Patent application number | Description | Published |
20080244250 | Instant on video - In some embodiments, the invention involves speeding boot up of a platform by initializing the video card early on in the boot process. In an embodiment, processor cache memory is to be used as cache as RAM (CAR). Video graphics adapter (VGA) card initialization uses the CAR instead of system RAM to perform initialization. A portion of the firmware code, interrupt vector tables and handlers are mirrored in the CAR, from flash memory to mimic the behavior of system RAM during the video initialization. VGA initialization may occur before system RAM has initialized to enable early visual feedback to a user. Other embodiments are described and claimed. | 10-02-2008 |
20090023414 | Software-Defined Radio Support in Sequestered Partitions - A software-defined radio (SDR) capability may be provided in a general purpose, many core processing system by sequestering one or more partitions running on one or more cores and instantiating a communications capability by having discrete SDR functions performed by the sequestered partitions. Each SDR module embodied in a sequestered partition may be independently upgraded without modifying the hardware of the underlying processing system. By executing SDR modules in cores not accessible by application programs and/or an operating system (OS), a better Quality of Service (QoS) may be provided for wireless communications on the general purpose, multi-core processing system. An embodiment comprises isolating a core of a many core processing system as a sequestered partition, loading a software-defined radio module onto the core, and executing the software-defined module to implement wireless communications. | 01-22-2009 |
20090063836 | Extended fault resilience for a platform - In one embodiment, the present invention includes a method for allocating a fail-over memory region, determining if multiple processors have reached a rendezvous state, and verifying a memory failure in a system software memory region associated with a non-rendezvousing processor and sending a message to the non-rendezvousing processor to update a range register to the fail-over memory region. Other embodiments are described and claimed. | 03-05-2009 |
20090064274 | Dual non-volatile memories for a trusted hypervisor - In one embodiment, the present invention includes a method for executing a first code portion of a pre-boot environment from a first non-volatile memory, authenticating a trusted hypervisor in the first non-volatile memory using the first code portion, executing the trusted hypervisor if the trusted hypervisor is authenticated, and authenticating a basic input/output system (BIOS) present in a second non-volatile memory with the trusted hypervisor and transferring control from the trusted hypervisor to the BIOS if the BIOS is authenticated. Other embodiments are described and claimed. | 03-05-2009 |
20090125901 | Providing virtualization of a server management controller - In one embodiment, the present invention includes a method for creating a virtual machine (VM) in a server platform having a baseboard management controller (BMC) and enabling the VM to virtualize the BMC, receiving a request in the VM for performing a BMC function in the VM, initiating a communication from the VM to the BMC, and trapping the communication in management software of the server platform and routing the communication to a predetermined port of the BMC. Other embodiments are described and claimed. | 05-14-2009 |
20090144579 | Methods and Apparatus for Handling Errors Involving Virtual Machines - A virtual machine monitor (VMM) in a data processing system handles errors involving virtual machines (VMs) in the processing system. For instance, an error manager in the VMM may detect an uncorrectable error in involving a component associated with a first VM in the processing system. In response to detection of that error, the error manager may terminate the first VM, while allowing a second VM in the processing system to continue operating. In one embodiment, the error manager automatically determines which VM is affected by the uncorrectable error, in response to detecting the uncorrectable error. The error manager may also automatically spawn a new VM to replace the first VM, if the processing system has sufficient resources to support the new VM. Other embodiments are described and claimed. | 06-04-2009 |
20090164837 | Reliable memory for memory controller with multiple channels - One embodiment of the invention includes a memory RAS mode whereby a multi-channel memory controller utilizes both memory mirroring and memory sparing to form more complete memory redundancy loss protection. | 06-25-2009 |
20090172323 | METHODS AND APPRATUS FOR DEMAND-BASED MEMORY MIRRORING - A method includes determining an amount of memory space in a memory device available for memory mirroring. The method further includes presenting the available memory space to an operating system. The method further includes selecting at least a portion of the amount of memory space to be used for memory mirroring with the operating system. The method further includes adding a non-selected portion of the available memory to memory space available to the operating system during operation. An associated system and machine readable medium are also disclosed. | 07-02-2009 |
20110055469 | Providing State Storage In A Processor For System Management Mode - In one embodiment, the present invention includes a processor that has an on-die storage such as a static random access memory to store an architectural state of one or more threads that are swapped out of architectural state storage of the processor on entry to a system management mode (SMM). In this way communication of this state information to a system management memory can be avoided, reducing latency associated with entry into SMM. Embodiments may also enable the processor to update a status of executing agents that are either in a long instruction flow or in a system management interrupt (SMI) blocked state, in order to provide an indication to agents inside the SMM. Other embodiments are described and claimed. | 03-03-2011 |
20110154103 | Performing Redundant Memory Hopping - In one embodiment, the present invention includes a method for receiving an indication of a loss of redundancy with respect to a pair of mirrored memory regions of a partially redundant memory system, determining new mirrored memory regions, and dynamically migrating information stored in the original mirrored memory regions to the new mirrored memory regions. Other embodiments are described and claimed. | 06-23-2011 |
20110154104 | Controlling Memory Redundancy In A System - In one embodiment, the present invention provides an ability to handle an error occurring during a memory migration operation in a high availability system. In addition, a method can be used to dynamically remap a memory page stored in a non-mirrored memory region of memory to a mirrored memory region. This dynamic remapping may be responsive to a determination that the memory page has been accessed more than a threshold number of times, indicating a criticality of information on the page. Other embodiments are described and claimed. | 06-23-2011 |
20110161726 | SYSTEM RAS PROTECTION FOR UMA STYLE MEMORY - In some embodiments, the invention involves a system and method relating to system recovery in a fault resilient manner by isolating errors associated with the management engine (ME) UMA memory. BIOS logs errors occurring on memory within the system. The ME UMA is invisible to the host OS, so the OS will not be notified about the errors occurring in the ME UMA range. When an error threshold has been reached for a memory unit in which ME UMA resides, ME UMA data is migrated to a previously reserved backup region of memory and the ME is notified of the new ME UMA location. The faulty memory is flagged for replacement at a next maintenance cycle. Embodiments may be applied to workstations that utilize ECC memory protection which utilize AMT (Active Management Technology) and ME UMA. Other embodiments are described and claimed. | 06-30-2011 |
20110173385 | Methods And Apparatus For Demand-Based Memory Mirroring - A method includes determining an amount of memory space in a memory device available for memory mirroring. The method further includes presenting the available memory space to an operating system. The method further includes selecting at least a portion of the amount of memory space to be used for memory mirroring with the operating system. The method further includes adding a non-selected portion of the available memory to memory space available to the operating system during operation. An associated system and machine readable medium are also disclosed. | 07-14-2011 |
20110246597 | REMOTE DIRECT STORAGE ACCESS - Embodiments of the present disclosure include systems, apparatuses, and methods that relate to remote, direct access of solid-state storage. In some embodiments, a network interface component (NIC) of a server may access a solid-state storage module of the server by a network storage access link that bypasses a central processing unit (CPU) and main memory of the server. Other embodiments may be described and claimed. | 10-06-2011 |
20110307712 | MULTI-OWNER DEPLOYMENT OF FIRMWARE IMAGES - A method, apparatus, system, and computer program product for multi-owner deployment of firmware images. The method includes obtaining a signed firmware image that comprises a first code module signed by a first code owner and a second code module signed by a second code owner. The method further includes obtaining an updated first code module comprising updated code for the first code module, verifying that the updated first code module is signed by the first code owner, and updating the signed firmware image with the updated first code module in response to verifying that the updated first code module is signed by the first code owner. The signed firmware image may further comprise an access control list that authorizes updates to the first code module by the first code owner and updates to the second code module by the second code owner. | 12-15-2011 |
20110314298 | SYSTEM AND METHOD FOR N-ARY LOCALITY IN A SECURITY CO-PROCESSOR - Enhancing locality in a security co-processor module of a computing system may be achieved by including one or more additional attributes such as geographic location, trusted time, a hardware vendor string, and one or more environmental factors into an access control space for machine mode measurement of a computing system. | 12-22-2011 |
20120023364 | METHODS AND APPARATUS TO PROTECT SEGMENTS OF MEMORY - Methods and apparatus to protect segments of memory are disclosed herein. An example method includes intercepting an interrupt request indicating an error; determining whether a first segment of memory is corrupt, the first segment of memory being designated as a protected region of memory; when the protected region of memory is corrupt, repairing the corrupted region of memory using a parity block of code; and in response to validating the protected region of memory, generating an interrupt enabling a utilization of code stored in the protected region of memory to handle the error associated with the interrupt request. | 01-26-2012 |
20120025953 | MULTI-SOCKET SERVER MANAGEMENT WITH RFID - Using radio frequency identification (RFID) tags embedded in processors within a computing system to assist in system initialization processing. The RFID tags provide a separate communication path to other components of the computing system during initialization processing, apart from the system interconnect. When the computing system is powered up, each processor in the system may cause its RFID tag to broadcast data regarding the processor's interconnect location and initialization status. The RFID tags may be sensed by a RFID receiver in the Platform Control Hub (PCH) of the computing system, and each processor's interconnect location and initialization status data may be stored in selected registers within the PCH. When the BIOS executes during system initialization processing, the BIOS may access these PCH registers to obtain the processor's data. The interconnect location and initialization status data may be used by the BIOS to select the optimal routing table and to configure the virtual network within the computing system based at least in part on the optimal routing table and the RFID tag data and without the need for interrogating each processor individually over the system interconnect. | 02-02-2012 |
20120036308 | SUPPORTING A SECURE READABLE MEMORY REGION FOR PRE-BOOT AND SECURE MODE OPERATIONS - In one embodiment, the present invention includes a method for determining whether an address map of a system includes support for a read only region of system memory, and if so configuring the region and storing protected data in the region. This data, at least some of which can be readable in both trusted and untrusted modes, can be accessed from the read only region during execution of untrusted code. Other embodiments are described and claimed. | 02-09-2012 |
20120036347 | PROVIDING FAST NON-VOLATILE STORAGE IN A SECURE ENVIRONMENT - In one embodiment, a peripheral controller coupled to a processor can include a storage controller. This storage controller can control access to a non-volatile storage coupled to the peripheral controller. The storage may include both secure and open partitions, and the storage controller can enable access to the secure partition only when the processor is in a secure mode. In turn, during unsecure operation such as third party code execution, visibility of the secure partition can be prevented. Other embodiments are described and claimed. | 02-09-2012 |
20120079085 | CLUSTER COMPUTING - NIC BASED OS PROVISION - A network interface card with read-only memory having at least a micro-kernel of a cluster computing operation system, a server formed with such network interface card, and a computing cluster formed with such servers are disclosed herein. In various embodiments, on transfer, after an initial initialization phase during an initialization of a server, the network interface card loads the cluster computing operation system into system memory of the server, to enable the server, in conjunction with other similarly provisioned servers to form a computing cluster. Other embodiments are also disclosed and claimed. | 03-29-2012 |
20120079259 | METHOD TO ENSURE PLATFORM SILICON CONFIGURATION INTEGRITY - Some aspects include beginning a power on self test (POST) by a BIOS for a computer system; enumerating the computer system by the BIOS; providing, based on the enumeration of the computer system by the BIOS, at least one configuration setting of the computer system to a management engine (ME) of the computer system; and applying a lock to the at least one configuration setting by the ME to manage a change to the at least one configuration setting, all prior to an ending of the POST. | 03-29-2012 |
20120079316 | Performing Redundant Memory Hopping - In one embodiment, the present invention includes a method for receiving an indication of a loss of redundancy with respect to a pair of mirrored memory regions of a partially redundant memory system, determining new mirrored memory regions, and dynamically migrating information stored in the original mirrored memory regions to the new mirrored memory regions. Other embodiments are described and claimed. | 03-29-2012 |
20120084552 | DEMAND BASED USB PROXY FOR DATA STORES IN SERVICE PROCESSOR COMPLEX - A method, apparatus, system, and computer program product for secure server system management. A payload containing system software and/or firmware updates is distributed in an on-demand, secure I/O operation. The I/O operation is performed via a secured communication channel inaccessible by the server operating system to an emulated USB drive. The secure communication channel can be established for the I/O operation only after authenticating the recipient of the payload, and the payload can be protected from access by a potentially-infected server operating system. Furthermore, the payload can be delivered on demand rather than relying on a BIOS update schedule, and the payload can be delivered at speeds of a write operation to a USB drive. | 04-05-2012 |
20120159136 | COMPUTER SYSTEM BOOT ENHANCEMENTS WITH USER OVERRIDE - Methods, systems and computer program products are disclosed for enhanced system boot processing that is faster to launch the OS because it does not interrogate I/O devices for possible interruption, but that also may be modified to interrogate such devices based on a user selection mechanism. The user selection mechanism may be, for at least one embodiment, a software mechanism such as a control panel module. For other embodiments, the user selection mechanism may be a hardware mechanism, such as a power button or other hardware button or switch. Other embodiments are described and claimed. | 06-21-2012 |
20120166840 | METHOD AND APPARATUS FOR IMPROVING THE RESUME TIME OF A PLATFORM - A method and apparatus for improving the resume time of a platform. In one embodiment of the invention, the context of the platform is saved prior to entering an inactive state of the platform. When the platform is switched back to an active state, it reads the saved context and restores the platform to its original state prior to entering the inactive state. In one embodiment of the invention, the platform determines whether it should compress the saved context before storing it in a non-volatile memory based on the operating condition of the platform. This allows the platform to select the optimum method to allow faster resume time of the platform. | 06-28-2012 |
20130031322 | Performing Redundant Memory Hopping - In one embodiment, the present invention includes a method for receiving an indication of a loss of redundancy with respect to a pair of mirrored memory regions of a partially redundant memory system, determining new mirrored memory regions, and dynamically migrating information stored in the original mirrored memory regions to the new mirrored memory regions. Other embodiments are described and claimed. | 01-31-2013 |
20130210483 | SOFTWARE-DEFINED RADIO SUPPORT IN SEQUESTERED PARTITIONS - A software-defined radio (SDR) capability may be provided in a general purpose, many core processing system by sequestering one or more partitions running on one or more cores and instantiating a communications capability by having discrete SDR functions performed by the sequestered partitions. Each SDR module embodied in a sequestered partition may be independently upgraded without modifying the hardware of the underlying processing system. By executing SDR modules in cores not accessible by application programs and/or an operating system (OS), a better Quality of Service (QoS) may be provided for wireless communications on the general purpose, multi-core processing system. An embodiment comprises isolating a core of a many core processing system as a sequestered partition, loading a software-defined radio module onto the core, and executing the software-defined module to implement wireless communications. | 08-15-2013 |
20130212426 | Controlling Memory Redundancy In A System - In one embodiment, the present invention provides an ability to handle an error occurring during a memory migration operation in a high availability system. In addition, a method can be used to dynamically remap a memory page stored in a non-mirrored memory region of memory to a mirrored memory region. This dynamic remapping may be responsive to a determination that the memory page has been accessed more than a threshold number of times, indicating a criticality of information on the page. Other embodiments are described and claimed. | 08-15-2013 |
20130218551 | DEMAND BASED USB PROXY FOR DATA STORES IN SERVICE PROCESSOR COMPLEX - A method, apparatus, system, and computer program product for secure server system management. A payload containing system software and/or firmware updates is distributed in an on-demand, secure I/O operation. The I/O operation is performed via a secured communication channel inaccessible by the server operating system to an emulated USB drive. The secure communication channel can be established for the I/O operation only after authenticating the recipient of the payload, and the payload can be protected from access by a potentially-infected server operating system. Furthermore, the payload can be delivered on demand rather than relying on a BIOS update schedule, and the payload can be delivered at speeds of a write operation to a USB drive. | 08-22-2013 |
20130305006 | METHOD, SYSTEM AND APPARATUS FOR REGION ACCESS CONTROL - Techniques and mechanisms for providing access to a storage device of a computer platform. In an embodiment, an agent executing on the platform may be registered for access to the storage device, the agent being allocated a memory space by a host operating system of the platform. Registration of the agent may result in a location in the allocated memory space being mapped to a location in the storage device. In another embodiment, the agent may write to the location in the allocated memory space to request access to the storage device, wherein the request is independent of any system call to the host OS which describes the requested access. | 11-14-2013 |
20130318577 | TRUSTED APPLICATION MIGRATION ACROSS COMPUTER NODES - An embodiment includes a secure and stable method for sending information across a compute continuum. For example, the method may include executing an application (e.g., video player) on a first node (e.g., tablet) with a desire to perform “context migration” to a second node (e.g., desktop). This may allow a user to watch a movie on the tablet, stop watching the movie, and then resume watching the movie from the desktop. To do so in a secure and stable manner, the first node may request security and performance credentials from the second node. If both credential sets satisfy thresholds, the first node may transfer content (e.g., encrypted copy of a movie) and state information (e.g., placeholder indicating where the movie was when context transfer began). The second node may then allow the user to resume his or her movie watching from the desktop. Other embodiments are described herein. | 11-28-2013 |
20130325738 | LOCATION SERVICE FOR PHYSICAL DELIVERY - Methods, apparatuses and storage medium associated with providing location service, are disclosed. In various embodiments, a method may include receiving, by a location server, location information associated with a user of a mobile device or a party associated with user; and receiving, by the location server, from a delivery service server, a request for the location information. The request may include a credential indicative of eligibility of the delivery service server to receive the requested location information. The method may further include providing, by the location server, to the delivery service server, the location information, on confirmation of the eligibility of the delivery service server based at least in part on the credential. Other embodiments may be disclosed or claimed. | 12-05-2013 |
20130340081 | Reporting Malicious Activity to an Operating System - An apparatus includes a memory that is accessible by an operating system; and a basic input/output system (BIOS) handler. The BIOS handler, in response to detected malicious software activity, stores data in the memory to report the activity to the operating system. | 12-19-2013 |
20140040543 | Providing State Storage in a Processor for System Management Mode - In one embodiment, the present invention includes a processor that has an on-die storage such as a static random access memory to store an architectural state of one or more threads that are swapped out of architectural state storage of the processor on entry to a system management mode (SMM). In this way communication of this state information to a system management memory can be avoided, reducing latency associated with entry into SMM. Embodiments may also enable the processor to update a status of executing agents that are either in a long instruction flow or in a system management interrupt (SMI) blocked state, in order to provide an indication to agents inside the SMM. Other embodiments are described and claimed. | 02-06-2014 |
20140047174 | SECURE DATA PROTECTION WITH IMPROVED READ-ONLY MEMORY LOCKING DURING SYSTEM PRE-BOOT - Generally, this disclosure provides methods and systems for secure data protection with improved read-only memory locking during system pre-boot including protection of Advanced Configuration and Power Interface (ACPI) tables. The methods may include selecting a region of system memory to be protected, the selection occurring in response to a system reset state and performed by a trusted control block (TCB) comprising a trusted basic input/output system (BIOS); programming an address decoder circuit to configure the selected region as read-write; moving data to be secured to the selected region; programming the address decoder circuit to configure the selected region as read-only; and locking the read-only configuration in the address decoder circuit. | 02-13-2014 |
20140068275 | Measuring Platform Components With A Single Trusted Platform Module - In accordance with some embodiments, a single trusted platform module per platform may be used to handle conventional trusted platform tasks as well as those that would arise prior to the existence of a primary trusted platform module in conventional systems. Thus one single trusted platform module may handle measurements of all aspects of the platform including the baseboard management controller. In some embodiments, a management engine image is validated using a read only memory embedded in a chipset such as a platform controller hub, as the root of trust. Before the baseboard management controller (BMC) is allowed to boot, it must validate the integrity of its flash memory. But the BMC image may be stored in a memory coupled to a platform controller hub (PCH) in a way that it can be validated by the PCH. | 03-06-2014 |
20140189417 | APPARATUS AND METHOD FOR PARTIAL MEMORY MIRRORING - An apparatus and method are described for performing partial memory mirroring operations. For example, one embodiment of a processor comprises: a processor core for generating a read or write transaction having a system memory address; a home agent identified to service the read or write transaction based on the system memory address; one or more target address decoders (TADs) associated with the home agent to determine whether the system memory address is within a mirrored memory region or a non-mirrored memory region, wherein: if the system memory address is within a mirrored memory region, then the one or more TADs identifying multiple mirrored memory channels for the read or write transaction; and if the system memory address is not within a mirrored memory region, then the one or more TADs identifying a single memory channel for the read or write transaction. | 07-03-2014 |
20140281637 | MEMORY STATE MANAGEMENT FOR ELECTRONIC DEVICE - In one embodiment a controller comprises logic to determine whether an electronic device is operating in a low power state and in response to a determination that the electronic device is operating in a low power state, implement a memory state management routine which reduces power to at least a section of volatile memory in the memory system. Other embodiments may be described. | 09-18-2014 |
20150052389 | MANAGEABILITY REDUNDANCY FOR MICRO SERVER AND CLUSTERED SYSTEM-ON-A-CHIP DEPLOYMENTS - Technologies for providing manageability redundancy for micro server and clustered System-on-a-Chip (SoC) deployments are presented. A configurable multi-processor apparatus may include multiple integrated circuit (IC) blocks where each IC block includes a task block to perform one or more assignable task functions and a management block to perform management functions with respect to the corresponding IC block. Each task block and each management block may include one or more instruction processors and corresponding memory. Each IC block may be controllable to perform a function of one or more other IC blocks. The IC blocks may communicate with each other via a management communication infrastructure that may include a communication path from each of the management blocks to each of the other management blocks. Via the management communication infrastructure, the management blocks may bridge communication paths between pairs of management blocks. | 02-19-2015 |
20150089249 | THREAD AWARE POWER MANAGEMENT - In an embodiment, a power management controller is to receive thread information from a scheduler, where the thread information includes thread priority information for a thread scheduled to a core of a multicore processor. The power management controller is further to receive power consumption information from a power controller and to determine a power management action to be taken by the power controller on at least one core based at least in part on the thread priority information. Other embodiments are described and claimed. | 03-26-2015 |