|
Trust Domain Extensions
Intel Trust Domain Extensions (TDX) is a CPU-level technology proposed by Intel in May 2021 for implementing a trusted execution environment in which virtual machines (called "Trust Domains", or TDs) are hardware-isolated from the host's Virtual Machine Monitor (VMM), hypervisor, and other software on the host. This hardware isolation is intended to prevent threat actors with administrative access or physical access to the virtual machine host from compromising aspects of the TD virtual machine's confidentiality and integrity. TDX also supports a remote attestation feature which allows users to determine that a remote system has TDX protections enabled prior to sending it sensitive data. Intel TDX is of particular use for cloud providers, as it increases isolation of customer virtual machines and provides a higher level of assurance that the cloud provider cannot access the customer's data. Intel TDX was described in and is pending US patent number 20210141658A1. Architecture ov ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Central Processing Unit
A central processing unit (CPU), also called a central processor, main processor, or just processor, is the primary Processor (computing), processor in a given computer. Its electronic circuitry executes Instruction (computing), instructions of a computer program, such as arithmetic, logic, controlling, and input/output (I/O) operations. This role contrasts with that of external components, such as main memory and I/O circuitry, and specialized coprocessors such as graphics processing units (GPUs). The form, CPU design, design, and implementation of CPUs have changed over time, but their fundamental operation remains almost unchanged. Principal components of a CPU include the arithmetic–logic unit (ALU) that performs arithmetic operation, arithmetic and Bitwise operation, logic operations, processor registers that supply operands to the ALU and store the results of ALU operations, and a control unit that orchestrates the #Fetch, fetching (from memory), #Decode, decoding and ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intel
Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California, and Delaware General Corporation Law, incorporated in Delaware. Intel designs, manufactures, and sells computer components such as central processing units (CPUs) and related products for business and consumer markets. It is one of the world's List of largest semiconductor chip manufacturers, largest semiconductor chip manufacturers by revenue, and ranked in the Fortune 500, ''Fortune'' 500 list of the List of largest companies in the United States by revenue, largest United States corporations by revenue for nearly a decade, from 2007 to 2016 Fiscal year, fiscal years, until it was removed from the ranking in 2018. In 2020, it was reinstated and ranked 45th, being the List of Fortune 500 computer software and information companies, 7th-largest technology company in the ranking. It was one of the first companies listed on Nasdaq. Intel supplies List of I ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Trusted Execution Environment
A trusted execution environment (TEE) is a secure area of a Central processing unit, main processor. It helps the code and data loaded inside it be protected with respect to Information security#Confidentiality, confidentiality and integrity. Data confidentiality prevents unauthorized entities from outside the TEE from reading data, while code integrity prevents code in the TEE from being replaced or modified by unauthorized entities, which may also be the computer owner itself as in certain Digital_rights_management, DRM schemes described in Software_Guard_Extensions, Intel SGX. This is done by implementing unique, immutable, and confidential architectural security, which offers hardware-based memory encryption that isolates specific application code and data in memory. This allows user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels. A TEE as an isolated execution environment pr ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Virtual Machines
In computing, a virtual machine (VM) is the virtualization or emulator, emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. Their implementations may involve specialized hardware, software, or a combination of the two. Virtual machines differ and are organized by their function, shown here: * ''System virtual machines'' (also called full virtualization VMs, or SysVMs) provide a substitute for a real machine. They provide the functionality needed to execute entire operating systems. A hypervisor uses native code, native execution to share and manage hardware, allowing for multiple environments that are isolated from one another yet exist on the same physical machine. Modern hypervisors use hardware-assisted virtualization, with virtualization-specific hardware features on the host CPUs providing assistance to hypervisors. * ''Process virtual machines'' are designed to execute computer programs ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Instruction Set Architecture
In computer science, an instruction set architecture (ISA) is an abstract model that generally defines how software controls the CPU in a computer or a family of computers. A device or program that executes instructions described by that ISA, such as a central processing unit (CPU), is called an ''implementation'' of that ISA. In general, an ISA defines the supported instructions, data types, registers, the hardware support for managing main memory, fundamental features (such as the memory consistency, addressing modes, virtual memory), and the input/output model of implementations of the ISA. An ISA specifies the behavior of machine code running on implementations of that ISA in a fashion that does not depend on the characteristics of that implementation, providing binary compatibility between implementations. This enables multiple implementations of an ISA that differ in characteristics such as performance, physical size, and monetary cost (among other things), but t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Random-access Memory
Random-access memory (RAM; ) is a form of Computer memory, electronic computer memory that can be read and changed in any order, typically used to store working Data (computing), data and machine code. A random-access memory device allows data items to be read (computer), read or written in almost the same amount of time irrespective of the physical location of data inside the memory, in contrast with other direct-access data storage media (such as hard disks and Magnetic tape data storage, magnetic tape), where the time required to read and write data items varies significantly depending on their physical locations on the recording medium, due to mechanical limitations such as media rotation speeds and arm movement. In today's technology, random-access memory takes the form of integrated circuit (IC) chips with MOSFET, MOS (metal–oxide–semiconductor) Memory cell (computing), memory cells. RAM is normally associated with Volatile memory, volatile types of memory where s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Direct Memory Access
Direct memory access (DMA) is a feature of computer systems that allows certain hardware subsystems to access main system computer memory, memory independently of the central processing unit (CPU). Without DMA, when the CPU is using programmed input/output, it is typically fully occupied for the entire duration of the read or write operation, and is thus unavailable to perform other work. With DMA, the CPU first initiates the transfer, then it does other operations while the transfer is in progress, and it finally receives an interrupt from the DMA controller (DMAC) when the operation is done. This feature is useful at any time that the CPU cannot keep up with the rate of data transfer, or when the CPU needs to perform work while waiting for a relatively slow I/O data transfer. Many hardware systems use DMA, including disk drive controllers, graphics cards, network cards and sound cards. DMA is also used for intra-chip data transfer in some multi-core processors. Computers that h ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CPU Instruction
In computer programming, machine code is computer code consisting of machine language instructions, which are used to control a computer's central processing unit (CPU). For conventional binary computers, machine code is the binaryOn nonbinary machines it is, e.g., a decimal representation. representation of a computer program that is actually read and interpreted by the computer. A program in machine code consists of a sequence of machine instructions (possibly interspersed with data). Each machine code instruction causes the CPU to perform a specific task. Examples of such tasks include: # Load a word from memory to a CPU register # Execute an arithmetic logic unit (ALU) operation on one or more registers or memory locations # Jump or skip to an instruction that is not the next one In general, each architecture family (e.g., x86, ARM) has its own instruction set architecture (ISA), and hence its own specific machine code language. There are exceptions, such as the VAX a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software Guard Extensions
Intel Software Guard Extensions (SGX) is a set of instruction codes implementing trusted execution environment that are built into some Intel central processing units (CPUs). They allow user-level and operating system code to define protected private regions of memory, called ''enclaves''. SGX is designed to be useful for implementing secure remote computation, secure web browsing, and digital rights management (DRM). Other applications include concealment of proprietary algorithms and of encryption keys. SGX involves encryption by the CPU of a portion of memory (the ''enclave''). Data and code originating in the enclave are decrypted on the fly ''within'' the CPU, protecting them from being examined or read by other code, including code running at higher privilege levels such as the operating system and any underlying hypervisors. While this can mitigate many kinds of attacks, it does not protect against side-channel attacks. A pivot by Intel in 2021 resulted in the deprecati ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Xeon
Xeon (; ) is a brand of x86 microprocessors designed, manufactured, and marketed by Intel, targeted at the non-consumer workstation, server, and embedded markets. It was introduced in June 1998. Xeon processors are based on the same architecture as regular desktop-grade CPUs, but have advanced features such as support for error correction code (ECC) memory, higher core counts, more PCI Express lanes, support for larger amounts of RAM, larger cache memory and extra provision for enterprise-grade reliability, availability and serviceability (RAS) features responsible for handling hardware exceptions through the Machine Check Architecture (MCA). They are often capable of safely continuing execution where a normal processor cannot due to these extra RAS features, depending on the type and severity of the machine-check exception (MCE). Some also support multi-socket systems with two, four, or eight sockets through use of the Ultra Path Interconnect (UPI) bus, which replaced ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Emerald Rapids
Emerald Rapids is the codename for Intel's fifth generation Xeon Scalable server processors based on the Intel 7 node. Emerald Rapids CPUs are designed for data centers; the roughly contemporary Raptor Lake is intended for desktop and mobile usage. Nevine Nassif is a chief engineer for this generation. Features CPU * Up to 64 Raptor Cove CPU cores per package ** Up to 32 cores per tile, reducing the max tiles to two * 5 MB of L3 cache per core (up from 1.875 MB in Sapphire Rapids) * Speed Select Technology that supports high and low priority cores I/O * DDR5 memory support up to 8-channel DDR5-5600 * Up to 80 PCI Express 5.0 lanes List of Emerald Rapids processors Emerald Rapids-SP (Scalable Performance) CPUs in ''italic'' are actually Sapphire Rapids processors, and they still have 1.875 MB of L3 cache per core See also * Intel's process–architecture–optimization model * Intel's tick–tock model Tick–tock was a production model adopted in 2007 by inte ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Sapphire Rapids
Sapphire Rapids is a codename for Intel's server (fourth generation Xeon Scalable) and workstation (Xeon W-2400/2500 and Xeon W-3400/3500) processors based on the Golden Cove microarchitecture and produced using Intel 7. It features up to 60 cores and an array of accelerators, and it is the first generation of Intel server and workstation processors to use a chiplet design. Sapphire Rapids is part of the Eagle Stream server platform. In addition, it powers Aurora, an exascale supercomputer in the United States, at Argonne National Laboratory. History Sapphire Rapids has been a long-standing Intel project along Alder Lake in development for over five years and has been subjected to many delays. It was first announced by Intel at their Investor Meeting in May 2019 with the intention of Sapphire Rapids succeeding Ice Lake and Cooper Lake in 2021. Intel again announced details on Sapphire Rapids in their August 2021 Architecture Day presentation with no mention of a launch ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
