Patents by Inventor Rafael Camarda Silva Folco
Rafael Camarda Silva Folco has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11755753Abstract: Secure memory sharing between enclaves (virtual machines) and virtual input/output adapters includes, in response to a request for an enclave to create a virtual input/output adapter, creating a virtual input/output adapter associated with the enclave, creating a non-sharable micro-enclave, to contain only data, nested within the enclave to use with the virtual input/output adapter, generating a key by a memory encryption engine of an ultravisor for the virtual input/output adapter for use by only the virtual input/output adapter, in response to a request to obtain data from the enclave by the virtual input/output adapter, exchanging the key with the non-sharable micro-enclave, in response to receiving the key, decrypting memory of only the non-sharable micro-enclave associated with the virtual input/output adapter to obtain the data, and sending the data from the non-sharable micro-enclave nested within the enclave to the virtual input/output adapter.Type: GrantFiled: June 13, 2018Date of Patent: September 12, 2023Assignee: Kyndryl, Inc.Inventors: Breno H. Leitao, Mauro Sergio Martins Rodrigues, Daniel Battaiola Kreling, Rafael Camarda Silva Folco
-
Patent number: 11194724Abstract: Systems and methods for improved process caching through iterative feedback are disclosed. In embodiments, a computer implemented method comprises retrieving updated metadata of a process to be executed, wherein the updated metadata includes information regarding cache misses from a prior execution of the process; automatically modifying a setting of a data stream control register based on the updated metadata; automatically setting a hint at a data cache block touch module; performing an initial execution of the process after the steps of retrieving the updated metadata, automatically modifying the setting of the data stream control register, and automatically setting the hint at the data cache block touch module; and modifying the updated metadata of the process after the execution of the process based on cache miss statistical data gathered during the execution of the process, to produce newly updated metadata.Type: GrantFiled: September 30, 2019Date of Patent: December 7, 2021Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco, Daniel Battaiola Kreling, Breno H. Leitao
-
Patent number: 11079940Abstract: Embodiments of the present invention disclose a method, computer program product, and system for managing memory bandwidth usage in software containers. Software container properties are received from a software container engine. In response to detecting the execution of one or more software containers by the software container engine, a monitoring layer is generated. At periodic time intervals, the generated monitoring layer monitors a memory bandwidth use value associated with each of the executed software containers. For each periodic time interval, an average memory use value is calculated, associated with each executed software container. In response to the calculated average memory use value being above a threshold associated with a monitored software container of the executed containers, the monitored software container is suspended for a suspend time duration. The suspended monitored software container is reactivated based on the suspend time duration expiring.Type: GrantFiled: April 22, 2019Date of Patent: August 3, 2021Assignee: International Business Machines CorporationInventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10936330Abstract: Booting a virtual machine instance using remote direct memory access is provided. In response to beginning to receive pages of a predetermined set of pages corresponding to a requested image of a virtual machine from an image provider server, a boot process of an instance of the virtual machine is commenced while the received pages are written directly into a random-access memory (RAM) disk. The received pages are read from the RAM disk during the boot process of the instance of the virtual machine until transfer of the predetermined set of pages corresponding to the requested image is complete. The predetermined set of pages corresponding to the requested image are written to a local hard disk drive from the memory releasing memory usage. In response to completing the boot process, a RAM image is switched to a local hard disk drive image.Type: GrantFiled: May 21, 2018Date of Patent: March 2, 2021Assignee: International Business Machines CorporationInventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10884776Abstract: Managing seamless server halt and restart is provided. A suspend event corresponding to a non-non-volatile dual-inline memory module (non-NVDIMM) server that comprises a set of virtual machines is received. In response to receiving the suspend event corresponding to the non-NVDIMM server, running virtual machine processes are stopped on the non-NVDIMM server. Virtual machine state information corresponding to stopped non-NVDIMM server virtual machine processes is saved on a set of non-volatile dual-inline memory modules (NVDIMMs) located in a non-volatile dual-inline memory module (NVDIMM) server.Type: GrantFiled: April 27, 2018Date of Patent: January 5, 2021Assignee: International Business Machines CorporationInventors: Breno H. Leitao, Rafael Camarda Silva Folco, Juscelino Candido De Lima Junior
-
Patent number: 10824453Abstract: Systems and methods improve performance and resource-efficiency of Just-in-Time (JIT) compilation in a hypervisor-based virtualized computing environment. A user attempts to launch an application that has been previously compiled by a JIT compiler into an intermediate, platform-independent format. A JIT accelerator selects a unique function signature that identifies the application and the user's target platform. If the signature cannot be found in a repository, indicating that the application has never been run on the target platform, the accelerator generates and stores the requested executable program in shared memory and saves the signature in the repository. The system then returns to the user a pointer to the stored platform-specific executable. If multiple users of the same platform request the same application, the system recognizes an affinity among those requests identified by their shared signature, and provides each user a pointer to the same previously stored, shared executable.Type: GrantFiled: July 31, 2018Date of Patent: November 3, 2020Assignee: International Business Machines CorporationInventors: Rafael Camarda Silva Folco, Plinio A. S. Freire, Breno Henrique Leitao
-
Patent number: 10754776Abstract: Systems and methods for cache balance when using hardware transactional memory are disclosed. A method includes: determining, by a computing device, a hardware transactional memory (HTM) attrition rate for a workload in a distributed computing environment; determining, by the computing device, whether or not the HTM attrition rate for the workload exceeds a predetermined threshold; and in response to determining that the HTM attrition rate for the workload does not exceed the predetermined threshold, the computing device causing a requested HTM transaction to begin.Type: GrantFiled: July 30, 2018Date of Patent: August 25, 2020Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Daniel Battaiola Kreling, Breno H. Leitao, Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco
-
Patent number: 10635605Abstract: Disclosed embodiments provide techniques for inter-enclave communication through shared memory. Enclaves (containers) operate in a protected memory space that inhibits the use of shared memory. Disclosed embodiments enable enclaves to use shared memory, eliminating the communication bottlenecks associated with networking. A memory cryptography coprocessor implemented in hardware generates shared memory key data for a shared memory region that is to be used by two or more enclaves. The shared memory key data is sent to the enclaves that require a shared memory interface. The enclaves access the shared memory securely utilizing the shared memory key data. The memory cryptography coprocessor facilitates shared memory key generation and exchange. The memory cryptography coprocessor data is not directly accessible by the processes executing on the main processor.Type: GrantFiled: March 13, 2018Date of Patent: April 28, 2020Assignee: International Business Machines CorporationInventors: Breno H. Leitao, Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco, Daniel Battaiola Kreling
-
Patent number: 10620959Abstract: In an approach for moving workloads between central processing units (CPUs) to accommodate balance, a processor profiles a first processor and a second processor of a plurality of processors, using a cycle per instruction metric. A processor assigns a first group of instructions to the first processor and a second group of instructions to the second processor. A processor sums an instruction count for the first group of instructions and an instruction count for the second group of instructions. A processor determines that a balance condition, defined by a predetermined threshold, does not exist across the first processor and the second processor. A processor identifies the second processor has a lower cycle per instruction metric than the first processor. A processor moves a workload, running on the first processor, with a maximum number of instructions of an unbalanced group to the second processor to balance workloads.Type: GrantFiled: December 1, 2017Date of Patent: April 14, 2020Assignee: International Business Machines CorporationInventors: Rafael Camarda Silva Folco, Jose F. Santiago Filho, Desnes A. Nunes do Rosário, Breno H. Leitao
-
Publication number: 20200034295Abstract: Systems and methods for cache balance when using hardware transactional memory are disclosed. A method includes: determining, by a computing device, a hardware transactional memory (HTM) attrition rate for a workload in a distributed computing environment; determining, by the computing device, whether or not the HTM attrition rate for the workload exceeds a predetermined threshold; and in response to determining that the HTM attrition rate for the workload does not exceed the predetermined threshold, the computing device causing a requested HTM transaction to begin.Type: ApplicationFiled: July 30, 2018Publication date: January 30, 2020Inventors: Daniel BATTAIOLA KRELING, Breno H. LEITAO, Mauro Sergio MARTINS RODRIGUES, Rafael CAMARDA SILVA FOLCO
-
Publication number: 20200026652Abstract: Systems and methods for improved process caching through iterative feedback are disclosed. In embodiments, a computer implemented method comprises retrieving updated metadata of a process to be executed, wherein the updated metadata includes information regarding cache misses from a prior execution of the process; automatically modifying a setting of a data stream control register based on the updated metadata; automatically setting a hint at a data cache block touch module; performing an initial execution of the process after the steps of retrieving the updated metadata, automatically modifying the setting of the data stream control register, and automatically setting the hint at the data cache block touch module; and modifying the updated metadata of the process after the execution of the process based on cache miss statistical data gathered during the execution of the process, to produce newly updated metadata.Type: ApplicationFiled: September 30, 2019Publication date: January 23, 2020Inventors: Mauro Sergio MARTINS RODRIGUES, Rafael CAMARDA SILVA FOLCO, Daniel BATTAIOLA KRELING, Breno H. LEITAO
-
Publication number: 20190384923Abstract: Secure memory sharing between enclaves (virtual machines) and virtual input/output adapters includes, in response to a request for an enclave to create a virtual input/output adapter, creating a virtual input/output adapter associated with the enclave, creating a non-sharable micro-enclave, to contain only data, nested within the enclave to use with the virtual input/output adapter, generating a key by a memory encryption engine of an ultravisor for the virtual input/output adapter for use by only the virtual input/output adapter, in response to a request to obtain data from the enclave by the virtual input/output adapter, exchanging the key with the non-sharable micro-enclave, in response to receiving the key, decrypting memory of only the non-sharable micro-enclave associated with the virtual input/output adapter to obtain the data, and sending the data from the non-sharable micro-enclave nested within the enclave to the virtual input/output adapter.Type: ApplicationFiled: June 13, 2018Publication date: December 19, 2019Inventors: Breno H. LEITAO, Mauro Sergio MARTINS RODRIGUES, Daniel BATTAIOLA KRELING, Rafael CAMARDA SILVA FOLCO
-
Publication number: 20190354378Abstract: Booting a virtual machine instance using remote direct memory access is provided. In response to beginning to receive pages of a predetermined set of pages corresponding to a requested image of a virtual machine from an image provider server, a boot process of an instance of the virtual machine is commenced while the received pages are written directly into a random-access memory (RAM) disk. The received pages are read from the RAM disk during the boot process of the instance of the virtual machine until transfer of the predetermined set of pages corresponding to the requested image is complete. The predetermined set of pages corresponding to the requested image are written to a local hard disk drive from the memory releasing memory usage. In response to completing the boot process, a RAM image is switched to a local hard disk drive image.Type: ApplicationFiled: May 21, 2018Publication date: November 21, 2019Inventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10467141Abstract: Systems and methods for improved process caching through iterative feedback are disclosed. In embodiments, a computer implemented method comprises retrieving updated metadata of a process to be executed, wherein the updated metadata includes information regarding cache misses from a prior execution of the process; automatically modifying a setting of a data stream control register based on the updated metadata; automatically setting a hint at a data cache block touch module; performing an initial execution of the process after the steps of retrieving the updated metadata, automatically modifying the setting of the data stream control register, and automatically setting the hint at the data cache block touch module; and modifying the updated metadata of the process after the execution of the process based on cache miss statistical data gathered during the execution of the process, to produce newly updated metadata.Type: GrantFiled: June 18, 2018Date of Patent: November 5, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco, Daniel Battaiola Kreling, Breno H. Leitao
-
Publication number: 20190332411Abstract: Managing seamless server halt and restart is provided. A suspend event corresponding to a non-non-volatile dual-inline memory module (non-NVDIMM) server that comprises a set of virtual machines is received. In response to receiving the suspend event corresponding to the non-NVDIMM server, running virtual machine processes are stopped on the non-NVDIMM server. Virtual machine state information corresponding to stopped non-NVDIMM server virtual machine processes is saved on a set of non-volatile dual-inline memory modules (NVDIMMs) located in a non-volatile dual-inline memory module (NVDIMM) server.Type: ApplicationFiled: April 27, 2018Publication date: October 31, 2019Inventors: Breno H. Leitao, Rafael Camarda Silva Folco, Juscelino Candido De Lima Junior
-
Publication number: 20190286577Abstract: Disclosed embodiments provide techniques for inter-enclave communication through shared memory. Enclaves (containers) operate in a protected memory space that inhibits the use of shared memory. Disclosed embodiments enable enclaves to use shared memory, eliminating the communication bottlenecks associated with networking. A memory cryptography coprocessor implemented in hardware generates shared memory key data for a shared memory region that is to be used by two or more enclaves. The shared memory key data is sent to the enclaves that require a shared memory interface. The enclaves access the shared memory securely utilizing the shared memory key data. The memory cryptography coprocessor facilitates shared memory key generation and exchange. The memory cryptography coprocessor data is not directly accessible by the processes executing on the main processor.Type: ApplicationFiled: March 13, 2018Publication date: September 19, 2019Inventors: Breno H. Leitao, Mauro Sergio Martins Rodrigues, Rafael Camarda Silva Folco, Daniel Battaiola Kreling
-
Publication number: 20190251255Abstract: A method, computer program product, and system for managing container security, the method including consuming a recipe queue on a first checker container, wherein the first checker container is on a first host of a computer system, and the recipe queue comprises a predefined set of rules, storing the first checker container recipe queue result in the first checker container, comparing the first checker container recipe queue result with an expected result of the recipe queue, wherein the expected result is stored in the first checker container, and following a first fail procedure from a plurality of fail procedures, based on the first checker container recipe queue result not matching the expected result.Type: ApplicationFiled: April 24, 2019Publication date: August 15, 2019Inventors: Rafael Camarda Silva Folco, Breno Henrique Leitão, Rafael Peria de Sene
-
Publication number: 20190243561Abstract: Embodiments of the present invention disclose a method, computer program product, and system for managing memory bandwidth usage in software containers. Software container properties are received from a software container engine. In response to detecting the execution of one or more software containers by the software container engine, a monitoring layer is generated. At periodic time intervals, the generated monitoring layer monitors a memory bandwidth use value associated with each of the executed software containers. For each periodic time interval, an average memory use value is calculated, associated with each executed software container. In response to the calculated average memory use value being above a threshold associated with a monitored software container of the executed containers, the monitored software container is suspended for a suspend time duration. The suspended monitored software container is reactivated based on the suspend time duration expiring.Type: ApplicationFiled: April 22, 2019Publication date: August 8, 2019Inventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10338824Abstract: Embodiments of the present invention disclose a method, computer program product, and system for managing memory bandwidth usage in software containers. Software container properties are received from a software container engine. In response to detecting the execution of one or more software containers by the software container engine, a monitoring layer is generated. At periodic time intervals, the generated monitoring layer monitors a memory bandwidth use value associated with each of the executed software containers. For each periodic time interval, an average memory use value is calculated, associated with each executed software container. In response to the calculated average memory use value being above a threshold associated with a monitored software container of the executed containers, the monitored software container is suspended for a suspend time duration. The suspended monitored software container is reactivated based on the suspend time duration expiring.Type: GrantFiled: November 9, 2017Date of Patent: July 2, 2019Assignee: International Business Machines CorporationInventors: Daniel Battaiola Kreling, Rafael Camarda Silva Folco, Breno H. Leitao, Mauro Sergio Martins Rodrigues
-
Patent number: 10331883Abstract: A method, computer program product, and system for managing container security, the method including consuming a recipe queue on a first checker container, wherein the first checker container is on a first host of a computer system, and the recipe queue comprises a predefined set of rules, storing the first checker container recipe queue result in the first checker container, comparing the first checker container recipe queue result with an expected result of the recipe queue, wherein the expected result is stored in the first checker container, and following a first fail procedure from a plurality of fail procedures, based on the first checker container recipe queue result not matching the expected result.Type: GrantFiled: September 28, 2016Date of Patent: June 25, 2019Assignee: International Business Machines CorporationInventors: Rafael Camarda Silva Folco, Breno Henrique Leitão, Rafael Peria de Sene