Sonstiges: |
- Nachgewiesen in: USPTO Patent Applications
- Sprachen: English
- Document Number: 20230289229
- Publication Date: September 14, 2023
- Appl. No: 17/854322
- Application Filed: June 30, 2022
- Assignees: Intel Corporation (Santa Clara, CA, US)
- Claim: 1. An apparatus comprising: a processor to execute one or more software clients; and a hardware accelerator coupled to the processor, the hardware accelerator comprising an assignable interface to receive a work request with a tag from the one or more software clients; wherein the hardware accelerator is to, in response to receiving the work request, process the work request based at least in part on a configuration of the assignable interface and a value of the tag.
- Claim: 2. The apparatus of claim 1, wherein the configuration of the assignable interface is to include a Trusted Execution Environment (TEE) mode.
- Claim: 3. The apparatus of claim 2, wherein the tag value of the work request is to indicate whether the work request originated from a trusted software entity, wherein the trusted software entity corresponds to one of: a TEE application, a TEE driver, a TEE operating system, a TEE container, a TEE virtual machine, or a TEE security manager.
- Claim: 4. The apparatus of claim 3, wherein the hardware accelerator is to reject the work request based at least in part on a determination that the TEE mode is disabled for the assignable interface.
- Claim: 5. The apparatus of claim 1, wherein the hardware accelerator is to support a state machine for management of the assignable interface.
- Claim: 6. The apparatus of claim 5, wherein the state machine is to transition between one or more states selected from a group comprising: interface disabled, interface configured, interface enabled, and interface halted.
- Claim: 7. The apparatus of claim 6, wherein a transition to the interface configured state is to cause locking of the configuration of the assignable interface and performance of one or more consistency-related checks.
- Claim: 8. The apparatus of claim 6, wherein the hardware accelerator is to reject the work request in response to a determination that a state of the assignable interface is different from the interface enabled state.
- Claim: 9. The apparatus of claim 6, wherein the state machine is to transition to interface halted state based on an event from a group comprising: configuration change, interface reset, and interface error.
- Claim: 10. The apparatus of claim 5, wherein the state machine is to transition between one or more states based on a command from a group comprising: lock interface, enable interface, disable interface, and reset interface.
- Claim: 11. The apparatus of claim 1, wherein a configuration interface of the accelerator is to receive a command from the one or more software entities with the tag.
- Claim: 12. The apparatus of claim 11, wherein the tag value of the command is to indicate whether the work request originated from a trusted software entity or an untrusted software entity, wherein the trusted software entity comprises one of: a TEE application, a TEE driver, a TEE operating system, a TEE container, a TEE virtual machine, and a TEE security manager, and wherein the untrusted software entity comprises one of: an application, a driver, an operating system, a container, a virtual machine, or a virtual machine monitor.
- Claim: 13. The apparatus of claim 11, wherein the hardware accelerator is to reject the command in response to a determination that a TEE mode is enabled and the software entity is an untrusted software entity.
- Claim: 14. The apparatus of claim 1, wherein the one or more software entities comprise one of: an application, a driver, an operating system, a container, a virtual machine, a virtual machine monitor, a TEE application, a TEE driver, a TEE operating system, a TEE container, a TEE virtual machine, and a TEE security manager.
- Claim: 15. The apparatus of claim 1, wherein the assignable interface comprises one of: a dedicated work queue, a shared work queue, a transmission/reception (Tx/Rx) queue, or a command queue.
- Claim: 16. The apparatus of claim 1, wherein the assignable interface comprises one of: a Peripheral Component Interconnect express (PCIe) or a Compute Express Link (CXL) physical function, a PCIe/CXL Single Root Input/Output Virtualization (SR-IOV) virtual function, and a Scalable Input/Output (I/O) Virtualization Assignable Device Interface (Scalable IOV ADI).
- Claim: 17. The apparatus of claim 1, wherein the hardware accelerator is to tag a Direct Memory Access (DMA) request based at least in part on the tag value of the work request.
- Claim: 18. The apparatus of claim 1, wherein the tag comprises a single bit.
- Claim: 19. The apparatus of claim 1, wherein the hardware accelerator is to support one or more: data movement or data transformation operations.
- Claim: 20. The apparatus of claim 19, wherein the one or more data movement or data transformation operations comprise one or more of: a memory move operation, a Cyclic Redundancy Code (CRC) operation, a Data Integrity Field (DIF) operation, a dual-cast operation, a memory fill operation, a memory compare operation, a delta record create or merge operation, a pattern detect operation, a cache flush operation, a scatter-gather operation, a data reduction operation, a memory compression or decompression operation, a scan operation, a filter operation, a select operation, a data compression or decompression operation, one or more cryptographic operations, and one or more public-key exchange operations.
- Claim: 21. An apparatus comprising: security manager circuitry to provide an interface to a host entity to cause assignment of a resource to a trusted entity based at least in part on a value of a tag; and work queue configuration circuitry to configure one or more work queues of a hardware accelerator.
- Claim: 22. The apparatus of claim 21, wherein the work queue configuration logic circuitry is to support a state machine for management of the one or more work queues.
- Claim: 23. The apparatus of claim 22, wherein the state machine is to transition between one or more states selected from a group comprising: work queue disabled, work queue configured, work queue enabled, and work queue halted.
- Claim: 24. The apparatus of claim 21, wherein the host entity is untrusted.
- Claim: 25. The apparatus of claim 21, wherein the trusted entity comprises a Trusted Execution Environment (TEE) Virtual Machine (TVM).
- Current International Class: 06; 06; 06
|