Patents by Inventor Josh P. de Cesare

Josh P. de Cesare has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11822664
    Abstract: Techniques are disclosed relating to securing computing devices during boot. In various embodiments, a secure circuit of a computing device generates for a public key pair and signs, using a private key of the public key pair, configuration settings for an operating system of the computing device. A bootloader of the computing device receives a certificate for the public key pair from a certificate authority and initiates a boot sequence to load the operating system. The boot sequence includes the bootloader verifying the signed configuration settings using a public key included in the certificate and the public key pair. In some embodiments, the secure circuit cryptographically protects the private key based on a passcode of a user, the passcode being usable by the user to authenticate to the computing device.
    Type: Grant
    Filed: November 6, 2020
    Date of Patent: November 21, 2023
    Assignee: Apple Inc.
    Inventors: Xeno S. Kovah, Nikolaj Schlej, Thomas P. Mensch, Wade Benson, Jerrold V. Hauck, Josh P. de Cesare, Austin G. Jennings, John J. Dong, Robert C. Graham, Jacques Fortier
  • Publication number: 20230066750
    Abstract: Techniques are disclosed relating a computer system in a power-down state receiving a communication from a remote computer system and performing a task indicated by the communication. The computer system in a power-down state performs the task without transitioning from the power-down state into a power-up state. Exemplary tasks performed in the power-down state include uploading one or more files to a remote computer system, downloading one or more files from a remote computer system, deleting one or more files from the computer system, accessing input/output devices, disabling the computer system, and performing a memory check on the computer system.
    Type: Application
    Filed: October 24, 2022
    Publication date: March 2, 2023
    Inventors: Timothy R. Paaske, Josh P. de Cesare
  • Patent number: 11481019
    Abstract: Techniques are disclosed relating a computer system in a power-down state receiving a communication from a remote computer system and performing a task indicated by the communication. The computer system in a power-down state performs the task without transitioning from the power-down state into a power-up state. Exemplary tasks performed in the power-down state include uploading one or more files to a remote computer system, downloading one or more files from a remote computer system, deleting one or more files from the computer system, accessing input/output devices, disabling the computer system, and performing a memory check on the computer system.
    Type: Grant
    Filed: August 14, 2020
    Date of Patent: October 25, 2022
    Assignee: Apple Inc.
    Inventors: Timothy R. Paaske, Josh P. de Cesare
  • Publication number: 20210397716
    Abstract: Techniques are disclosed relating to securing computing devices during boot. In various embodiments, a secure circuit of a computing device generates for a public key pair and signs, using a private key of the public key pair, configuration settings for an operating system of the computing device. A bootloader of the computing device receives a certificate for the public key pair from a certificate authority and initiates a boot sequence to load the operating system. The boot sequence includes the bootloader verifying the signed configuration settings using a public key included in the certificate and the public key pair. In some embodiments, the secure circuit cryptographically protects the private key based on a passcode of a user, the passcode being usable by the user to authenticate to the computing device.
    Type: Application
    Filed: November 6, 2020
    Publication date: December 23, 2021
    Inventors: Xeno S. Kovah, Nikolaj Schlej, Thomas P. Mensch, Wade Benson, Jerrold V. Hauck, Josh P. de Cesare, Austin G. Jennings, John J. Dong, Robert C. Graham, Jacques Fortier
  • Patent number: 11200303
    Abstract: Techniques are disclosed relating to providing audio prompts. In one embodiment, a computing device includes a display, an audio circuit coupled to a speaker, first and second processors, and memory. The memory has first program instructions executable by the first processor to provide, via a first operating system of the computing device, a visual prompt to the display to cause the display to present the visual prompt to a user and send, to the second processor, a request to provide an audio prompt corresponding to the visual prompt via the speaker to the user. The computing device also includes memory having second program instructions executable by the second processor to, in response to the request, provide, via a second operating system, an instruction to the audio circuit to play the audio prompt via the speaker.
    Type: Grant
    Filed: September 27, 2018
    Date of Patent: December 14, 2021
    Assignee: Apple Inc.
    Inventors: Gregory F. Hughes, Anthony J. Chivetta, Brett D. George, Josh P. de Cesare, Santo S. Sapienza, Ion Valentin Pistol
  • Patent number: 11068419
    Abstract: Techniques are disclosed concerning secure access to data in a computing device. In one embodiment, a computing device includes a communication interface, a memory, a memory controller, and a security processor. The communication interface may communicate with a different computing device. The security processor may generate a host key in response to a successful authentication of the different computing device, and then encrypt a memory key using the host key. The security processor may also send the encrypted memory key to the memory controller, and send the host key to the different computing device. The host key may be included by the different computing device in a subsequent memory request to access data in the memory. The memory controller may, in response to the subsequent memory request, use the included host key to decrypt the encrypted memory key and use the decrypted memory key to access the data.
    Type: Grant
    Filed: February 10, 2020
    Date of Patent: July 20, 2021
    Assignee: Apple Inc.
    Inventors: Josh P. de Cesare, Wade Benson, Fabrice L. Gautier, Kaiehu Kaahaaina
  • Patent number: 10747295
    Abstract: Techniques are disclosed relating a computer system in a power-down state receiving a communication from a remote computer system and performing a task indicated by the communication. The computer system in a power-down state performs the task without transitioning from the power-down state into a power-up state. Exemplary tasks performed in the power-down state include uploading one or more files to a remote computer system, downloading one or more files from a remote computer system, deleting one or more files from the computer system, accessing input/output devices, disabling the computer system, and performing a memory check on the computer system.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: August 18, 2020
    Assignee: Apple Inc.
    Inventors: Timothy R. Paaske, Josh P. de Cesare
  • Patent number: 10558589
    Abstract: Techniques are disclosed concerning secure access to data in a computing device. In one embodiment, a computing device includes a communication interface, a memory, a memory controller, and a security processor. The communication interface may communicate with a different computing device. The security processor may generate a host key in response to a successful authentication of the different computing device, and then encrypt a memory key using the host key. The security processor may also send the encrypted memory key to the memory controller, and send the host key to the different computing device. The host key may be included by the different computing device in a subsequent memory request to access data in the memory. The memory controller may, in response to the subsequent memory request, use the included host key to decrypt the encrypted memory key and use the decrypted memory key to access the data.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: February 11, 2020
    Assignee: Apple Inc.
    Inventors: Josh P. de Cesare, Wade Benson, Fabrice L. Gautier, Kaiehu Kaahaaina
  • Publication number: 20190180015
    Abstract: Techniques are disclosed relating to providing audio prompts. In one embodiment, a computing device includes a display, an audio circuit coupled to a speaker, first and second processors, and memory. The memory has first program instructions executable by the first processor to provide, via a first operating system of the computing device, a visual prompt to the display to cause the display to present the visual prompt to a user and send, to the second processor, a request to provide an audio prompt corresponding to the visual prompt via the speaker to the user. The computing device also includes memory having second program instructions executable by the second processor to, in response to the request, provide, via a second operating system, an instruction to the audio circuit to play the audio prompt via the speaker.
    Type: Application
    Filed: September 27, 2018
    Publication date: June 13, 2019
    Inventors: Gregory F. Hughes, Anthony J. Chivetta, Brett D. George, Josh P. de Cesare, Santo S. Sapienza, Ion Valentin Pistol
  • Patent number: 10049073
    Abstract: An interface emulator for an IC is disclosed. An interface emulator includes a first first-in, first-out memory (FIFO) and a second FIFO. The first FIFO is coupled to receive data from an access port and a second FIFO coupled to receive data from at least one functional unit in the IC. The access port may be coupled to a device that is external to the IC. The external device may write information into the first FIFO, and this information may subsequently be read by a functional unit in the IC. Similarly, the functional unit may write information into the second FIFO, with the external device subsequently reading the information. Information may be written into the FIFOs in accordance with a predefined protocol. Thus, a particular type of interface may be emulated even though the physical connection and supporting circuitry for that interface is not otherwise implemented in the IC.
    Type: Grant
    Filed: June 13, 2017
    Date of Patent: August 14, 2018
    Assignee: Apple Inc.
    Inventors: Michael J. Smith, Josh P. de Cesare, Brijesh Tripathi, Derek Iwamoto, Shane J Keil
  • Patent number: 9959120
    Abstract: In an embodiment, an integrated circuit includes at least one processor. The processor may include a reset vector base address register configured to store a reset vector address for the processor. Responsive to a reset, the processor may be configured to capture a reset vector address on an input, updating the reset vector base address register. Upon release from reset, the processor may initiate instruction execution at the reset vector address. The integrated circuit may further include a logic circuit that is coupled to provide the reset vector address. The logic circuit may include a register that is programmable with the reset vector address. More particularly, in an embodiment, the register may be programmable via a write operation issued by the processor (e.g. a memory-mapped write operation). Accordingly, the reset vector address may be programmable in the integrated circuit, and may be changed from time to time.
    Type: Grant
    Filed: January 25, 2013
    Date of Patent: May 1, 2018
    Assignee: Apple Inc.
    Inventors: Josh P. de Cesare, Gerard R. Williams, III, Michael J. Smith, Wei-Han Lien
  • Publication number: 20170277648
    Abstract: An interface emulator for an IC is disclosed. An interface emulator includes a first first-in, first-out memory (FIFO) and a second FIFO. The first FIFO is coupled to receive data from an access port and a second FIFO coupled to receive data from at least one functional unit in the IC. The access port may be coupled to a device that is external to the IC. The external device may write information into the first FIFO, and this information may subsequently be read by a functional unit in the IC. Similarly, the functional unit may write information into the second FIFO, with the external device subsequently reading the information. Information may be written into the FIFOs in accordance with a predefined protocol. Thus, a particular type of interface may be emulated even though the physical connection and supporting circuitry for that interface is not otherwise implemented in the IC.
    Type: Application
    Filed: June 13, 2017
    Publication date: September 28, 2017
    Inventors: Michael J. Smith, Josh P. de Cesare, Brijesh Tripathi, Derek Iwamoto, Shane J. Keil
  • Patent number: 9703748
    Abstract: An interface emulator for an IC is disclosed. An interface emulator includes a first first-in, first-out memory (FIFO) and a second FIFO. The first FIFO is coupled to receive data from an access port and a second FIFO coupled to receive data from at least one functional unit in the IC. The access port may be coupled to a device that is external to the IC. The external device may write information into the first FIFO, and this information may subsequently be read by a functional unit in the IC. Similarly, the functional unit may write information into the second FIFO, with the external device subsequently reading the information. Information may be written into the FIFOs in accordance with a predefined protocol. Thus, a particular type of interface may be emulated even though the physical connection and supporting circuitry for that interface is not otherwise implemented in the IC.
    Type: Grant
    Filed: August 14, 2014
    Date of Patent: July 11, 2017
    Assignee: Apple Inc.
    Inventors: Michael J. Smith, Josh P. de Cesare, Brijesh Tripathi, Derek Iwamoto, Shane J Keil
  • Patent number: 9645630
    Abstract: Techniques are disclosed relating to power management within an integrated circuits. In one embodiment an apparatus is disclosed that includes a circuit and a power management unit. The power management unit is configured to provide, based on a programmable setting, an indication of whether an attempted communication to the circuit is permitted to cause the circuit to exit from a power-managed state. In some embodiments, the apparatus includes a fabric configured to transmit the attempted communication to the circuit from a device. In such an embodiment, the circuit is configured to exit the power-managed state in response to receiving the attempted communication. The fabric is configured to determine whether to transmit the attempted communication based on the indication provided by the power management unit.
    Type: Grant
    Filed: January 18, 2013
    Date of Patent: May 9, 2017
    Assignee: Apple Inc.
    Inventors: Shane J. Keil, Erik P. Machnicki, Josh P. de Cesare
  • Patent number: 9262353
    Abstract: In one embodiment, an interrupt controller may implement an interrupt distribution scheme for distributing interrupts among multiple processors. The scheme may take into account various processor state in determining which processor should receive a given interrupt. For example, the processor state may include whether or not the processor is in a sleep state, whether or not interrupts are enabled, whether or not the processor has responded to previous interrupts, etc. The interrupt controller may implement timeout mechanisms to detect that an interrupt is being delayed (e.g. after being offered to a processor). The interrupt may be re-evaluated at the expiration of a timeout, and potentially offered to another processor. The interrupt controller may be configured to automatically, and atomically, mask an interrupt in response to delivering an interrupt vector for the interrupt to a responding processor.
    Type: Grant
    Filed: January 6, 2015
    Date of Patent: February 16, 2016
    Assignee: Apple Inc.
    Inventors: Josh P. de Cesare, Ruchi Wadhawan, Erik P. Machnicki, Mark D. Hayter
  • Publication number: 20150356050
    Abstract: An interface emulator for an IC is disclosed. An interface emulator includes a first first-in, first-out memory (FIFO) and a second FIFO. The first FIFO is coupled to receive data from an access port and a second FIFO coupled to receive data from at least one functional unit in the IC. The access port may be coupled to a device that is external to the IC. The external device may write information into the first FIFO, and this information may subsequently be read by a functional unit in the IC. Similarly, the functional unit may write information into the second FIFO, with the external device subsequently reading the information. Information may be written into the FIFOs in accordance with a predefined protocol. Thus, a particular type of interface may be emulated even though the physical connection and supporting circuitry for that interface is not otherwise implemented in the IC.
    Type: Application
    Filed: August 14, 2014
    Publication date: December 10, 2015
    Inventors: Michael J. Smith, Josh P. de Cesare, Brijesh Tripathi, Derek Iwamoto, Shane J. Keil
  • Patent number: 9201821
    Abstract: A system and method for maintaining accurate interrupt timestamps. A semiconductor chip includes an interrupt controller (IC) with an interface to multiple sources of interrupts. In response to receiving an interrupt, the IC copies and records the value stored in a main time base counter used for maintaining a global elapsed time. The IC sends an indication of the interrupt to a corresponding processor. Either an interrupt service routine (ISR) or a device driver requests a timestamp associated with the interrupt. Rather than send a request to the operating system to obtain a current value stored in the main time base counter, the processor requests the recorded timestamp from the IC. The IC identifies the stored timestamp associated with the interrupt and returns it to the processor.
    Type: Grant
    Filed: September 27, 2012
    Date of Patent: December 1, 2015
    Assignee: Apple Inc.
    Inventors: Erik P. Machnicki, Josh P. de Cesare, Manu Gulati
  • Patent number: 9081517
    Abstract: A system and method for automatically updating with hardware clock tree settings on a system-on-a-chip (SOC). A SOC includes a hardware clock control unit (HCCU) coupled to a software interface and a clock tree. The SOC also includes multiple integrated circuit (IC) devices, wherein each IC device receives one or more associated core clocks provided by one or more phase lock loops (PLLs) via the clock tree. The HCCU receives a software-initiated request specifying a given IC device is to be enabled. The HCCU identifies one or more core clocks used by the given IC device. For each one of the identified core clocks, the HCCU configures associated circuitry within the clock tree to generate an identified core clock. The HCCU may also traverse the clock tree and disable clock generating gates found not to drive any other enabled gates or IC devices.
    Type: Grant
    Filed: August 31, 2011
    Date of Patent: July 14, 2015
    Assignee: Apple Inc.
    Inventors: Kleanthes Koniaris, Josh P. de Cesare, Timothy J. Millet, Jung Wook Cho, Erik Machnicki
  • Patent number: 9043632
    Abstract: An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory.
    Type: Grant
    Filed: September 25, 2012
    Date of Patent: May 26, 2015
    Assignee: Apple Inc.
    Inventors: Erik P. Machnicki, Manu Gulati, Josh P. de Cesare
  • Publication number: 20150113193
    Abstract: In one embodiment, an interrupt controller may implement an interrupt distribution scheme for distributing interrupts among multiple processors. The scheme may take into account various processor state in determining which processor should receive a given interrupt. For example, the processor state may include whether or not the processor is in a sleep state, whether or not interrupts are enabled, whether or not the processor has responded to previous interrupts, etc. The interrupt controller may implement timeout mechanisms to detect that an interrupt is being delayed (e.g. after being offered to a processor). The interrupt may be re-evaluated at the expiration of a timeout, and potentially offered to another processor. The interrupt controller may be configured to automatically, and atomically, mask an interrupt in response to delivering an interrupt vector for the interrupt to a responding processor.
    Type: Application
    Filed: January 6, 2015
    Publication date: April 23, 2015
    Inventors: Josh P. de Cesare, Ruchi Wadhawan, Erik P. Machnicki, Mark D. Hayter