Patents by Inventor Jason W. Brandt

Jason W. Brandt has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210117372
    Abstract: A processor includes a widest set of data registers that corresponds to a given logical processor. Each of the data registers of the widest set have a first width in bits. A decode unit that corresponds to the given logical processor is to decode instructions that specify the data registers of the widest set, and is to decode an atomic store to memory instruction. The atomic store to memory instruction is to indicate data that is to have a second width in bits that is wider than the first width in bits. The atomic store to memory instruction is to indicate memory address information associated with a memory location. An execution unit is coupled with the decode unit. The execution unit, in response to the atomic store to memory instruction, is to atomically store the indicated data to the memory location.
    Type: Application
    Filed: December 22, 2020
    Publication date: April 22, 2021
    Inventors: Vedvyas Shanbhogue, Stephen J. Robinson, Christopher D. Bryant, Jason W. Brandt
  • Publication number: 20210117535
    Abstract: Disclosed embodiments relate to encoded inline capabilities. In one example, a system includes a trusted execution environment (TEE) to partition an address space within a memory into a plurality of compartments each associated with code to execute a function, the TEE further to assign a message object in a heap to each compartment, receive a request from a first compartment to send a message block to a specified destination compartment, respond to the request by authenticating the request, generating a corresponding encoded capability, conveying the encoded capability to the destination compartment, and scheduling the destination compartment to respond to the request, and subsequently, respond to a check capability request from the destination compartment by checking the encoded capability and, when the check passes, providing a memory address to access the message block, and, otherwise, generating a fault, wherein each compartment is isolated from other compartments.
    Type: Application
    Filed: December 7, 2020
    Publication date: April 22, 2021
    Inventors: Michael LEMAY, David M. DURHAM, Michael E. KOUNAVIS, Barry E. HUNTLEY, Vedvyas SHANBHOGUE, Jason W. BRANDT, Josh TRIPLETT, Gilbert NEIGER, Karanvir GREWAL, Baiju PATEL, Ye ZHUANG, Jr-Shian TSAI, Vadim SUKHOMLINOV, Ravi SAHITA, Mingwei ZHANG, James C. FARWELL, Amitabh DAS, Krishna BHUYAN
  • Publication number: 20210109684
    Abstract: A processor of an aspect includes a decode unit to decode an instruction. The processor also includes an execution unit coupled with the decode unit. The execution unit, in response to the instruction, is to determine that an attempted change due to the instruction, to a shadow stack pointer of a shadow stack, would cause the shadow stack pointer to exceed an allowed range. The execution unit is also to take an exception in response to determining that the attempted change to the shadow stack pointer would cause the shadow stack pointer to exceed the allowed range. Other processors, methods, systems, and instructions are disclosed.
    Type: Application
    Filed: December 22, 2020
    Publication date: April 15, 2021
    Inventors: VEDVYAS SHANBHOGUE, JASON W. BRANDT, RAVI L. SAHITA, BARRY E. HUNTLEY, BAIJU V. PATEL
  • Patent number: 10901940
    Abstract: A processor includes a widest set of data registers that corresponds to a given logical processor. Each of the data registers of the widest set have a first width in bits. A decode unit that corresponds to the given logical processor is to decode instructions that specify the data registers of the widest set, and is to decode an atomic store to memory instruction. The atomic store to memory instruction is to indicate data that is to have a second width in bits that is wider than the first width in bits. The atomic store to memory instruction is to indicate memory address information associated with a memory location. An execution unit is coupled with the decode unit. The execution unit, in response to the atomic store to memory instruction, is to atomically store the indicated data to the memory location.
    Type: Grant
    Filed: April 2, 2016
    Date of Patent: January 26, 2021
    Assignee: INTEL CORPORATION
    Inventors: Vedvyas Shanbhogue, Stephen J. Robinson, Christopher D. Bryant, Jason W. Brandt
  • Patent number: 10877806
    Abstract: In one embodiment, an apparatus comprises a first processor to generate a first cryptographic key in response to a request from a software application; receive a second cryptographic key generated by a second processor; encrypt the first cryptographic key using the second cryptographic key; and provide the encrypted first cryptographic key for use by the software application.
    Type: Grant
    Filed: June 14, 2017
    Date of Patent: December 29, 2020
    Assignee: INTEL CORPORATION
    Inventors: Daniel Nemiroff, Jason W. Brandt
  • Patent number: 10860709
    Abstract: Disclosed embodiments relate to encoded inline capabilities. In one example, a system includes a trusted execution environment (TEE) to partition an address space within a memory into a plurality of compartments each associated with code to execute a function, the TEE further to assign a message object in a heap to each compartment, receive a request from a first compartment to send a message block to a specified destination compartment, respond to the request by authenticating the request, generating a corresponding encoded capability, conveying the encoded capability to the destination compartment, and scheduling the destination compartment to respond to the request, and subsequently, respond to a check capability request from the destination compartment by checking the encoded capability and, when the check passes, providing a memory address to access the message block, and, otherwise, generating a fault, wherein each compartment is isolated from other compartments.
    Type: Grant
    Filed: June 29, 2018
    Date of Patent: December 8, 2020
    Assignee: Intel Corporation
    Inventors: Michael Lemay, David M. Durham, Michael E. Kounavis, Barry E. Huntley, Vedvyas Shanbhogue, Jason W. Brandt, Josh Triplett, Gilbert Neiger, Karanvir Grewal, Baiju V. Patel, Ye Zhuang, Jr-Shian Tsai, Vadim Sukhomlinov, Ravi Sahita, Mingwei Zhang, James C. Farwell, Amitabh Das, Krishna Bhuyan
  • Publication number: 20200382303
    Abstract: A processor core that includes a token generator circuit is to execute a first instruction in response to initialization of a software program that requests access to protected data output by a cryptographic operation. To execute the first instruction, the processor core is to: retrieve a key that is to be used by the cryptographic operation; trigger the token generator circuit to generate an authorization token; cryptographically encode the key and the authorization token within a key handle; store the key handle in memory; and embed the authorization token within a cryptographic instruction that is to perform the cryptographic operation. The cryptographic instruction may be associated with a first logical compartment of the software program that is authorized access to the protected data.
    Type: Application
    Filed: August 20, 2020
    Publication date: December 3, 2020
    Applicant: Intel Corporation
    Inventors: Milind Girkar, Jason W. Brandt, Michael LeMay
  • Publication number: 20200379917
    Abstract: A processing system includes a processing core to execute a virtual machine (VM) comprising a guest operating system (OS) and a memory management unit, communicatively coupled to the processing core, comprising a storage device to store an extended page table entry (EPTE) comprising a mapping from a guest physical address (GPA) associated with the guest OS to an identifier of a memory frame, a first plurality of access right flags associated with accessing the memory frame in a first page mode referenced by an attribute of a memory page identified by the GPA, and a second plurality of access right flags associated with accessing the memory frame in a second page mode referenced by the attribute of the memory page identified by the GPA.
    Type: Application
    Filed: June 12, 2020
    Publication date: December 3, 2020
    Inventors: Gilbert Neiger, Baiju V. Patel, Gur Hildesheim, Ron Rais, Andrew V. Anderson, Jason W. Brandt, David M. Durham, Barry E. Huntley, Raanan Sade, Ravi L. Sahita, Vedvyas Shanbhogue, Arumugam Thiyagarajah
  • Patent number: 10785028
    Abstract: A processor core that includes a token generator circuit is to execute a first instruction in response to initialization of a software program that requests access to protected data output by a cryptographic operation. To execute the first instruction, the processor core is to: retrieve a key that is to be used by the cryptographic operation; trigger the token generator circuit to generate an authorization token; cryptographically encode the key and the authorization token within a key handle; store the key handle in memory; and embed the authorization token within a cryptographic instruction that is to perform the cryptographic operation. The cryptographic instruction may be associated with a first logical compartment of the software program that is authorized access to the protected data.
    Type: Grant
    Filed: June 29, 2018
    Date of Patent: September 22, 2020
    Assignee: Intel Corporation
    Inventors: Milind Girkar, Jason W. Brandt, Michael LeMay
  • Patent number: 10740249
    Abstract: In one embodiment of the present invention, a method includes switching between a first address space and a second address space, determining if the second address space exists in a list of address spaces; and maintaining entries of the first address space in a translation buffer after the switching. In such manner, overhead associated with such a context switch may be reduced.
    Type: Grant
    Filed: May 2, 2019
    Date of Patent: August 11, 2020
    Assignee: Intel Corporation
    Inventors: Jason W. Brandt, Sanjoy K. Mondal, Richard A. Uhlig, Gilbert Neiger, Robert T. George
  • Publication number: 20200242003
    Abstract: A processor is to execute and retire instructions for a virtual machine. A reload register is coupled to the core is to store a reload value. A performance monitoring counter (PMC) register is coupled to the reload register and an event-based sampler operatively is coupled to the reload register and the PMC register. The event-based sampler includes circuitry to load the reload value into the PMC register and increment the PMC register after detecting each occurrence of an event of a certain type as a result of execution of the instructions. Upon detecting an occurrence of the event after the PMC register reaches a predetermined trigger value, the event-based sampler is to execute microcode to generate field data for elements within a sampling record, wherein the field data relates to a current processor state of execution, and reload the reload value from the reload register into the PMC register.
    Type: Application
    Filed: December 2, 2019
    Publication date: July 30, 2020
    Inventors: Matthew C. Merten, Beeman C. Strong, Michael W. Chynoweth, Grant G. Zhou, Andreas Kleen, Kimberly C. Weier, Angela D. Schmid, Stanislav Bratanov, Seth Abraham, Jason W. Brandt, Ahmad Yasin
  • Publication number: 20200233664
    Abstract: Method and apparatus for efficient range-based memory writeback is described herein. One embodiment of an apparatus includes a system memory, a plurality of hardware processor cores each of which includes a first cache, a decoder circuitry to decode an instruction having fields for a first memory address and a range indicator, and an execution circuitry to execute the decoded instruction. Together, the first memory address and the range indicator define a contiguous region in the system memory that includes one or more cache lines. An execution of the decoded instruction causes any instances of the one or more cache lines in the first cache to be invalidated. Additionally, any invalidated instances of the one or more cache lines that are dirty are to be stored to system memory.
    Type: Application
    Filed: December 17, 2019
    Publication date: July 23, 2020
    Applicant: Intel Corporation
    Inventors: Ren Wang, Chunhui Zhang, Qixiong J. Bian, Bret L. Toll, Jason W. Brandt
  • Publication number: 20200225950
    Abstract: A processor includes an execution unit and a processing logic operatively coupled to the execution unit, the processing logic to: enter a first execution state and transition to a second execution state responsive to executing a control transfer instruction. Responsive to executing a target instruction of the control transfer instruction, the processing logic further transitions to the first execution state responsive to the target instruction being a control transfer termination instruction of a mode identical to a mode of the processing logic following the execution of the control transfer instruction; and raises an execution exception responsive to the target instruction being a control transfer termination instruction of a mode different than the mode of the processing logic following the execution of the control transfer instruction.
    Type: Application
    Filed: January 13, 2020
    Publication date: July 16, 2020
    Inventors: Vedvyas Shanbhogue, Jason W. Brandt, Ravi L. Sahita, Xiaoning Li
  • Patent number: 10713177
    Abstract: A processing system includes a processing core to execute a virtual machine (VM) comprising a guest operating system (OS) and a memory management unit, communicatively coupled to the processing core, comprising a storage device to store an extended page table entry (EPTE) comprising a mapping from a guest physical address (GPA) associated with the guest OS to an identifier of a memory frame, a first plurality of access right flags associated with accessing the memory frame in a first page mode referenced by an attribute of a memory page identified by the GPA, and a second plurality of access right flags associated with accessing the memory frame in a second page mode referenced by the attribute of the memory page identified by the GPA.
    Type: Grant
    Filed: September 9, 2016
    Date of Patent: July 14, 2020
    Assignee: Intel Corporation
    Inventors: Gilbert Neiger, Baiju V. Patel, Gur Hildesheim, Ron Rais, Andrew V. Anderson, Jason W. Brandt, David M. Durham, Barry E. Huntley, Raanan Sade, Ravi L. Sahita, Vedvyas Shanbhogue, Arumugam Thiyagarajah
  • Publication number: 20200210178
    Abstract: A processor includes a counter to store a cycle count that tracks a number of cycles between retirement of a first branch instruction and retirement of a second branch instruction during execution of a set of instructions. The processor further includes a stack of registers coupled to the counter, wherein the stack of registers is to store branch type information including: a first value of the counter when the first branch instruction is retired; a second value of the counter when the second branch instruction is retired; a first type information value indicating a type of the first branch instruction; and a second type information value indicating a type of the second branch instruction.
    Type: Application
    Filed: March 6, 2020
    Publication date: July 2, 2020
    Inventors: Michael W. Chynoweth, Jonathan D. Combs, Joseph K. Olivas, Beeman C. Strong, Rajshree A. Chabukswar, Ahmad Yasin, Jason W. Brandt, Ofer Levy, John M. Esper, Andreas Kleen, Christopher M. Chrulski
  • Publication number: 20200201789
    Abstract: Technologies disclosed herein provide cryptographic computing with cryptographically encoded pointers in multi-tenant environments. An example method comprises executing, by a trusted runtime, first instructions to generate a first address key for a private memory region in the memory and generate a first cryptographically encoded pointer to the private memory region in the memory. Generating the first cryptographically encoded pointer includes storing first context information associated with the private memory region in first bits of the first cryptographically encoded pointer and performing a cryptographic algorithm on a slice of a first linear address of the private memory region based, at least in part, on the first address key and a first tweak, the first tweak including the first context information. The method further includes permitting a first tenant in the multi-tenant environment to access the first address key and the first cryptographically encoded pointer to the private memory region.
    Type: Application
    Filed: January 10, 2020
    Publication date: June 25, 2020
    Applicant: Intel Corporation
    Inventors: David M. Durham, Michael LeMay, Ramya Jayaram Masti, Gilbert Neiger, Jason W. Brandt
  • Patent number: 10678575
    Abstract: A processing core comprising instruction execution logic circuitry and register space. The register space to be loaded from a VMCS, commensurate with a VM entry, with information indicating whether a service provided by the processing core on behalf of the VMM is enabled. The instruction execution logic to, in response to guest software invoking an instruction: refer to the register space to confirm that the service has been enabled, and, refer to second register space or memory space to fetch input parameters for said service written by said guest software.
    Type: Grant
    Filed: October 30, 2017
    Date of Patent: June 9, 2020
    Assignee: Intel Corporation
    Inventors: Gilbert Neiger, Barry E. Huntley, Ravi L. Sahita, Vedvyas Shanbhogue, Jason W. Brandt
  • Patent number: 10671547
    Abstract: Methods and apparatus relating to lightweight trusted tasks are disclosed. In one embodiment, a processor includes a memory interface to a memory to store code, data, and stack segments for a lightweight-trusted task (LTT) mode task and for another task, a LTT control and status register including a lock bit, a processor core to enable LTT-mode, configure the LTT-mode task, and lock down the configuration by writing the lock bit, and a memory protection circuit to: receive a memory access request from the memory interface, the memory access request being associated with the other task, determine whether the memory access request is attempting to access a protected memory region of the LTT-mode task, and protect against the memory access request accessing the protected memory region of the LTT-mode task, regardless of a privilege level of the other task, and regardless of whether the other task is also a LTT-mode task.
    Type: Grant
    Filed: December 19, 2016
    Date of Patent: June 2, 2020
    Assignee: Intel Corporation
    Inventors: Patrick Koeberl, Steffen Schulz, Vedvyas Shanbhogue, Jason W. Brandt, Venkateswara R. Madduri, Sang W. Kim, Julien Carreno
  • Publication number: 20200159676
    Abstract: Technologies disclosed herein provide cryptographic computing with cryptographically encoded pointers in multi-tenant environments. An example method comprises executing, by a trusted runtime, first instructions to generate a first address key for a private memory region in the memory and generate a first cryptographically encoded pointer to the private memory region in the memory. Generating the first cryptographically encoded pointer includes storing first context information associated with the private memory region in first bits of the first cryptographically encoded pointer and performing a cryptographic algorithm on a slice of a first linear address of the private memory region based, at least in part, on the first address key and a first tweak, the first tweak including the first context information. The method further includes permitting a first tenant in the multi-tenant environment to access the first address key and the first cryptographically encoded pointer to the private memory region.
    Type: Application
    Filed: December 20, 2019
    Publication date: May 21, 2020
    Applicant: Intel Corporation
    Inventors: David M. Durham, Michael LeMay, Ramya Jayaram Masti, Gilbert Neiger, Jason W. Brandt
  • Publication number: 20200134234
    Abstract: A processor comprising a first register to store a wrapping key, a second register to store a pointer to a handle stored in a memory coupled to the processor, the handle comprising a cryptographic key encrypted using the wrapping key, and a core to execute a decryption instruction. The core is to, responsive to the decryption instruction, identify, in the decryption instruction, a pointer to ciphertext stored in the memory, retrieve the ciphertext and the handle from the memory, decrypt the cryptographic key of the handle based on the wrapping key, and decrypt the ciphertext based on the decrypted cryptographic key.
    Type: Application
    Filed: December 20, 2019
    Publication date: April 30, 2020
    Applicant: Intel Corporation
    Inventors: Michael LeMay, David M. Durham, Jason W. Brandt