A computing system detects an input/output (I/O) device configuration error. The computing system includes at least one I/O device installed with firmware configured to control an I/O function, and a plurality of I/O ports installed on the at least one I/O device. At least one I/O port outputs a request to perform a current I/O configuration initialization and generates current I/O configuration data corresponding to the current I/O configuration initialization. A memory unit is configured to store the current I/O configuration data and previously generated I/O configuration data. The I/O device compares the current I/O configuration data to the previously generated I/O configuration data, and detects the I/O device configuration error in response to determining a mismatch between the current I/O configuration data and the previously generated I/O configuration data.

The system or device may build one or more data packets by dividing a given payload for a packet into data blocks and inserting data checks for each data block sequentially into the packet payload. The device may generate, for each of the data blocks, a corresponding data check block corresponding to data in each data block. The device may send or arrange the data blocks and the corresponding data check blocks such that each of the data blocks is followed by the corresponding error check block in the packet. Using the corresponding check block, each of the data blocks is independently verifiable, so that the data blocks may be used upon receipt, even if the payload is not completely received.

A port is to couple to another die over a die-to-die (D2D) link and includes a die-tio-die (D2D) adapter to determine, from a set of registers, a set of capabilities of the D2D adapter to advertise in a negotiation with a link partner D2D adapter, where the D2D adapter is on a die and the link partner D2D adapter is located on a remote link partner die. A first capabilities advertisement message is sent to the link partner D2D adapter to advertise the set of capabilities to the link partner D2D adapter. A second capabilities advertisement message is received from the link partner D2D adapter, wherein the second capabilities advertisement message identifies a set of capabilities of the link partner D2D adapter. A final configuration of a D2D link is determined to couple the die to the link partner die.

Device virtualization techniques can enable physical I/O devices (such as PCIe devices or other I/O devices) to appear as virtual I/O devices, while also enabling selective exposure of information regarding the physical I/O devices to enable the native drivers of the physical I/O devices to be run. In one example, one or more physical I/O devices associated with a virtual I/O device are locked, and an interface is monitored for requests to those physical I/O devices. The device can be unlocked in response to a request to a predetermined address. When a physical I/O device is locked, read requests to read an identifier of the physical device are blocked, and a value associated with the virtual I/O device is provided. When the physical I/O device is unlocked, read requests to read an identifier of the physical I/O device are forwarded to the physical I/O device.

A bus filter driver and security agent components configured to retrieve and analyze firmware images are described herein. The bus filter driver may attach to a bus device associated with a memory component and retrieve a firmware image of firmware stored on the memory component. The bus filter driver may also retrieve hardware metadata. A kernel-mode component of the security agent may then retrieve the firmware image and hardware metadata from the bus filter driver and provide the firmware image and hardware metadata to a user-mode component of the security agent for security analysis. The security agent components may then provide results of the analysis and/or the firmware image and hardware metadata to a remote security service to determine a security status for the firmware.

Examples disclosed herein include are computing device hardware components, computing devices, systems, machine-readable mediums, and interconnect protocols that provide for code object measurement of a peripheral device and a method for accessing the measurements to verify integrity across a computing interconnect (e.g., Peripheral Component Interconnect Express - PCIe). For example, a cryptographic processor of a PCIe endpoint (such as a peripheral) may take a measurement (e.g., computing a hash value) of a code object on the device prior to executing the code object. This measurement may be placed in a register that is accessible to another component, such as a host operating system across a PCIe bus for interrogation. The host operating system may utilize an interconnect protocol, such as a PCIe protocol to access the measurement. These measurements may be consumed by a Trusted Platform Manager or other components of a host system that may verify the measurements.

A method for managing pool device resources, the method comprising obtaining, by a resource use manager, a plurality of data points, generating a resource prediction model based on the plurality of data points, and initiating access to a PCI bus device operating on a pool device using a virtual switch operating on a second pool device based on the resource prediction model.

A device connectable between a host computer and a computer peripheral over a standard bus interface is disclosed, used to improve security, and to detect and prevent malware operation. Messages passing between the host computer and the computer peripherals are intercepted and analyzed based on pre-configured criteria, and legitimate messages transparently pass through the device, while suspected messages are blocked. The device communicates with the host computer and the computer peripheral using proprietary or industry standard protocol or bus, which may be based on a point-to-point serial communication such as USB or SATA. The messages may be stored in the device for future analysis, and may be blocked based on current or past analysis of the messages. The device may serve as a VPN client and securely communicate with a VPN server using the host Internet connection.

A computerized system operating in conjunction with computerized apparatus and with a fabric target service in data communication with the computerized apparatus, the system comprising functionality residing on the computerized apparatus, and functionality residing on the fabric target service, which, when operating in combination, enable the computerized apparatus to coordinate access to data.

A retimer includes a first port to couple to a die over a first interconnect, where the first interconnect includes a defined set of lanes and utilizes a first communication technology, and the die is located on a first package with the retimer. The retimer further includes a second port to couple to another retimer over a second interconnect, where the second interconnect utilizes a different second communication technology, and the second retimer is located on a different, second package to facilitate a longer reach communication channel.