory, the address translation data structure comprising the first address mapping, and execute the code by retrieving the first address mapping in the address translation data structures to be executed in the architecturally-protected environment, determine that a first physical memory page stored in the architecturally-protected memory matches a first virtual memory page referenced by a first instruction of the plurality of instructions, generate a first address mapping between a first address of
    Type: Application
    Filed: February 15, 2018
    Publication date: August 15, 2019
    Inventors: Francis McKeen, Bin Xing, Krystof Zmudzinski, Carlos Rozas, Mona Vij
  • Patent number: 9971705
    Abstract: Embodiments of apparatuses and methods including virtual address memory range registers are disclosed. In one embodiment, a processor includes a memory interface, address translation hardware, and virtual memory address comparison hardware. The memory interface is to access a system memory using a physical memory address. The address translation hardware is to support translation of a virtual memory address to the physical memory address. The virtual memory address is used by software to access a virtual memory location in the virtual memory address space of the processor. The virtual memory address comparison hardware is to determine whether the virtual memory address is within a virtual memory address range.
    Type: Grant
    Filed: February 19, 2016
    Date of Patent: May 15, 2018
    Assignee: Intel Corporation
    Inventors: Gur Hildesheim, Shlomo Raikin, Ittai Anati, Gideon Gerzon, Uday Savagaonkar, Francis Mckeen, Carlos Rozas, Michael Goldsmith, Prashant Dewan
  • Patent number: 9698989
    Abstract: Embodiments of an invention for feature licensing in a secure processing environment are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive an instruction to initialize a secure enclave. The execution unit is to execute the instruction. Execution of the instruction includes determining whether a requested feature is licensed for use in the secure enclave.
    Type: Grant
    Filed: July 23, 2013
    Date of Patent: July 4, 2017
    Assignee: Intel Corporation
    Inventors: Vincent Scarlata, Carlos Rozas, Simon Johnson, Uday Savagaonkar, Ittai Anati, Francis McKeen, Michael Goldsmith