Abstract: Apparatus and method for performing address pre-translation to enhance direct memory access by hardware subsystems is described herein. An apparatus embodiment includes a processor to execute an enqueue instruction to submit, to a hardware subsystem, a job descriptor describing a job to be performed. The job descriptor includes virtual addresses of memory locations in which data required to perform the job are stored. An input-output memory management unit (IOMMU) is to obtain the address translations for the virtual addresses responsive to a pre-translation request from the processor. The address translations is obtained by the IOMMU prior to receiving a memory access request from the hardware subsystem. The IOMMU is to retrieve the data from the memory location using the address translations and to provide the retrieved data to the hardware subsystem to fulfill the request.

Abstract: Techniques and mechanisms for determining an operation to be performed with a direct memory access (DMA) request. An inspection unit (105) is coupled between an input-output memory management unit (IOMMU) (120) and an endpoint device (118). The inspection unit (105) stores a registry (330) comprising entries (332) which each correspond to a respective address, and a respective one or more resources of the endpoint device (118). A given entry (332) of the registry (330) is created based on a message from the IOM MU (120) which indicates the successful completion of an address translation to facilitate a DMA request. The endpoint device (118) performs a search, based on a DMA request, to determine if any registry (330) entry (332) indicates a combination of an address and an endpoint resource, where said combination matches a corresponding combination indicated by the DMA request. Communication of the DMA request to the IOMMU (120) is contingent on a result of the search.

Abstract: An embodiment of an integrated circuit may comprise memory to store respective resource control descriptors in correspondence with respective identifiers, and an input/output (JO) memory management unit (IOMMU) communicatively coupled to the memory, the IOMMU including circuitry to determine resource control information for an IO transaction based on a resource control descriptor stored in the memory that corresponds to an identifier associated with the IO transaction, and control utilization of one or more resources of the IOMMU based on the determined resource control information. Other embodiments are disclosed and claimed.

Abstract: Various examples of device and system implementations and methods for performing attestation delegation operations are disclosed. In an example, attestation operations are performed by a verifier, including: obtaining endorsement information for attestation of an entity; obtaining an appraisal policy for evaluation of attestation evidence for the attestation of the entity; determining, based on the endorsement information and the appraisal policy, that delegation to a delegate verifier entity is permitted to perform the attestation of the entity; and providing, to the delegate verifier entity, a delegation command to perform the attestation of the entity, wherein the delegation command authorizes the delegate verifier entity to perform attestation operations (e.g., verifier operations) for a domain of entities including the entity.

Abstract: Examples described herein relate to circuitry to provide telemetry data of first circuitry based on a power state of the first circuitry and provide telemetry data of second circuitry based on a power state of the second circuitry.