Memory Access Blocking Patents (Class 711/152)
  • Patent number: 10305793
    Abstract: A communication device conforming with plural communication standards and having a storage storing a plurality of virtual stacks each having an application program and communication program that implements a protocol stack for communication by the application program. An executor executes the virtual stacks, and a switching controller switches the virtual stacks to be executed by performing a first processing in which at least one part of at least one of the virtual stacks is read from storage and stored into a memory of, and executed by, the executor. Then, in accordance with free capacity in the memory, at least one part of at least one of the virtual stacks executed in the first processing is deleted from memory. In a second processing at least one part of at least one of the virtual stacks is read from the storage and stored into the memory of, and executed by, the executor.
    Type: Grant
    Filed: May 29, 2013
    Date of Patent: May 28, 2019
    Assignee: Yokogawa Electric Corporation
    Inventors: Nobuo Okabe, Yukiyo Akisada, Kazunori Miyazawa, Yasuki Sakurai
  • Patent number: 10291543
    Abstract: A system, method, and computer program product are provided for migrating availability of a resource type in a communication network using network function virtualization, comprising: selecting a resource type; selecting a first section of the network where demand for the resource type is expected to grow; selecting a second section of the network where demand for the resource type is expected to be stable relative to the first section; selecting a third section of the network communicatively coupled to the first and second sections, the third section comprising higher availability of the resource type than the first section; migrating a first virtual network function (VNF) instance from the third section to the first section; and migrating a second virtual network function instance from the second section to the third section.
    Type: Grant
    Filed: January 26, 2016
    Date of Patent: May 14, 2019
    Assignee: AMDOCS DEVELOPMENT LIMITED
    Inventors: Eyal Felstaine, Ofer Hermoni, Itzik Kitroser, Nimrod Sandlerman
  • Patent number: 10261794
    Abstract: Techniques are described for metadata processing that can be used to encode an arbitrary number of security policies for code running on a processor. Metadata may be added to every word in the system and a metadata processing unit may be used that works in parallel with data flow to enforce an arbitrary set of policies. In one aspect, the metadata may be characterized as unbounded and software programmable to be applicable to a wide range of metadata processing policies. Techniques and policies have a wide range of uses including, for example, safety, security, and synchronization. Additionally, described are aspects and techniques in connection with metadata processing in an embodiment based on the RISC-V architecture.
    Type: Grant
    Filed: September 5, 2017
    Date of Patent: April 16, 2019
    Assignee: The Charles Stark Draper Laboratory, Inc.
    Inventor: Andre′ DeHon
  • Patent number: 10242022
    Abstract: The disclosed computer-implemented method for managing delayed allocation on clustered file systems may include (i) receiving, at a global lock manager that stores storage disk allocation information for a plurality of nodes in a clustered file system, a lock request from a node that requests a lock range on a storage disk to store data from a file, (ii) reserving, by the global lock manager, the lock range, (iii) receiving, at the global lock manager, from an additional node, an additional lock request for an additional lock range to store additional data from the file, and (iv) reserving, by the global lock manager, the additional lock range to be adjacent to the lock range on the storage disk based on the additional data on the additional node being from the same file as the data on the node. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: August 10, 2016
    Date of Patent: March 26, 2019
    Assignee: Veritas Technologies LLC
    Inventors: Sanjay Jain, Shirish Vijayvargiya, Anindya Banerjee
  • Patent number: 10235310
    Abstract: Described herein are technical features for freeing a buffer used during execution of a work-item by a multiprocessor. An example method includes identifying a first processing unit that assigned the buffer to the work-item, in response to a request from a second processing unit to free the buffer. The computer-implemented method also includes identifying a bitmap associated with the buffer, the bitmap being in a local memory of the first processing unit. The computer-implemented method also includes updating a bit from the bitmap to indicate that the buffer has been freed, the bit corresponding to the buffer.
    Type: Grant
    Filed: November 29, 2016
    Date of Patent: March 19, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jeffrey P. Kubala, Jerry A. Moody, Muruganandam Somasundaram
  • Patent number: 10236069
    Abstract: An apparatus is described. The apparatus includes a storage device having multiple non volatile memory chips and controller circuitry. The controller circuitry is to implement wear leveling of storage cells of the non volatile memory chips at a granularity of segments of storage cell arrays of the non volatile memory chips that share a same disturber node and that are coupled to a same storage cell array wire to diminish disturb errors.
    Type: Grant
    Filed: June 20, 2017
    Date of Patent: March 19, 2019
    Assignee: Intel Corporation
    Inventors: Ning Wu, Robert E. Frickey
  • Patent number: 10223301
    Abstract: Aspects of the present invention include a method, system and computer program product that implements a memory management scheme for each processor in a multiprocessor system. The method includes pre-allocating, for each processor in a multiprocessor system, a set of memory buffers; and implementing a metadata bitmap for each pre-allocated set of memory buffers, wherein the metadata bitmap for each pre-allocated set of memory buffers comprises a plurality of bits, and wherein each of the plurality of bits is indicative of a usage state of a corresponding one of the memory buffers within each pre-allocated set of memory buffers.
    Type: Grant
    Filed: November 29, 2016
    Date of Patent: March 5, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jeffrey P. Kubala, Jerry A. Moody, Muruganandam Somasundaram
  • Patent number: 10210109
    Abstract: Aspects of the present invention include a method, system and computer program product that implements a memory management scheme for each processor in a multiprocessor system. The method includes pre-allocating, for each processor in a multiprocessor system, a set of memory buffers; and implementing a metadata bitmap for each pre-allocated set of memory buffers, wherein the metadata bitmap for each pre-allocated set of memory buffers comprises a plurality of bits, and wherein each of the plurality of bits is indicative of a usage state of a corresponding one of the memory buffers within each pre-allocated set of memory buffers.
    Type: Grant
    Filed: February 10, 2017
    Date of Patent: February 19, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Jeffrey P. Kubala, Jerry A. Moody, Muruganandam Somasundaram
  • Patent number: 10191795
    Abstract: Embodiments relate to systems and methods for timeout monitoring of concurrent commands or parallel communication channels comprising assigning or de-assigning each one of the commands or communication channels to a corresponding one of a plurality of timeout timers when corresponding commands are to be transmitted or command acknowledges are received respectively.
    Type: Grant
    Filed: June 23, 2017
    Date of Patent: January 29, 2019
    Assignee: Infineon Technologies AG
    Inventors: Karl Herz, Ljudmil Anastasov, Harald Zweck
  • Patent number: 10191852
    Abstract: Methods and apparatus for locking at least a portion of a shared memory resource. In one embodiment, an electronic device configured to lock at least a portion of a shared memory is disclosed. The electronic device includes a host processor, at least one peripheral processor and a physical bus interface configured to couple the host processor to the peripheral processor. The electronic device further includes a software framework that is configured to: attempt to lock a portion of the shared memory; verify that the peripheral processor has not locked the shared memory; when the portion of the shared memory is successfully locked via the verification that the peripheral processor has not locked the portion of the shared memory, execute a critical section of the shared memory; and otherwise attempt to lock the at least the portion of the shared memory at a later time.
    Type: Grant
    Filed: September 22, 2016
    Date of Patent: January 29, 2019
    Assignee: Apple Inc.
    Inventors: Vladislav Petkov, Haining Zhang, Karan Sanghi, Saurabh Garg
  • Patent number: 10176122
    Abstract: A processor employs a hardware encryption module in the memory access path between an input/out device and memory to cryptographically isolate secure information. In some embodiments, the encryption module is located at a memory controller of the processor, and each memory access request provided to the memory controller includes VM tag value identifying the source of the memory access request. The VM tag is determined based on a requestor ID identifying the source of the memory access request. The encryption module performs encryption (for write accesses) or decryption (for read accesses) of the data associated with the memory access based on an encryption key associated with the VM tag.
    Type: Grant
    Filed: October 19, 2016
    Date of Patent: January 8, 2019
    Assignees: Advanced Micro Devices, Inc., ATI Technologies ULC
    Inventors: David Kaplan, Maggie Chan, Philip Ng
  • Patent number: 10177921
    Abstract: A process is disclosed for authorizing a user's access to a limited access network. The process comprises sending an encrypted server random number to a previously registered user. If the user can demonstrate an ability to successfully decrypt the server random number, the user is authenticated and access is authorized. The process further comprises an encrypted user random number. Encryption of the user random number comprises the use of a server-controlled value. The web server's ability to return to the user a decryption of the encrypted user random number serves as confirmation that the web site is legitimate. In a preferred embodiment all communications of login values between the user and the web server are encrypted. In an embodiment a user is provided with a key for encrypting user random numbers and for decrypting server random numbers. The key may be automatically updated on a predetermined schedule.
    Type: Grant
    Filed: January 15, 2015
    Date of Patent: January 8, 2019
    Assignee: XORkey B.V.
    Inventor: Timotheus Martinus Cornelis Ruiter
  • Patent number: 10148732
    Abstract: A method of distributing data over multiple Internet connections is provided. The method includes the steps of: (a) providing a client computer with access to a plurality of Internet connections; and (b) providing a host computer for determining the allocation of data to be sent to the client computer over each of the plurality of Internet connections using at least one of (i) predetermined criteria and (ii) dynamically changing criteria.
    Type: Grant
    Filed: December 21, 2015
    Date of Patent: December 4, 2018
    Assignee: Connectify, Inc.
    Inventors: Alexander Gizis, Brian Prodoehl, Kevin Cunningham, Brian Lutz
  • Patent number: 10133508
    Abstract: A computer-implemented method for enhancing data protection is disclosed. The method starts with monitoring an operating status of a storage volume at a primary storage of a storage system, where the storage volume is allocated to one or more applications. The method continues with determining whether the operating status of the storage volume satisfies a predetermined condition and notifying a backup application to trigger a backup of the storage volume of the primary storage to a backup storage upon determining that the operating status of the storage volume satisfies the first predetermined condition.
    Type: Grant
    Filed: June 13, 2014
    Date of Patent: November 20, 2018
    Assignee: EMC IP Holding Company LLC
    Inventors: Stephen D. Smaldone, Jian Xing, Hyong Shim
  • Patent number: 10129329
    Abstract: An improved method for the prevention of deadlock in a massively parallel processor (MPP) system wherein, prior to a process sending messages to another process running on a remote processor, the process allocates space in a deadlock-avoidance FIFO. The allocated space provides a “landing zone” for requests that the software process (the application software) will subsequently issue using a remote-memory-access function. In some embodiments, the deadlock-avoidance (DLA) function provides two different deadlock-avoidance schemes: controlled discard and persistent reservation. In some embodiments, the software process determines which scheme will be used at the time the space is allocated.
    Type: Grant
    Filed: October 13, 2015
    Date of Patent: November 13, 2018
    Assignee: Cray Inc.
    Inventors: Edwin L. Froese, Eric P. Lundberg, Igor Gorodetsky, Howard Pritchard, Charles Giefer, Robert L. Alverson, Duncan Roweth
  • Patent number: 10089248
    Abstract: A computer architecture is disclosed for implementing a hacking-resistant computing device. The computing device, which could be a mainframe computer, personal computer, smartphone, or any other computing device suitable for network communication, comprises a first partition and a second partition. The second partition can communicate over a network such as the Internet. In contrast, the first partition cannot connect to the Internet, and can directly communicate only with the second partition or with input/output devices directly connected to the first partition. Further, the first partition segments its memory addressing for program code and hardware-protects it from alteration. The second partition is hardware-limited from reading or writing to the memory addressing of the first partition. As a result, the critical data files and program code stored on the first partition are protected from malicious code affecting the second partition.
    Type: Grant
    Filed: February 20, 2017
    Date of Patent: October 2, 2018
    Assignee: Newman H-R Computer Design, LLC
    Inventors: Frank N. Newman, Dan Newman
  • Patent number: 10089447
    Abstract: Instructions and logic fork processes and establish child enclaves in a secure enclave page cache (EPC). Instructions specify addresses for secure storage allocated to enclaves of a parent and a child process to store secure enclave control structure (SECS) data, application data, code, etc. The processor includes an EPC to store enclave data of the parent and child processes. Embodiments of the parent may execute, or a system may execute an instruction to copy parent SECS to secure storage for the child, initialize a unique child ID and link to the parent's SECS/ID. Embodiments of the child may execute, or the system may execute an instruction to copy pages from the parent enclave to the enclave of the child where both have the same key, set an entry for EPC mapping to partial completion, and record a page state in the child enclave, if interrupted. Thus copying can be resumed.
    Type: Grant
    Filed: June 13, 2017
    Date of Patent: October 2, 2018
    Assignee: Intel Corporation
    Inventors: Prashant Pandey, Mona Vij, Somnath Chakrabarti, Krystof C. Zmudzinski
  • Patent number: 10083071
    Abstract: An anomaly detector for a Controller Area Network (CAN) bus performs state space classification on a per-message basis of messages on the CAN bus to label messages as normal or anomalous, and performs temporal pattern analysis as a function of time to label unexpected temporal patterns as anomalous. The anomaly detector issues an alert if an alert criterion is met that is based on the outputs of the state space classification and the temporal pattern analysis. The temporal pattern analysis may compare statistics of messages having analyzed arbitration IDs with statistics for messages having those analyzed arbitration IDs in a training dataset of CAN bus messages, and a temporal pattern is anomalous if there is a statistically significant deviation from the training dataset. The anomaly detector may be implemented on a vehicle Electronic Control Unit (ECU) communicating via a vehicle CAN bus.
    Type: Grant
    Filed: September 17, 2015
    Date of Patent: September 25, 2018
    Assignee: BATTELLE MEMORIAL INSTITUTE
    Inventors: Anuja Sonalker, David Sherman
  • Patent number: 10061657
    Abstract: Embodiments are described for dynamically modifying backup policy of an application using changes in metrics of a data set generated by the application and/or user-specified rules. Each application can have its own backup policy having a protection level that determines a frequency of backup for the application data set. An application can have an initial backup policy. An application backup policy can be based on the application type, a percent of change to the data set since the last backup, a size of the data set, or other metric. A user can specify a rule for the backup policy and protection level for the application. The backup policy or protection level can be dynamically updated in response to changes in the data set or a user-specified rule, on a per-application basis.
    Type: Grant
    Filed: March 23, 2016
    Date of Patent: August 28, 2018
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventors: Shelesh Chopra, John Rokicki, Vladimir Mandic
  • Patent number: 10025580
    Abstract: In accordance with embodiments of the present disclosure, a method may include querying, by an application program executing on a first information handling system, a second information handling system remotely coupled to the first information handling system for data comprising identities of versions or patches of an operating system certified by a provider of the operating system. The method may also include receiving the data in response to the query. The method may further include updating a support matrix associated with the application program based on the identities of certified versions or patches, the support matrix setting forth identities of versions or patches of the operating system supported by the application program.
    Type: Grant
    Filed: January 23, 2013
    Date of Patent: July 17, 2018
    Assignee: Dell Products L.P.
    Inventors: Matthew Christian Paul, Trung Minh Tran, Muhammad Rahman
  • Patent number: 10007553
    Abstract: A method designed to configure an IT system having at least one computing core for executing instruction threads, in which each computing core is capable of executing at least two instruction threads at a time in an interlaced manner, and an operating system, being executed on the IT system, capable of providing instruction threads to each computing core. The method includes a step of configuring the operating system being executed in a mode in which it provides each computing core with a maximum of one instruction thread at a time.
    Type: Grant
    Filed: March 10, 2011
    Date of Patent: June 26, 2018
    Assignee: BULL SAS
    Inventors: Xavier Bru, Philippe Garrigues, Benoît Welterlen
  • Patent number: 9990372
    Abstract: The disclosed embodiments disclose techniques for managing consistency for a file in a distributed filesystem. Two or more cloud controllers collectively manage distributed filesystem data that is stored in the cloud storage systems; the cloud controllers ensure data consistency for the stored data, and each cloud controller caches portions of the distributed filesystem. During operation, a cloud controller receives from a client a request to access the file. The cloud controller determines a level of consistency that is associated with the file, and then uses this level of consistency to determine whether to communicate with a peer cloud controller when handling the request.
    Type: Grant
    Filed: September 10, 2014
    Date of Patent: June 5, 2018
    Assignee: PANZURA, INC.
    Inventors: Yun Lin, Steve Hyuntae Jung, Vinay Kumar Anneboina, John Richard Taylor
  • Patent number: 9940287
    Abstract: A shared memory controller receives, from a computing node, a request associated with a memory transaction involving a particular line in a memory pool. The request includes a node address according to an address map of the computing node. An address translation structure is used to translate the first address into a corresponding second address according to a global address map for the memory pool, and the shared memory controller determines that a particular one of a plurality of shared memory controllers is associated with the second address in the global address map and causes the particular shared memory controller to handle the request.
    Type: Grant
    Filed: March 27, 2015
    Date of Patent: April 10, 2018
    Assignee: Intel Corporation
    Inventor: Debendra Das Sharma
  • Patent number: 9934004
    Abstract: A computer readable medium including executable instructions that when executed perform a method for validating an optimization in generated code using an executable constraints document is provided. The medium can include instructions for relating an assumption to the optimization during code generation. The medium can include instructions for generating the executable constraints document during the code generation, the executable constraints document including information about the relating; and the medium can include instructions for executing the constraints document when the validating is performed, the validating including performing an operation based on a validation result produced by the validating, where the operation includes displaying the validation result to a user, storing the validation result, sending the validation result to a destination, or modifying the generated code.
    Type: Grant
    Filed: March 31, 2014
    Date of Patent: April 3, 2018
    Assignee: The MathWorks, Inc.
    Inventors: Aravind Pillarisetti, Peter S. Szpak, Jesung Kim, Xiaocang Lin, Pieter J. Mosterman
  • Patent number: 9928174
    Abstract: A consistent caching service for managing data consistency between a cache system and backing store is provided. The consistent caching service compares an origin token and a parity token associated with the cached copy of the data item to determine consistency of the data item. The origin and parity tokens may be generated by an operation that caused population of the data item to the cache. The parity token may be invalidated by a write operation of the data item, thus causing a mismatch between the two tokens.
    Type: Grant
    Filed: March 16, 2016
    Date of Patent: March 27, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Paul Connell
  • Patent number: 9891962
    Abstract: Provided is a lock management system, a lock management method and a lock management program whereby lock acquisition and release processes can be carried out at high speed. A lock management system 1 having a multiprocessor includes: a lock acquisition process 310 for carrying out a lock acquisition process for a thread according to one or more lock modes, at least a portion of the lock modes being a shared lock that can be acquired by one or more threads; and lock status holding means 410 for managing the number of threads acquiring a lock, by first information which can express the number of threads by one word that can be handled by an indivisible access command of the multi-processor, and second information representing a whole range of the number of threads that can possibly acquire a lock in each lock mode.
    Type: Grant
    Filed: March 26, 2013
    Date of Patent: February 13, 2018
    Assignee: NEC Corporation
    Inventor: Takashi Horikawa
  • Patent number: 9826045
    Abstract: Systems and methods are provided to test changes for a mobile app built by web-based tooling directly on a physical mobile device. A first application can be loaded on a mobile device. The first application can receive metadata of a second application. The first application can execute the second application using the metadata. Access to local resources can be intercepted and redirected to the server for processing. Additionally, changes made to the second application using the web-based tooling can be pushed to the first application using a persistent channel allowing the changes to be immediately tested.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: November 21, 2017
    Assignee: Oracle International Corporation
    Inventors: Christian David Straub, Maneesh Chugh
  • Patent number: 9817573
    Abstract: A smart card management method, a memory storage device, and a memory control circuit unit are provided. The method includes: receiving a first setting command corresponding to a temporary file from a host system. The temporary file is configured to access the smart card, and the first setting command includes a plurality of first setting messages. One of the first setting messages includes first setting command verification information and first location identification information. The first setting command verification information is configured to verify whether the first setting command is configured to set the temporary file, and the first location identification information is configured to find a logical unit corresponding to the first setting message including the first location identification information. The method also includes: recording a first logic range belonging to the temporary file in a look-up table according to the first setting command.
    Type: Grant
    Filed: March 24, 2015
    Date of Patent: November 14, 2017
    Assignee: PHISON ELECTRONICS CORP.
    Inventors: Meng-Chang Chen, Hsing-Chang Liu
  • Patent number: 9812186
    Abstract: A first level buffer chip gates a target second level buffer chip according to a preset mapping relationship, a first chip select signal, and a first higher-order address signal, and forwards a memory access instruction and a lower-order address signal received from a memory controller to the target second level buffer chip. The target second level buffer chip determines a target memory module according to a second chip select signal and a delayed address signal obtained by delay processing on a second higher-order address signal, determines a target memory chip according to the lower-order address signal, acquires target data from the target memory chip according to the memory access instruction, and returns the target data to the memory controller. A cascading manner of a system memory is changed to a tree-like topological form, which avoids a protocol conversion problem and reduces the memory access time.
    Type: Grant
    Filed: October 26, 2015
    Date of Patent: November 7, 2017
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Yuan Ruan, Mingyu Chen
  • Patent number: 9792294
    Abstract: The disclosed embodiments disclose techniques for using byte-range locks to manage multiple concurrent accesses to a file in a distributed filesystem. Two or more cloud controllers collectively manage distributed filesystem data that is stored in the cloud storage systems; the cloud controllers ensure data consistency for the stored data, and each cloud controller caches portions of the distributed filesystem. During operation, a cloud controller receives from a first client a request to access a portion of the file. The cloud controller contacts the owning cloud controller for the portion of the file to request a byte-range lock for that portion of the file. The owning cloud controller returns a byte-range lock to the requesting cloud controller if no other clients of the distributed filesystem are currently locking the requested portion of the file with conflicting accesses.
    Type: Grant
    Filed: July 2, 2014
    Date of Patent: October 17, 2017
    Assignee: PANZURA, INC
    Inventors: Yun Lin, Richard Sharpe
  • Patent number: 9785440
    Abstract: Techniques are described for metadata processing that can be used to encode an arbitrary number of security policies for code running on a processor. Metadata may be added to every word in the system and a metadata processing unit may be used that works in parallel with data flow to enforce an arbitrary set of policies. In one aspect, the metadata may be characterized as unbounded and software programmable to be applicable to a wide range of metadata processing policies. Techniques and policies have a wide range of uses including, for example, safety, security, and synchronization. Additionally, described are aspects and techniques in connection with metadata processing in an embodiment based on the RISC-V architecture.
    Type: Grant
    Filed: February 7, 2017
    Date of Patent: October 10, 2017
    Assignee: The Charles Stark Draper Laboratory, Inc.
    Inventor: Andre' DeHon
  • Patent number: 9734090
    Abstract: Resource use is recorded with a partitioned reference counter. The sum of all resource counter partitions is equivalent to the total references to a resource. When one resource counter partition reaches zero, it is possible that the resource should be destroyed. To determine if this is the case, all other partitions can be checked for a value of zero. If all the partitions are zero, the resource can be destroyed. Coarse grained partitioning and add/release on all partitions can be employed to avoid extra work associated with a local partition reaching zero. Further, destroying or deleting a resource can be accomplished in a manner that avoids a race condition.
    Type: Grant
    Filed: June 21, 2012
    Date of Patent: August 15, 2017
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC.
    Inventors: Fabricio D. Voznika, Haitao Wang, Jack S. Richins, Jasraj Dange
  • Patent number: 9734333
    Abstract: Methods of detecting malicious code injected into memory of a computer system are disclosed. The memory injection detection methods may include enumerating memory regions of an address space in memory of computer system to create memory region address information. The memory region address information may be compared to loaded module address information to facilitate detection of malicious code memory injection.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: August 15, 2017
    Assignee: HEAT SOFTWARE USA INC.
    Inventor: Daniel Teal
  • Patent number: 9727370
    Abstract: A transactional execution of a set of instructions in a transaction of a program may be initiated to collect memory operand access characteristics of a set of instructions of a transaction during the transactional execution. The memory operand access characteristics may be stored upon a termination of the transactional execution of the set of instructions. The memory operand access characteristics may include an address of an accessed storage location, a count of a number of times the storage location is accessed, a purpose value indicating whether the storage location is accessed for a fetch, store, or update operation, a count of a number of times the storage location is accessed for one or more of a fetch, store, or update operation; a translation mode in which the storage location is accessed; and an addressing mode.
    Type: Grant
    Filed: August 23, 2016
    Date of Patent: August 8, 2017
    Assignee: International Business Machines Corporation
    Inventors: Dan F. Greiner, Michael Karl Gschwind, Valentina Salapura, Timothy J. Slegel
  • Patent number: 9715463
    Abstract: A code protection scheme for controlling access to a memory region in an integrated circuit includes a processor with an instruction pipeline that includes multiple processing stages. A first processing stage receives one or more instructions. A second processing stage receives address information identifying a protected memory region of the memory from the first processing stage and protection information for an identified protected memory region. The protection information indicates a protection state assigned to each protected memory region. Based on the instruction type of the received instruction and the protection information associated with a particular protected memory region, the second processing stage determines whether to enable or disable access to the particular protected memory region by the processor or other external host.
    Type: Grant
    Filed: October 31, 2016
    Date of Patent: July 25, 2017
    Assignee: Synopsys, Inc.
    Inventors: Pranab Bhooma, Carlos Basto, Kulbhushan Kalra
  • Patent number: 9710622
    Abstract: Instructions and logic fork processes and establish child enclaves in a secure enclave page cache (EPC). Instructions specify addresses for secure storage allocated to enclaves of a parent and a child process to store secure enclave control structure (SECS) data, application data, code, etc. The processor includes an EPC to store enclave data of the parent and child processes. Embodiments of the parent may execute, or a system may execute an instruction to copy parent SECS to secure storage for the child, initialize a unique child ID and link to the parent's SECS/ID. Embodiments of the child may execute, or the system may execute an instruction to copy pages from the parent enclave to the enclave of the child where both have the same key, set an entry for EPC mapping to partial completion, and record a page state in the child enclave, if interrupted. Thus copying can be resumed.
    Type: Grant
    Filed: February 23, 2015
    Date of Patent: July 18, 2017
    Assignee: Intel Corporation
    Inventors: Prashant Pandey, Mona Vij, Somnath Chakrabarti, Krystof C. Zmudzinski
  • Patent number: 9705879
    Abstract: A computing device, or a security component of a computing device, implements delayed attestation by initially providing first credentials to a remote access device to establish a first level of trust. The first credentials may be provided before or while the computing device or the security component is obtaining security information from a remote security device. The security information is used to generate second credentials that are subsequently provided to the remote access device to establish a second level of trust. The first credentials may comprise an encryption key that can be generated by the security component without having to retrieve information via a network, and the second credentials may comprise an attestation statement that is more trustworthy than the encryption key and that is generated based on a certificate retrieved from a remote security device (e.g., a certificate authority server).
    Type: Grant
    Filed: February 24, 2015
    Date of Patent: July 11, 2017
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Anoosh Saboori, Victor W. Heller, Xiaohong Su, Dayi Zhou, Kinshuman Kinshumann, James Hugh Morgan, Stefan Thom
  • Patent number: 9705912
    Abstract: A device for processing a virus file, including a memory, and a processor in communication with the memory, the memory stores a virus file information providing instruction, a cleaning instruction, an isolating instruction and a transferring instruction, which are executable by the processor; the virus file information providing instruction indicates to provide virus file information; the cleaning instruction indicates to clean a virus file in a User Equipment (UE) corresponding to the virus file information, based on the virus file information; the isolating instruction indicates to provide isolation space, and utilize the isolation space to isolate the virus file, and the transferring instruction indicates to transfer the virus file, which is cleaned based on the cleaning instruction, to the isolation space.
    Type: Grant
    Filed: April 23, 2015
    Date of Patent: July 11, 2017
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventors: Linfeng Li, Ling Guo
  • Patent number: 9692908
    Abstract: A system and method for processing a plurality of channels, for example audio channels, in parallel is provided. For example, a plurality of telephony channels are processed in order to detect and respond to call progress tones. The channels may be processed according to a common transform algorithm. Advantageously, a massively parallel architecture is employed, in which operations on many channels are synchronized, to achieve a high efficiency parallel processing environment. The parallel processor may be situated on a data bus, separate from a main general purpose processor, or integrated with the processor in a common board or integrated device. All, or a portion of a speech processing algorithm may also be performed in a massively parallel manner.
    Type: Grant
    Filed: June 19, 2015
    Date of Patent: June 27, 2017
    Inventor: Wai Wu
  • Patent number: 9672164
    Abstract: Embodiments include processing systems that determine, based on an instruction address range indicator stored in a first register, whether a next instruction fetch address corresponds to a location within a first memory region associated with a current privilege state or within a second memory region associated with a different privilege state. When the next instruction fetch address is not within the first memory region, the next instruction is allowed to be fetched only when a transition to the different privilege state is legal. In a further embodiment, when a data access address is generated for an instruction, a determination is made, based on a data address range indicator stored in a second register, whether access to a memory location corresponding to the data access address is allowed. The access is allowed when the current privilege state is a privilege state in which access to the memory location is allowed.
    Type: Grant
    Filed: May 31, 2012
    Date of Patent: June 6, 2017
    Assignee: NXP USA, INC.
    Inventors: Daniel M. McCarthy, Joseph C. Circello, Kristen A. Hausman
  • Patent number: 9667723
    Abstract: An architecture provides capabilities to transport and process Internet Protocol (IP) packets from Layer 2 through transport protocol layer and may also provide packet inspection through Layer 7. A set of engines may perform pass-through packet classification, policy processing and/or security processing enabling packet streaming through the architecture at nearly the full line rate. A scheduler schedules packets to packet processors for processing. An internal memory or local session database cache stores a session information database for a certain number of active sessions. The session information that is not in the internal memory is stored and retrieved to/from an additional memory. An application running on an initiator or target can in certain instantiations register a region of memory, which is made available to its peer(s) for access directly without substantial host intervention through RDMA data transfer.
    Type: Grant
    Filed: March 2, 2015
    Date of Patent: May 30, 2017
    Inventor: Ashish A. Pandya
  • Patent number: 9652169
    Abstract: A method includes the following steps. Runtime statistics related to data transaction processing in a concurrent system are collected. A given request to access shared data in the concurrent system is receive. Based on the collected runtime statistics, the number of reattempts the given request can make to access the shared data prior to access control being switched from a hardware transactional memory to a locking mechanism is adaptively determined.
    Type: Grant
    Filed: July 9, 2015
    Date of Patent: May 16, 2017
    Assignee: International Business Machines Corporation
    Inventors: Bishwaranjan Bhattacharjee, Mustafa Canim, Yuan-Chi Chang, Mohammad Sadoghi Hamedani, Bassem Makni, Kenneth Andrew Ross
  • Patent number: 9652168
    Abstract: A method includes the following steps. Runtime statistics related to data transaction processing in a concurrent system are collected. A given request to access shared data in the concurrent system is receive. Based on the collected runtime statistics, the number of reattempts the given request can make to access the shared data prior to access control being switched from a hardware transactional memory to a locking mechanism is adaptively determined.
    Type: Grant
    Filed: April 10, 2015
    Date of Patent: May 16, 2017
    Assignee: International Business Machines Corporation
    Inventors: Bishwaranjan Bhattacharjee, Mustafa Canim, Yuan-Chi Chang, Mohammad Sadoghi Hamedani, Bassem Makni, Kenneth Andrew Ross
  • Patent number: 9641493
    Abstract: An approach is provided for protecting data owned by an operating system on a mobile computing device having multiple operating systems. A map specifying protected data regions for the operating systems is generated. The map is secured with a shared key retrieved from a data structure. Based on the shared key, a tuple specifying the data region is retrieved from the data structure. Based on the map, the shared key, and the tuple, and responsive to a data cleanup activity being performed by a software utility being executed on another, currently running operating system included in the multiple operating systems, a data region included in the protected data regions is determined to be owned by the operating system. Based on the data region being owned by the operating system and specified by the map, the data cleanup activity is blocked from being performed on the data region.
    Type: Grant
    Filed: May 13, 2016
    Date of Patent: May 2, 2017
    Assignee: International Business Machines Corporation
    Inventors: Blaine H. Dolph, Miku K. Jha, Sandeep R. Patil, Riyazahamad M. Shiraguppi, Gandhi Sivakumar
  • Patent number: 9632819
    Abstract: A transactional execution of a set of instructions in a transaction of a program may be initiated to collect memory operand access characteristics of a set of instructions of a transaction during the transactional execution. The memory operand access characteristics may be stored upon a termination of the transactional execution of the set of instructions. The memory operand access characteristics may include an address of an accessed storage location, a count of a number of times the storage location is accessed, a purpose value indicating whether the storage location is accessed for a fetch, store, or update operation, a count of a number of times the storage location is accessed for one or more of a fetch, store, or update operation; a translation mode in which the storage location is accessed; and an addressing mode.
    Type: Grant
    Filed: August 20, 2015
    Date of Patent: April 25, 2017
    Assignee: International Business Machines Corporation
    Inventors: Dan F. Greiner, Michael Karl Gschwind, Valentina Salapura, Timothy J. Slegel
  • Patent number: 9632569
    Abstract: Multi-processor computing device methods manage resource accesses by a signaling event manager signaling processor elements requesting access to a resource to wake up to access the resource when the resource is available or wait for an event when the resource is busy. Processor elements may enter a sleep state while awaiting access to the requested resource. When multiple elements are waiting for the resource, the processor element with a highest assigned priority is signaled to wake up when the resource is available without waking other elements. Priorities may be assigned to processor elements waiting for the resource based on a heuristic or parameter that may depend on a state of the computing device or the processor elements. A sleep duration may be estimated for a processor element waiting for a resource and the processor element may be removed from a scheduling queue or assigned another thread during the sleep duration.
    Type: Grant
    Filed: August 5, 2014
    Date of Patent: April 25, 2017
    Assignee: QUALCOMM Incorporated
    Inventors: Dario Suarez Gracia, Han Zhao, Pablo Montesinos Ortego, Gheorghe Calin Cascaval, James Xenidis
  • Patent number: 9627081
    Abstract: Upon initialization or startup of an electronic device, the device checks a predetermined section of non-volatile memory, referred to as the signature byte or lock byte, and allows either the manufacturing mode which allows for installation of the final or production version of firmware to be loaded into non-volatile memory, or the production mode which write-protects certain portions of non-volatile memory before giving operating control of the electronic device to another program, for example, an operating system. By only allowing execution of operating system or other executable code after write-protecting certain portions of non-volatile memory, system security, integrity, and robustness are substantially increased.
    Type: Grant
    Filed: October 5, 2007
    Date of Patent: April 18, 2017
    Assignee: KINGLITE HOLDINGS INC.
    Inventor: Timothy Andrew Lewis
  • Patent number: 9620182
    Abstract: In a memory system where multiple memory chips communicate their ready/busy status on a shared bus line, a pulse mechanism is used for the individual memory chips to indicate their ready/busy status to the controller. In one example, the controller assigns pulse durations of differing lengths to the memory dies to allow the controller to distinguish between them. Techniques for dealing with bus collisions between the pulses of different chips are also described.
    Type: Grant
    Filed: December 31, 2013
    Date of Patent: April 11, 2017
    Assignee: SANDISK TECHNOLOGIES LLC
    Inventors: Daniel Tuers, Abhijeet Manohar, Yoav Weinberg, Milton Lourenco Barrocas
  • Patent number: 9602187
    Abstract: An automated aircraft flight data and delivery management system and method operates in a normal state and a demand state. The demand state may be self-initiated or manually-initiated, and may be triggered during situations which include but are not limited to situations when the aircraft is in a potential or confirmed emergency situation. Data transmission increases in intensity when the system is in a demand state.
    Type: Grant
    Filed: August 11, 2010
    Date of Patent: March 21, 2017
    Assignee: Flyht Aerospace Solutions Ltd.
    Inventors: Kent Jacobs, Murat Sumer, Matthew Bradley, Richard Hayden, Alana MacKinnon, Zeynin Juma
  • Patent number: 9582340
    Abstract: A system and a method are disclosed for managing file locks, including initiating, by a processing device executing a kernel, executions of a number of active tasks that each has acquired a respective lock to a record, and in response to release of a first lock to the record by an active task, waking up a previously-designated worker task out of a number of idle tasks, in which the worker task is to attempt an acquisition of a second lock on behalf of at least one remaining task of the idle tasks.
    Type: Grant
    Filed: January 9, 2014
    Date of Patent: February 28, 2017
    Assignee: Red Hat, Inc.
    Inventors: Jeffrey Layton, James Bruce Fields