Patents by Inventor Mauro Sergio Martins Rodrigues
Mauro Sergio Martins Rodrigues has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11755753Abstract: Secure memory sharing between enclaves (virtual machines) and virtual input/output adapters includes, in response to a request for an enclave to create a virtual input/output adapter, creating a virtual input/output adapter associated with the enclave, creating a non-sharable micro-enclave, to contain only data, nested within the enclave to use with the virtual input/output adapter, generating a key by a memory encryption engine of an ultravisor for the virtual input/output adapter for use by only the virtual input/output adapter, in response to a request to obtain data from the enclave by the virtual input/output adapter, exchanging the key with the non-sharable micro-enclave, in response to receiving the key, decrypting memory of only the non-sharable micro-enclave associated with the virtual input/output adapter to obtain the data, and sending the data from the non-sharable micro-enclave nested within the enclave to the virtual input/output adapter.Type: GrantFiled: June 13, 2018Date of Patent: September 12, 2023Assignee: Kyndryl, Inc.Inventors: Breno H. Leitao, Mauro Sergio Martins Rodrigues, Daniel Battaiola Kreling, Rafael Camarda Silva Folco
-
Patent number: 11194724Abstract: Systems and methods for improved process caching through iterative feedback are disclosed. In embodiments, a computer implemented method comprises retrieving updated metadata of a process to be executed, wherein the updated metadata includes information regarding cache misses from a prior execution of the process; automatically modifying a setting of a data stream control register based on the updated metadata; automatically setting a hint at a data cache block touch module; performing an initial execution of the process after the steps of retrieving the updated metadata, automatically modifying the setting of the data stream control register, and automatically setting the hint at the data cache block touch module; and modifying the updated metadata of the process after the execution of the process based on cache miss statistical data gathered during the execution of the process, to produce newly updated metadata.Type: GrantFiled: September 30, 2019Date of Patent: December 7, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco, Daniel Battaiola Kreling, Breno H. Leitao
-
Patent number: 11079940Abstract: Embodiments of the present invention disclose a method, computer program product, and system for managing memory bandwidth usage in software containers. Software container properties are received from a software container engine. In response to detecting the execution of one or more software containers by the software container engine, a monitoring layer is generated. At periodic time intervals, the generated monitoring layer monitors a memory bandwidth use value associated with each of the executed software containers. For each periodic time interval, an average memory use value is calculated, associated with each executed software container. In response to the calculated average memory use value being above a threshold associated with a monitored software container of the executed containers, the monitored software container is suspended for a suspend time duration. The suspended monitored software container is reactivated based on the suspend time duration expiring.Type: GrantFiled: April 22, 2019Date of Patent: August 3, 2021Assignee: International Business Machines CorporationInventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10936330Abstract: Booting a virtual machine instance using remote direct memory access is provided. In response to beginning to receive pages of a predetermined set of pages corresponding to a requested image of a virtual machine from an image provider server, a boot process of an instance of the virtual machine is commenced while the received pages are written directly into a random-access memory (RAM) disk. The received pages are read from the RAM disk during the boot process of the instance of the virtual machine until transfer of the predetermined set of pages corresponding to the requested image is complete. The predetermined set of pages corresponding to the requested image are written to a local hard disk drive from the memory releasing memory usage. In response to completing the boot process, a RAM image is switched to a local hard disk drive image.Type: GrantFiled: May 21, 2018Date of Patent: March 2, 2021Assignee: International Business Machines CorporationInventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10754776Abstract: Systems and methods for cache balance when using hardware transactional memory are disclosed. A method includes: determining, by a computing device, a hardware transactional memory (HTM) attrition rate for a workload in a distributed computing environment; determining, by the computing device, whether or not the HTM attrition rate for the workload exceeds a predetermined threshold; and in response to determining that the HTM attrition rate for the workload does not exceed the predetermined threshold, the computing device causing a requested HTM transaction to begin.Type: GrantFiled: July 30, 2018Date of Patent: August 25, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Daniel Battaiola Kreling, Breno H. Leitao, Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco
-
Patent number: 10635605Abstract: Disclosed embodiments provide techniques for inter-enclave communication through shared memory. Enclaves (containers) operate in a protected memory space that inhibits the use of shared memory. Disclosed embodiments enable enclaves to use shared memory, eliminating the communication bottlenecks associated with networking. A memory cryptography coprocessor implemented in hardware generates shared memory key data for a shared memory region that is to be used by two or more enclaves. The shared memory key data is sent to the enclaves that require a shared memory interface. The enclaves access the shared memory securely utilizing the shared memory key data. The memory cryptography coprocessor facilitates shared memory key generation and exchange. The memory cryptography coprocessor data is not directly accessible by the processes executing on the main processor.Type: GrantFiled: March 13, 2018Date of Patent: April 28, 2020Assignee: International Business Machines CorporationInventors: Breno H. Leitao, Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco, Daniel Battaiola Kreling
-
Publication number: 20200034295Abstract: Systems and methods for cache balance when using hardware transactional memory are disclosed. A method includes: determining, by a computing device, a hardware transactional memory (HTM) attrition rate for a workload in a distributed computing environment; determining, by the computing device, whether or not the HTM attrition rate for the workload exceeds a predetermined threshold; and in response to determining that the HTM attrition rate for the workload does not exceed the predetermined threshold, the computing device causing a requested HTM transaction to begin.Type: ApplicationFiled: July 30, 2018Publication date: January 30, 2020Inventors: Daniel BATTAIOLA KRELING, Breno H. LEITAO, Mauro Sergio MARTINS RODRIGUES, Rafael CAMARDA SILVA FOLCO
-
Publication number: 20200026652Abstract: Systems and methods for improved process caching through iterative feedback are disclosed. In embodiments, a computer implemented method comprises retrieving updated metadata of a process to be executed, wherein the updated metadata includes information regarding cache misses from a prior execution of the process; automatically modifying a setting of a data stream control register based on the updated metadata; automatically setting a hint at a data cache block touch module; performing an initial execution of the process after the steps of retrieving the updated metadata, automatically modifying the setting of the data stream control register, and automatically setting the hint at the data cache block touch module; and modifying the updated metadata of the process after the execution of the process based on cache miss statistical data gathered during the execution of the process, to produce newly updated metadata.Type: ApplicationFiled: September 30, 2019Publication date: January 23, 2020Inventors: Mauro Sergio MARTINS RODRIGUES, Rafael CAMARDA SILVA FOLCO, Daniel BATTAIOLA KRELING, Breno H. LEITAO
-
Publication number: 20190384923Abstract: Secure memory sharing between enclaves (virtual machines) and virtual input/output adapters includes, in response to a request for an enclave to create a virtual input/output adapter, creating a virtual input/output adapter associated with the enclave, creating a non-sharable micro-enclave, to contain only data, nested within the enclave to use with the virtual input/output adapter, generating a key by a memory encryption engine of an ultravisor for the virtual input/output adapter for use by only the virtual input/output adapter, in response to a request to obtain data from the enclave by the virtual input/output adapter, exchanging the key with the non-sharable micro-enclave, in response to receiving the key, decrypting memory of only the non-sharable micro-enclave associated with the virtual input/output adapter to obtain the data, and sending the data from the non-sharable micro-enclave nested within the enclave to the virtual input/output adapter.Type: ApplicationFiled: June 13, 2018Publication date: December 19, 2019Inventors: Breno H. LEITAO, Mauro Sergio MARTINS RODRIGUES, Daniel BATTAIOLA KRELING, Rafael CAMARDA SILVA FOLCO
-
Publication number: 20190354378Abstract: Booting a virtual machine instance using remote direct memory access is provided. In response to beginning to receive pages of a predetermined set of pages corresponding to a requested image of a virtual machine from an image provider server, a boot process of an instance of the virtual machine is commenced while the received pages are written directly into a random-access memory (RAM) disk. The received pages are read from the RAM disk during the boot process of the instance of the virtual machine until transfer of the predetermined set of pages corresponding to the requested image is complete. The predetermined set of pages corresponding to the requested image are written to a local hard disk drive from the memory releasing memory usage. In response to completing the boot process, a RAM image is switched to a local hard disk drive image.Type: ApplicationFiled: May 21, 2018Publication date: November 21, 2019Inventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10467141Abstract: Systems and methods for improved process caching through iterative feedback are disclosed. In embodiments, a computer implemented method comprises retrieving updated metadata of a process to be executed, wherein the updated metadata includes information regarding cache misses from a prior execution of the process; automatically modifying a setting of a data stream control register based on the updated metadata; automatically setting a hint at a data cache block touch module; performing an initial execution of the process after the steps of retrieving the updated metadata, automatically modifying the setting of the data stream control register, and automatically setting the hint at the data cache block touch module; and modifying the updated metadata of the process after the execution of the process based on cache miss statistical data gathered during the execution of the process, to produce newly updated metadata.Type: GrantFiled: June 18, 2018Date of Patent: November 5, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco, Daniel Battaiola Kreling, Breno H. Leitao
-
Publication number: 20190286577Abstract: Disclosed embodiments provide techniques for inter-enclave communication through shared memory. Enclaves (containers) operate in a protected memory space that inhibits the use of shared memory. Disclosed embodiments enable enclaves to use shared memory, eliminating the communication bottlenecks associated with networking. A memory cryptography coprocessor implemented in hardware generates shared memory key data for a shared memory region that is to be used by two or more enclaves. The shared memory key data is sent to the enclaves that require a shared memory interface. The enclaves access the shared memory securely utilizing the shared memory key data. The memory cryptography coprocessor facilitates shared memory key generation and exchange. The memory cryptography coprocessor data is not directly accessible by the processes executing on the main processor.Type: ApplicationFiled: March 13, 2018Publication date: September 19, 2019Inventors: Breno H. Leitao, Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco, Daniel Battaiola Kreling
-
Publication number: 20190243561Abstract: Embodiments of the present invention disclose a method, computer program product, and system for managing memory bandwidth usage in software containers. Software container properties are received from a software container engine. In response to detecting the execution of one or more software containers by the software container engine, a monitoring layer is generated. At periodic time intervals, the generated monitoring layer monitors a memory bandwidth use value associated with each of the executed software containers. For each periodic time interval, an average memory use value is calculated, associated with each executed software container. In response to the calculated average memory use value being above a threshold associated with a monitored software container of the executed containers, the monitored software container is suspended for a suspend time duration. The suspended monitored software container is reactivated based on the suspend time duration expiring.Type: ApplicationFiled: April 22, 2019Publication date: August 8, 2019Inventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10338824Abstract: Embodiments of the present invention disclose a method, computer program product, and system for managing memory bandwidth usage in software containers. Software container properties are received from a software container engine. In response to detecting the execution of one or more software containers by the software container engine, a monitoring layer is generated. At periodic time intervals, the generated monitoring layer monitors a memory bandwidth use value associated with each of the executed software containers. For each periodic time interval, an average memory use value is calculated, associated with each executed software container. In response to the calculated average memory use value being above a threshold associated with a monitored software container of the executed containers, the monitored software container is suspended for a suspend time duration. The suspended monitored software container is reactivated based on the suspend time duration expiring.Type: GrantFiled: November 9, 2017Date of Patent: July 2, 2019Assignee: International Business Machines CorporationInventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Publication number: 20190138223Abstract: Embodiments of the present invention disclose a method, computer program product, and system for managing memory bandwidth usage in software containers. Software container properties are received from a software container engine. In response to detecting the execution of one or more software containers by the software container engine, a monitoring layer is generated. At periodic time intervals, the generated monitoring layer monitors a memory bandwidth use value associated with each of the executed software containers. For each periodic time interval, an average memory use value is calculated, associated with each executed software container. In response to the calculated average memory use value being above a threshold associated with a monitored software container of the executed containers, the monitored software container is suspended for a suspend time duration. The suspended monitored software container is reactivated based on the suspend time duration expiring.Type: ApplicationFiled: November 9, 2017Publication date: May 9, 2019Inventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues