Abstract: Implementations describe a computing system that implements a plurality of virtual machines inside a trust domain (TD), enabled via a secure arbitration mode (SEAM) of the processor. A processor includes one or more registers to store a SEAM range of memory, a TD key identifier of a TD private encryption key. The processor is capable of initializing a trust domain resource manager (TDRM) to manage the TD, and a virtual machine monitor within the TD to manage the plurality of virtual machines therein. The processor is further capable of exclusively associating a plurality of memory pages with the TD, wherein the plurality of memory pages associated with the TD is encrypted with a TD private encryption key inaccessible to the TDRM. The processor is further capable of using the SEAM range of memory, inaccessible to the TDRM, to provide isolation between the TDRM and the plurality of virtual machines.

Abstract: Implementations describe a computing system that implements a plurality of virtual machines inside a trust domain (TD), enabled via a secure arbitration mode (SEAM) of the processor. A processor includes one or more registers to store a SEAM range of memory, a TD key identifier of a TD private encryption key. The processor is capable of initializing a trust domain resource manager (TDRM) to manage the TD, and a virtual machine monitor within the TD to manage the plurality of virtual machines therein. The processor is further capable of exclusively associating a plurality of memory pages with the TD, wherein the plurality of memory pages associated with the TD is encrypted with a TD private encryption key inaccessible to the TDRM. The processor is further capable of using the SEAM range of memory, inaccessible to the TDRM, to provide isolation between the TDRM and the plurality of virtual machines.

Abstract: Methods and apparatus to set guest physical address mapping attributes for a trusted domain In one embodiment, the method includes executing a first one or more of instructions to establish a trusted domain and executing a second one or more of the instructions to add a first memory page to the trusted domain, where the first memory page is private to the trusted domain and a first set of page attributes is set for the first memory page based on the second one or more of the instructions, where the first set of page attributes indicates how the first memory page is mapped in a secure extended page table. The method further includes storing the first set of page attributes for the first memory page in the secure extended page table at a storage location responsive to executing the second one or more of the instructions.

Abstract: When power is provided through a USB-C cable from a source device to a sink device, a sudden connection or disconnection of the cable between the two devices may cause a sudden power surge or power drop in at least one of those devices, leading to other problems. To avoid this sudden event from causing potential damage or disruption to one of the devices, in some embodiments a CC pin in the cable is used to announce the impending connection/disconnection, and the device may throttle back its power consumption before power is actually applied to or removed from the power pins.

Abstract: Implementations describe a computing system that implements a plurality of virtual machines inside a trust domain (TD), enabled via a secure arbitration mode (SEAM) of the processor. A processor includes one or more registers to store a SEAM range of memory, a TD key identifier of a TD private encryption key. The processor is capable of initializing a trust domain resource manager (TDRM) to manage the TD, and a virtual machine monitor within the TD to manage the plurality of virtual machines therein. The processor is further capable of exclusively associating a plurality of memory pages with the TD, wherein the plurality of memory pages associated with the TD is encrypted with a TD private encryption key inaccessible to the TDRM. The processor is further capable of using the SEAM range of memory, inaccessible to the TDRM, to provide isolation between the TDRM and the plurality of virtual machines.

Abstract: Implementations describe a computing system that implements a plurality of virtual machines inside a trust domain (TD), enabled via a secure arbitration mode (SEAM) of the processor. A processor includes one or more registers to store a SEAM range of memory, a TD key identifier of a TD private encryption key. The processor is capable of initializing a trust domain resource manager (TDRM) to manage the TD, and a virtual machine monitor within the TD to manage the plurality of virtual machines therein. The processor is further capable of exclusively associating a plurality of memory pages with the TD, wherein the plurality of memory pages associated with the TD is encrypted with a TD private encryption key inaccessible to the TDRM. The processor is further capable of using the SEAM range of memory, inaccessible to the TDRM, to provide isolation between the TDRM and the plurality of virtual machines.

Abstract: Techniques are provided for managing power delivery to multiple universal serial bus (USB) type-C ports of a desktop computer system. In an example, a method can include providing a first power level to a USB power delivery controller during a non-sleep mode operation of the desktop computer, and providing a second power level to the USB power delivery controller when the computer is in a sleep mode, the second power level configured to provide default charge power to a connected device when the computer is in the sleep mode.

Abstract: Implementations describe a computing system that implements a plurality of virtual machines inside a trust domain (TD), enabled via a secure arbitration mode (SEAM) of the processor. A processor includes one or more registers to store a SEAM range of memory, a TD key identifier of a TD private encryption key. The processor is capable of initializing a trust domain resource manager (TDRM) to manage the TD, and a virtual machine monitor within the TD to manage the plurality of virtual machines therein. The processor is further capable of exclusively associating a plurality of memory pages with the TD, wherein the plurality of memory pages associated with the TD is encrypted with a TD private encryption key inaccessible to the TDRM. The processor is further capable of using the SEAM range of memory, inaccessible to the TDRM, to provide isolation between the TDRM and the plurality of virtual machines.

Abstract: A method and system for manages mapping of universal serial bus (USB) connectors to a plurality of USB host controllers. The method determines an enumeration of USB connectors in a system, identifying USB host controllers in the system, generating a grouping for a USB connector with USB host controllers, and configures USB routing in the system to map the USB connector with the USB host controllers according to the grouping.

Abstract: When power is provided through a USB-C cable from a source device to a sink device, a sudden connection or disconnection of the cable between the two devices may cause a sudden power surge or power drop in at least one of those devices, leading to other problems. To avoid this sudden event from causing potential damage or disruption to one of the devices, in some embodiments a CC pin in the cable is used to announce the impending connection/disconnection, and the device may throttle back its power consumption before power is actually applied to or removed from the power pins.

Abstract: When power is provided through a USB-C cable from a source device to a sink device, a sudden connection or disconnection of the cable between the two devices may cause a sudden power surge or power drop in at least one of those devices, leading to other problems. To avoid this sudden event from causing potential damage or disruption to one of the devices, in some embodiments a CC pin in the cable is used to announce the impending connection/disconnection, and the device may throttle back its power consumption before power is actually applied to or removed from the power pins.

Abstract: Particular embodiments described herein provide for an electronic device that can receive data from an operating system in an electronic device, where the data is related to hardware that is in communication with the electronic device through a multimodal interface and communicate the data and/or related data to a local policy manager, where the local policy manager is in communication with the multimodal interface. The multimodal interface can be configured to support power transfers, directionality, and multiple input/output (I/O) protocols on the same interface.

Abstract: Particular embodiments described herein provide for an electronic device that can receive data from an operating system in an electronic device, where the data is related to hardware that is in communication with the electronic device through a multimodal interface and communicate the data and/or related data to a local policy manager, where the local policy manager is in communication with the multimodal interface. The multimodal interface can be configured to support power transfers, directionality, and multiple input/output (I/O) protocols on the same interface.

Abstract: Various techniques for enabling the control and monitoring of a USB device mode controller to a USB-C connector, for the performance of a USB device mode data connection, are disclosed herein. In an example, a computing system that includes multiple USB-C connectors but a single USB device mode controller may manage the availability of the controller to a particular connector. The computing system may determine availability of a USB device mode controller to control the first USB-C connector, wherein the attempted data connection occurs with the first USB-C connector configured as an upstream facing port. The computing system may further perform, in response, a data role swap of the first USB-C connector to configure the first USB-C connector as a downstream facing port. The computing system may, further continue the attempted data connection with the remote computing system via the first USB-C connector configured as a downstream facing port.

Abstract: Various techniques for enabling the control and monitoring of a USB device mode controller to a USB-C connector, for the performance of a USB device mode data connection, are disclosed herein. In an example, a computing system that includes multiple USB-C connectors but a single USB device mode controller may manage the mapping of the controller to a particular connector, through operations that identify the mapping and the characteristics of the connector, process a request to change the mapping of the device mode controller, and perform the change to the mapping of the device mode controller. Such a change may include a disconnection or reassignment of a particular USB-C connector to the controller. Further examples to determine the availability of a USB device mode controller, and respond to a scenario where the USB device mode controller is not available, are also disclosed.

Abstract: Techniques are provided for managing power delivery to multiple universal serial bus (USB) type-C ports of a desktop computer system. In an example, a method can include providing a first power level to a USB power delivery controller during a non-sleep mode operation of the desktop computer, and providing a second power level to the USB power delivery controller when the computer is in a sleep mode, the second power level configured to provide default charge power to a connected device when the computer is in the sleep mode.

Abstract: When power is provided through a USB-C cable from a source device to a sink device, a sudden connection or disconnection of the cable between the two devices may cause a sudden power surge or power drop in at least one of those devices, leading to other problems. To avoid this sudden event from causing potential damage or disruption to one of the devices, in some embodiments a CC pin in the cable is used to announce the impending connection/disconnection, and the device may throttle back its power consumption before power is actually applied to or removed from the power pins.

Abstract: A method and system for manages mapping of universal serial bus (USB) connectors to a plurality of USB host controllers. The method determines an enumeration of USB connectors in a system, identifying USB host controllers in the system, generating a grouping for a USB connector with USB host controllers, and configures USB routing in the system to map the USB connector with the USB host controllers according to the grouping.

Abstract: One embodiment provides an apparatus. The apparatus includes an input output memory management unit (I/O MMU), a non-secure operating system (OS) driver, a secure OS driver and a virtual machine monitor (VMM). The I/OMMU is to couple an I/O Controller to a memory. The I/O Controller is coupled to a secure device and a non-secure device and has one I/O Controller identifier. The non-secure OS driver is associated with the non-secure device. The secure OS driver is associated with the secure device. The VMM is to allocate a secure address space to a secure OS and a non-secure address space to a non-secure OS. The secure address space is non-overlapping with the non-secure address space.

Abstract: Various techniques for enabling the control and monitoring of a USB device mode controller to a USB-C connector, for the performance of a USB device mode data connection, are disclosed herein. In an example, a computing system that includes multiple USB-C connectors but a single USB device mode controller may manage the mapping of the controller to a particular connector, through operations that identify the mapping and the characteristics of the connector, process a request to change the mapping of the device mode controller, and perform the change to the mapping of the device mode controller. Such a change may include a disconnection or reassignment of a particular USB-C connector to the controller. Further examples to determine the availability of a USB device mode controller, and respond to a scenario where the USB device mode controller is not available, are also disclosed.