IPsec performance optimization
Granted: October 12, 2010
Patent Number:
7814310
A method and apparatus for optimizing IPsec processing by providing execution units with windowing data during prefetch and managing coherency of security association data by management of security association accesses. Providing execution units with windowing data allows initial parallel processing of IPsec packets. The security association access ordering apparatus serializes access to the dynamic section of security association data according to packet order arrival while otherwise…
Apparatus and method for allocating resources within a security processing architecture using multiple queuing mechanisms
Granted: February 9, 2010
Patent Number:
7661130
An apparatus is described comprising: a plurality of security processing resources for processing two or more different types of data traffic within a cryptographic processor; a first scheduler to provide a first type of data traffic to a first predefined subset of the security processing resources using a first scheduling technique; and a second scheduler to provide a second type of data traffic to a second predefined subset of the security processing resources using a second scheduling…
Apparatus and method for allocating resources within a security processing architecture using multiple groups
Granted: February 2, 2010
Patent Number:
7657933
An apparatus is described comprising: a plurality of security processing resources for processing two or more different types of data traffic within a cryptographic processor; a first scheduler to provide a first type of data traffic to a first predefined subset of the security processing resources using a first scheduling technique; and a second scheduler to provide a second type of data traffic to a second predefined subset of the security processing resources using a second scheduling…
Subsystem boot and peripheral data transfer architecture for a subsystem of a system-on- chip
Granted: January 26, 2010
Patent Number:
7653763
A subsystem (200) is provided at least Direct Memory Access (DMA) device (220) utilized to provide instructions to facilitate the operation of a subsystem processor (210). In one embodiment, a system level processor (102) initiates the provision of instructions for a subsystem (210). The DMA device may be additionally or alternatively utilized to provide data transfer capabilities to a plurality of data channels in a subsystem (200). The DMA device processes channels in a time limited…
Method and apparatus for reducing host overhead in a socket server implementation
Granted: November 3, 2009
Patent Number:
7613813
A network application executing on a host system provides a list of application buffers in host memory stored in a queue to a network services processor coupled to the host system. The application buffers are used for storing data transferred on a socket established between the network application and a remote network application executing in a remote host system. Using the application buffers, data received by the network services processor over the network is transferred between the…
Resistively loaded single stage differential amplifier having zero volt common mode input
Granted: October 20, 2009
Patent Number:
7605658
A resistively folded single stage differential amplifier capable of accommodating a low input common mode without impacting the performance of a bias current source, while also providing a high input impedance to allow for the use of the linear termination resistors. The differential amplifier provides an amplified output signal with a common mode referenced to an upper bound of an input power supply. The differential amplifier includes an input sub-stage and a transistor sub-stage…
Store instruction ordering for multi-core processor
Granted: October 20, 2009
Patent Number:
7606998
A method and apparatus for minimizing stalls in a pipelined processor is provided. Instructions in an out-of-order instruction scheduler are executed in order without stalling the pipeline by sending store data to external memory through an ordering queue.
Direct access to low-latency memory
Granted: September 22, 2009
Patent Number:
7594081
A content aware application processing system is provided for allowing directed access to data stored in a non-cache memory thereby bypassing cache coherent memory. The processor includes a system interface to cache coherent memory and a low latency memory interface to a non-cache coherent memory. The system interface directs memory access for ordinary load/store instructions executed by the processor to the cache coherent memory. The low latency memory interface directs memory access…
Selective replication of data structures
Granted: July 7, 2009
Patent Number:
7558925
Methods and apparatus are provided for selectively replicating a data structure in a low-latency memory. The memory includes multiple individual memory banks configured to store replicated copies of the same data structure. Upon receiving a request to access the stored data structure, a low-latency memory access controller selects one of the memory banks, then accesses the stored data from the selected memory bank. Selection of a memory bank can be accomplished using a thermometer…
Security system with an intelligent DMA controller
Granted: October 14, 2008
Patent Number:
7436954
A security subsystem is provided with at least a first security engine, a first set of registers and a control portion to perform a first security operation for each of a first number of data blocks of each of a first number of data segments of a first data object. In one embodiment, the security subsystem is provided with two security engines and two sets of registers to respectively perform the first security operation and a second security operation for the first data object and a…
Transparent IPSec processing inline between a framer and a network component
Granted: July 8, 2008
Patent Number:
7398386
A method and apparatus for transparent processing of IPsec network traffic by a security processor in line between a framer and a network processor. Security processor parses packet header and tail information to determine if encryption or decryption is required. After encryption or decryption is completed packet header and tail information is modified to reflect the changes in the packet such as length of the packet. The modified packet is then passed on to the network processor or…
Apparatus and method for allocating resources within a security processor
Granted: February 26, 2008
Patent Number:
7337314
A security processing apparatus is described comprising: a cryptographic processor having a first plurality of security processing resources initially allocated to process a first type of data traffic and a second plurality of security processing resources initially allocated to process a second type of data traffic; a monitor module to monitor load on the first plurality of security processing resources and the second plurality of security processing resources as the first and second…
Decoupled architecture for data ciphering operations
Granted: December 4, 2007
Patent Number:
7305567
In one embodiment, an apparatus comprises a microcontroller unit to store instructions into an execution queue. The apparatus also comprises an execution queue unit to generate a widely decoded functional execution instruction based on at least one instruction stored in the execution queue. Additionally, the apparatus comprises a functional unit to execute the widely decoded functional execution instruction asynchronous to the generation of the widely decoded functional execution…
Speculative execution for data ciphering operations
Granted: August 21, 2007
Patent Number:
7260217
In one embodiment, a computer-implemented method comprises receiving a data cipher operation. The method also comprises processing the data cipher operation. The processing of the operation includes generating a number of portions of ciphertext from plaintext, wherein a load operation associated with the generating of at least one portion of the ciphertext executes prior to a store operation associated with the generating of a prior portion of the ciphertext.
On-chip inter-subsystem communication
Granted: July 10, 2007
Patent Number:
7243179
A data transfer interface includes facilities for a subsystem including the data transfer interface to internally prioritize transactions with other subsystems, using facilities of the data transfer interface. In one embodiment, the subsystem also includes with the transactions bus arbitration priorities to facilitate prioritization and granting of access to an on-chip bus to the contending transactions. In one embodiment, an integrated circuit includes the on-chip bus and a number of…
Method and apparatus for establishing secure sessions
Granted: July 3, 2007
Patent Number:
7240203
A method and apparatus for processing security operations are described. In one embodiment, a processor includes a number of execution units to process a number of requests for security operations. The number of execution units are to output the results of the number of requests to a number of output data structures associated with the number of requests within a remote memory based on pointers stored in the number of requests. The number of execution units can output the results in an…
Apparatus and method for data deskew
Granted: April 24, 2007
Patent Number:
7209531
A deskew circuit utilizing a coarse delay adjustment and fine delay adjustment centers the received data in a proper data window and aligns the data for proper sampling. In one scheme, bit state transitions of a training sequence for SPI-4 protocol is used to adjust delays to align the transition points.
Apparatus and method for repairing logic blocks
Granted: April 17, 2007
Patent Number:
7205785
An apparatus is described comprising: a set of logic blocks configured to perform designated data processing functions; a set of redundant logic blocks also configured to perform the designated data processing functions; and a logic block selector module to replace one or more of the set of logic blocks with one or more of the set of redundant logic blocks according to specified logic block replacement conditions.
On-chip inter-subsystem communication
Granted: August 22, 2006
Patent Number:
7096292
A data transfer interface includes facilities for a subsystem including the data transfer interface to internally prioritize transactions with other subsystems, using facilities of the data transfer interface. In one embodiment, the subsystem also includes with the transactions bus arbitration priorities to facilitate prioritization and granting of access to an on-chip bus to the contending transactions. In one embodiment, an integrated circuit includes the on-chip bus and a number of…
Method and apparatus to implement the data encryption standard algorithm
Granted: July 11, 2006
Patent Number:
7076059
A method and apparatus to encipher a block of data using the data encryption standard comprising exclusive-oring, using an exclusive-or gate, the output from a merged permutation and expansion (MPE) and a sub key block, and sending the output from the exclusive-or gate to a selection function.
