Patents by Inventor Ute Gaertner
Ute Gaertner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20180357181Abstract: Embodiments include techniques for using a zone-SDID mapping for translation lookaside buffer (TLB) purges, the techniques include receiving a zone purge request, including zone attribute information, and searching for matching zone attribute information in a zone register using the zone purge request. The techniques also include computing, based at least in part on the search, a state descriptor identifier (SDID) vector for each matching zone of the zone register, and reading TLB entries referenced in the zone purge request. The techniques include comparing an SDID of the TLB entry against an SDID specified in the SDID vector, and purging the TLB entries based on the comparison.Type: ApplicationFiled: June 7, 2017Publication date: December 13, 2018Inventors: Uwe Brandt, Ute Gaertner, Lisa C. Heller, Markus Helms, Christian Jacobi, Thomas Koehler, Frank Lehnert, Jennifer A. Navarro
-
Patent number: 10102152Abstract: A method includes generating a set of virtual-machine-specific (VMS) encryption keys for a dedicated virtual machine, storing the set of VMS encryption keys in a protected memory, storing a first look-up table in the protected memory, and replacing an encryption key stored in a crypto unit with at least one VMS encryption key of the set of VMS encryption keys in an operation mode where the dedicated virtual machine is executed by a processor. The protected memory is selectively excluded from access by operating systems executable on a computer system. The look-up table being accessible only by firmware of the computer system.Type: GrantFiled: April 11, 2016Date of Patent: October 16, 2018Assignee: International Business Machines CorporationInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 10102151Abstract: A method includes generating a set of virtual-machine-specific (VMS) encryption keys for a dedicated virtual machine, storing the set of VMS encryption keys in a protected memory, storing a first look-up table in the protected memory, and replacing an encryption key stored in a crypto unit with at least one VMS encryption key of the set of VMS encryption keys in an operation mode where the dedicated virtual machine is executed by a processor. The protected memory is selectively excluded from access by operating systems executable on a computer system. The look-up table being accessible only by firmware of the computer system.Type: GrantFiled: November 6, 2015Date of Patent: October 16, 2018Assignee: International Business Machines CorporationInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 10025608Abstract: Methods and apparatuses for performing a quiesce operation in a multithread environment is provided. A processor receives a first thread quiesce request from a first thread executing on the processor. A processor sends a first processor quiesce request to a system controller to initiate a quiesce operation. A processor performs one or more operations of the first thread based, at least in part, on receiving a response from the system controller.Type: GrantFiled: November 17, 2014Date of Patent: July 17, 2018Assignee: International Business Machines CorporationInventors: Michael Fee, Ute Gaertner, Lisa C. Heller, Thomas Koehler, Frank Lehnert, Jennifer A. Navarro
-
Patent number: 10013279Abstract: A method, a computer program product, and a computer system for processing interrupt requests in a computer system. The computer system disables, for a processor, an interrupt request for threads other than an interrupt request handling thread. The computer system configures the processor to route the interrupt request to the interrupt request handling thread. The computer system determines, by the interrupt request handling thread, whether one of the threads needs to process the interrupt request. The computer presents, by the interrupt request handling thread, the interrupt request to the one of the threads, in response to determining that the one of the threads needs to process the interrupt request.Type: GrantFiled: July 28, 2015Date of Patent: July 3, 2018Assignee: International Business Machines CorporationInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 10002022Abstract: A method, a computer program product, and a computer system for processing interrupt requests in a computer system. The computer system disables, for a processor, an interrupt request for threads other than an interrupt request handling thread. The computer system configures the processor to route the interrupt request to the interrupt request handling thread. The computer system determines, by the interrupt request handling thread, whether one of the threads needs to process the interrupt request. The computer presents, by the interrupt request handling thread, the interrupt request to the one of the threads, in response to determining that the one of the threads needs to process the interrupt request.Type: GrantFiled: September 24, 2015Date of Patent: June 19, 2018Assignee: International Business Machines CorporationInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 9798678Abstract: Protecting contents of storage in a computer system from unauthorized access. The computer system includes one or more processing units sharing the storage. Each of the processing units has at least one processor cache. Each processing unit respectively encrypts or decrypts, with a protected section key, data transferred between its processor cache and the storage, when data relates to the protected section used by the hypervisor; and each processing unit respectively encrypts or decrypts, with a virtual machine key, data transferred between its processor cache and the storage, when data relates to storage areas used by a virtual machine.Type: GrantFiled: April 2, 2015Date of Patent: October 24, 2017Assignee: International Business Machines CorporationInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 9779032Abstract: Protecting contents of storage in a computer system from unauthorized access. The computer system includes one or more processing units sharing the storage. Each of the processing units has at least one processor cache. Each processing unit respectively encrypts or decrypts, with a protected section key, data transferred between its processor cache and the storage, when data relates to the protected section used by the hypervisor; and each processing unit respectively encrypts or decrypts, with a virtual machine key, data transferred between its processor cache and the storage, when data relates to storage areas used by a virtual machine.Type: GrantFiled: November 14, 2015Date of Patent: October 3, 2017Assignee: International Business Machines CorporationInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 9772954Abstract: Protecting contents of storage in a computer system from unauthorized access. The computer system comprises one or more processing units sharing the storage, the processing units each having at least one processor cache. Each processing unit respectively encrypts or decrypts, with a protected section key in the chip cache, data transferred between its processor cache and the protected section, and each processing unit respectively encrypts or decrypts, with a segment key, data transferred between the chip cache and the storage, when data relates to a specific segment of the storage.Type: GrantFiled: November 14, 2015Date of Patent: September 26, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 9715462Abstract: Protecting contents of storage in a computer system from unauthorized access. The computer system comprises one or more processing units sharing the storage, the processing units each having at least one processor cache. Each processing unit respectively encrypts or decrypts, with a protected section key in the chip cache, data transferred between its processor cache and the protected section, and each processing unit respectively encrypts or decrypts, with a segment key, data transferred between the chip cache and the storage, when data relates to a specific segment of the storage.Type: GrantFiled: April 2, 2015Date of Patent: July 25, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 9697135Abstract: A translation lookaside buffer coherency unit with Emulated Purge (TCUEP) translates a first virtual address for a first instruction into a first physical address. The TCUEP detects a multi-processor coherency operation that will cause hit suppression for certain entries in a TLB and purging of certain entries in the TLB. The TCUEP translates a second virtual address for a second instruction into a second physical address and stores the second physical address in a second entry in the TLB. The TCUEP configures a second marker in the second entry to indicate that the hit suppression is not allowed for the second entry, and that the purging is not allowed for the second entry. The TCUEP receives a first address translation request that indicates a hit in the second entry. The TCUEP resolves the first address translation request by returning the second physical address.Type: GrantFiled: May 3, 2016Date of Patent: July 4, 2017Assignee: International Business Machines CorporationInventors: Joerg Deutschle, Ute Gaertner, Lisa C. Heller
-
Patent number: 9678830Abstract: Methods and apparatuses for performing a quiesce operation during a processor recovery action is provided. A processor performs a processor recovery action. A processor retrieves a quiesce status of a computer system from a shared cache with a second processor. A processor determines a quiesce status of the first processor based, a least in part, on the retrieved quiesce status of the computer system.Type: GrantFiled: November 17, 2014Date of Patent: June 13, 2017Assignee: International Business Machines CorporationInventors: Michael Fee, Ute Gaertner, Lisa C. Heller, Frank Lehnert, Jennifer A. Navarro, Rebecca S. Wisniewski
-
Patent number: 9665424Abstract: Methods and apparatuses for performing a quiesce operation during a processor recovery action is provided. A processor performs a processor recovery action. A processor retrieves a quiesce status of a computer system from a shared cache with a second processor. A processor determines a quiesce status of the first processor based, a least in part, on the retrieved quiesce status of the computer system.Type: GrantFiled: December 16, 2014Date of Patent: May 30, 2017Assignee: International Business Machines CorporationInventors: Michael Fee, Ute Gaertner, Lisa C. Heller, Frank Lehnert, Jennifer A. Navarro, Rebecca S. Wisniewski
-
Publication number: 20170132158Abstract: A method includes generating a set of virtual-machine-specific (VMS) encryption keys for a dedicated virtual machine, storing the set of VMS encryption keys in a protected memory, storing a first look-up table in the protected memory, and replacing an encryption key stored in a crypto unit with at least one VMS encryption key of the set of VMS encryption keys in an operation mode where the dedicated virtual machine is executed by a processor. The protected memory is selectively excluded from access by operating systems executable on a computer system. The look-up table being accessible only by firmware of the computer system.Type: ApplicationFiled: April 11, 2016Publication date: May 11, 2017Inventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Publication number: 20170132156Abstract: A method includes generating a set of virtual-machine-specific (VMS) encryption keys for a dedicated virtual machine, storing the set of VMS encryption keys in a protected memory, storing a first look-up table in the protected memory, and replacing an encryption key stored in a crypto unit with at least one VMS encryption key of the set of VMS encryption keys in an operation mode where the dedicated virtual machine is executed by a processor. The protected memory is selectively excluded from access by operating systems executable on a computer system. The look-up table being accessible only by firmware of the computer system.Type: ApplicationFiled: November 6, 2015Publication date: May 11, 2017Inventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Patent number: 9596076Abstract: Aspects include encrypting data exchanged between two computer systems. A method includes accessing content of a memory, via a memory address, by at least one processing unit of one of the computer systems. Based on the accessing being a write operation, the content of the memory is encrypted using a memory encryption key, the encrypting is by a crypto unit of the at least one of the processing units. Based on the accessing being a read operation, the content of the memory is decrypted using the same memory encryption key, the decrypting is by a crypto unit of the at least once of the processing units. Remote direct memory access is established via memory addresses between the computer systems, the establishing including at least one of the computer systems locally storing a respective network encryption key as memory encryption keys for memory areas used for the data exchange.Type: GrantFiled: April 25, 2016Date of Patent: March 14, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias, Christoph Raisch, Christopher S. Smith
-
Publication number: 20170031709Abstract: A method, a computer program product, and a computer system for processing interrupt requests in a computer system. The computer system disables, for a processor, an interrupt request for threads other than an interrupt request handling thread. The computer system configures the processor to route the interrupt request to the interrupt request handling thread. The computer system determines, by the interrupt request handling thread, whether one of the threads needs to process the interrupt request. The computer presents, by the interrupt request handling thread, the interrupt request to the one of the threads, in response to determining that the one of the threads needs to process the interrupt request.Type: ApplicationFiled: July 28, 2015Publication date: February 2, 2017Inventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Publication number: 20170031625Abstract: Data collection is facilitated by a multi-threaded processor. One thread of the processor obtains data placed in a buffer by another thread of the processor. The thread placing the data in the buffer is an execution thread executing a customer application and the one thread obtaining the data from the buffer is an assist thread. The assist thread stores the data obtained from the buffer in a selected location, such as a cache, main memory, a measurement control block, a persistent storage device or a network.Type: ApplicationFiled: November 14, 2015Publication date: February 2, 2017Inventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Publication number: 20170031850Abstract: A method, a computer program product, and a computer system for processing interrupt requests in a computer system. The computer system disables, for a processor, an interrupt request for threads other than an interrupt request handling thread. The computer system configures the processor to route the interrupt request to the interrupt request handling thread. The computer system determines, by the interrupt request handling thread, whether one of the threads needs to process the interrupt request. The computer presents, by the interrupt request handling thread, the interrupt request to the one of the threads, in response to determining that the one of the threads needs to process the interrupt request.Type: ApplicationFiled: September 24, 2015Publication date: February 2, 2017Inventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias
-
Publication number: 20170031820Abstract: Data collection is facilitated by a multi-threaded processor. One thread of the processor obtains data placed in a buffer by another thread of the processor. The thread placing the data in the buffer is an execution thread executing a customer application and the one thread obtaining the data from the buffer is an assist thread. The assist thread stores the data obtained from the buffer in a selected location, such as a cache, main memory, a measurement control block, a persistent storage device or a network.Type: ApplicationFiled: July 29, 2015Publication date: February 2, 2017Inventors: Christine Axnix, Ute Gaertner, Jakob C. Lang, Angel Nunez Mencias