专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07487367B2 Apparatus and method for managing access to a memory 有权
公开(公告)号：US07487367B2
公开(公告)日：2009-02-03
申请号：US10714521
申请日：2003-11-17
申请人： Lionel Belnet , Nicolas Chaussade , Simon Charles Watt , Peter Guy Middleton
发明人： Lionel Belnet , Nicolas Chaussade , Simon Charles Watt , Peter Guy Middleton
IPC分类号： H04L9/06 , G06F12/00
CPC分类号： G06F12/1491
摘要： The present invention provides a data processing apparatus and method for managing access to a memory within the data processing apparatus. The data processing apparatus comprises a processor operable in a plurality of modes and a plurality of domains, said plurality of domains comprising a secure domain and a non-secure domain, said plurality of modes including at least one non-secure mode being a mode in the non-secure domain and at least one secure mode being a mode in the secure domain, said processor being operable such that when executing a program in a secure mode said program has access to secure data which is not accessible when said processor is operating in a non-secure mode. Further, a memory is provided for storing data required by the processor, and consists of secure memory for storing secure data and non-secure memory for storing non-secure data. The memory further contains a non-secure table and a secure table, the non-secure table being within the non-secure memory and arranged to contain for each of a number of first memory regions an associated descriptor, and the secure table being within the secure memory and arranged to contain for each of a number of second memory regions an associated descriptor. When access to an item of data in the memory is required by the processor, the processor issues a memory access request, and a memory management unit is provided to perform one or more predetermined access control functions to control issuance of the memory access request to the memory. The memory management unit comprises an internal storage unit operable to store descriptors retrieved by the memory management unit from either the non-secure table or the secure table, and in accordance with the present invention the internal storage unit comprises a flag associated with each descriptor stored within the internal storage unit to identify whether that descriptor is from the non-secure table or the secure table. By this approach, when the processor is operating in a non-secure mode, the memory management unit is operable to perform the predetermined access control functions for the memory access request with reference to access control information derived from the descriptors in the internal storage unit retrieved from the non-secure table. In contrast, when the processor is operating in a secure mode, the memory management unit is operable to perform the predetermined access control functions for the memory access request with reference to access control information derived from the descriptors in the internal storage unit retrieved from the secure table. This approach enables different descriptors to be used for the control of accesses to memory in either the secure domain or the non-secure domain, whilst enabling such different descriptors to co-exist within the memory management unit's internal storage unit, thereby avoiding the requirement to flush the contents of such an internal storage unit when the operation of the processor changes from the secure domain to the non-secure domain, or vice versa.

2. 发明授权

US07305534B2 Control of access to a memory by a device 有权
标题翻译：控制设备对存储器的访问
公开(公告)号：US07305534B2
公开(公告)日：2007-12-04
申请号：US10714561
申请日：2003-11-17
申请人： Simon Charles Watt , Lionel Belnet , David Hennah Mansell , Nicolas Chaussade , Peter Guy Middleton
发明人： Simon Charles Watt , Lionel Belnet , David Hennah Mansell , Nicolas Chaussade , Peter Guy Middleton
IPC分类号： G06F12/00
CPC分类号： G06F12/1491 , G06F21/6218 , G06F21/71 , G06F21/74 , G06F21/79 , G06F21/85 , G06F2221/2105 , G06F2221/2141 , G06F2221/2149
摘要： The present invention provides a data processing apparatus and method for controlling access to a memory. The data processing apparatus has a secure domain and a non-secure domain, in the secure domain the data processing apparatus having access to secure data which is not accessible in the non-secure domain. The data processing apparatus comprises a device coupled to a memory via a device bus, and operable, when an item of data in the memory is required by the device, to issue onto the device bus a memory access request pertaining to either the secure domain or the non-secure domain. The memory is operable to store data required by the device, and contains secure memory for storing secure data and non-secure memory for storing non-secure data. In accordance with the present invention, the data processing apparatus further comprises partition checking logic coupled to the device bus and operable whenever the memory access request as issued by the device pertains to the non-secure domain, to detect if the memory access request is seeking to access the secure memory and upon such detection to prevent the access specified by that memory request. This approach significantly improves the security of data contained within a secure portion of memory.
摘要翻译：本发明提供一种用于控制对存储器的访问的数据处理装置和方法。数据处理装置具有安全域和非安全域，在安全域中，数据处理装置具有对非安全域中不可访问的安全数据的访问。数据处理装置包括经由设备总线耦合到存储器的设备，并且当设备需要存储器中的数据项时，可以向设备总线发出存储器访问请求，该存储器访问请求涉及安全域或非安全域。存储器可操作以存储设备所需的数据，并且包含用于存储安全数据的安全存储器和用于存储非安全数据的非安全存储器。根据本发明，数据处理装置还包括耦合到设备总线的分区检查逻辑，每当由设备发布的存储器访问请求与非安全域相关时，可操作，以检测存储器访问请求是否正在寻找以访问安全存储器并且在这种检测时防止由该存储器请求指定的访问。这种方法显着提高了包含在存储器安全部分内的数据的安全性。

3. 发明授权

US07849310B2 Switching between secure and non-secure processing modes 有权
标题翻译：在安全和非安全的处理模式之间切换
公开(公告)号：US07849310B2
公开(公告)日：2010-12-07
申请号：US10714518
申请日：2003-11-17
申请人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier
发明人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier
IPC分类号： H04L29/00 , H04L29/02 , H04L29/04 , H04L29/06
CPC分类号： G06F21/52 , G06F9/3012 , G06F9/30123 , G06F9/45558 , G06F21/74 , G06F2009/45587 , G06F2221/2105 , H04L67/125
摘要： A data processing system including a processor operable in a plurality of modes and in either a secure domain or a non-secure domain. The system includes at least one secure mode being a mode in the secure domain, at least one non-secure mode being a mode in the non-secure domain, and a monitor mode. When the processor is executing a program in a secure mode the program has access to secure data which is not accessible when the processor is operating in a non-secure mode. Switching between the secure and non-secure modes takes place via the monitor mode and the processor is operable at least partially in the monitor mode to execute a monitor program managing switching between the secure and non-secure modes.
摘要翻译：一种数据处理系统，包括可以以多种模式操作并且在安全域或非安全域中的处理器。该系统包括至少一个安全模式是安全域中的模式，至少一个非安全模式是非安全域中的模式，以及监视模式。当处理器以安全模式执行程序时，程序可以访问当处理器以非安全模式运行时无法访问的安全数据。在安全模式和非安全模式之间切换通过监视器模式进行，并且处理器至少部分地在监视器模式下操作，以执行管理安全模式和非安全模式之间的切换的监视器程序。

4. 发明授权

US07325083B2 Delivering data processing requests to a suspended operating system 有权
标题翻译：向挂起的操作系统提供数据处理请求
公开(公告)号：US07325083B2
公开(公告)日：2008-01-29
申请号：US10714516
申请日：2003-11-17
申请人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Brochier , David Hennah Mansell , Dominic Hugo Symes
发明人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Brochier , David Hennah Mansell , Dominic Hugo Symes
IPC分类号： G06F13/24
CPC分类号： G06F9/4812 , G06F9/45558 , G06F2009/45575 , G06F2009/45587
摘要： In a system supporting more than one operating system, a data processing thread executing on a first operating system may be subject to an interrupt which triggers interrupt handling on a second operating system. When that interrupt handling is completed on the second operating system, the first operating system is resumed using a return interrupt. The return interrupt specifies the data processing thread which is active on the second operating system such that an appropriate task switch or resumption may be made on the first operating system. The technique is particularly well suited to systems utilising a secure operating system and a non-secure operating system executing on the same hardware.
摘要翻译：在支持多个操作系统的系统中，在第一操作系统上执行的数据处理线程可能受到在第二操作系统上触发中断处理的中断。当在第二操作系统上完成该中断处理时，使用返回中断恢复第一操作系统。返回中断指定在第二操作系统上活动的数据处理线程，使得可以在第一操作系统上进行适当的任务切换或恢复。该技术特别适用于利用在相同硬件上执行的安全操作系统和非安全操作系统的系统。

5. 发明授权

US07305712B2 Security mode switching via an exception vector 有权
标题翻译：安全模式通过异常向量切换
公开(公告)号：US07305712B2
公开(公告)日：2007-12-04
申请号：US10714563
申请日：2003-11-17
申请人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier
发明人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier
IPC分类号： G06F17/30 , G06F15/00
CPC分类号： G06F9/4812 , G06F9/30123 , G06F21/74 , G06F21/79 , G06F2221/2105 , G06F2221/2149
摘要： There is a provided a data processing system comprising: a processor operable in a plurality of modes and either a secure domain or a non-secure domain including: at least one secure mode being a mode in said secure domain; and at least one non-secure mode being a mode in said non-secure domain; wherein when said processor is executing a program in a secure mode said program has access to secure data which is not accessible when said processor is operating in a non-secure mode; and wherein said processor is responsive to a switching request to initiate a switch between a secure mode and a non-secure mode under control of a mode switching program starting at a location specified by an exception vector associated with said switching request.
摘要翻译：提供了一种数据处理系统

6. 发明授权

US07949866B2 Exception types within a secure processing system 有权
标题翻译：安全处理系统中的异常类型
公开(公告)号：US07949866B2
公开(公告)日：2011-05-24
申请号：US12382647
申请日：2009-03-20
申请人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier
发明人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier
IPC分类号： G06F1/24
CPC分类号： G06F21/74 , G06F9/4812 , G06F2209/481
摘要： An apparatus for processing data includes a processor operable in a plurality modes including at least one secure mode being a mode in a secure domain and at least one non-secure mode being a mode in a non-secure domain. When the processor is executing a program in a secure mode the program has access to secure data which is not accessible when the processor is operating in a non-secure mode. The processor is responsive to one or more exception conditions for triggering exception processing using an exception handler. The processor is operable to select the exception handler from among a plurality of possible exception handlers in dependence upon whether the processor is operating in the secure domain or the non-secure domain.
摘要翻译：一种用于处理数据的装置包括可以以多种模式操作的处理器，包括至少一种安全模式，即安全域中的模式，以及至少一种非安全模式是非安全域中的模式。当处理器以安全模式执行程序时，程序可以访问当处理器以非安全模式运行时无法访问的安全数据。处理器响应于一个或多个异常条件，以使用异常处理程序触发异常处理。处理器可操作以依赖于处理器是否在安全域或非安全域中操作从多个可能的异常处理程序中选择异常处理程序。

7. 发明授权

US07661104B2 Task following between multiple operating systems 有权
标题翻译：多个操作系统之间的任务
公开(公告)号：US07661104B2
公开(公告)日：2010-02-09
申请号：US10714482
申请日：2003-11-17
申请人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastian Brochier , David Hennah Mansell , Dominic Hugo Symes
发明人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastian Brochier , David Hennah Mansell , Dominic Hugo Symes
IPC分类号： G06F9/455 , G06F9/46 , G06F3/00 , H04L29/06
CPC分类号： G06F9/4812 , G06F9/526
摘要： A processor may utilise two operating systems (Non-Secure, Secure) between which calls may be made. In order that a second operating system can track task switches made by a first operating system, each time a call is made to the second operating system, this call includes an identifier to enable discrimination between the task which was executing on the first operating system when that call was made. The identifier can be a call identifier and/or a target thread identifier and may include further parameters.
摘要翻译：处理器可以利用两个可以进行呼叫的操作系统（非安全的，安全的）。为了使第二操作系统能够跟踪由第一操作系统进行的任务切换，每次对第二操作系统进行呼叫时，该呼叫包括标识符，以便能够在第一操作系统上执行的任务之间进行区分，那个电话是做的。标识符可以是呼叫标识符和/或目标线程标识符，并且可以包括其他参数。

8. 发明申请

US20090259846A1 Exception types within a secure processing system 有权
标题翻译：安全处理系统中的异常类型
公开(公告)号：US20090259846A1
公开(公告)日：2009-10-15
申请号：US12382647
申请日：2009-03-20
申请人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephanie Eric Sebastien Brochier
发明人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephanie Eric Sebastien Brochier
IPC分类号： H04L9/00
CPC分类号： G06F21/74 , G06F9/4812 , G06F2209/481
摘要： An apparatus for processing data includes a processor operable in a plurality modes including at least one secure mode being a mode in a secure domain and at least one non-secure mode being a mode in a non-secure domain. When the processor is executing a program in a secure mode the program has access to secure data which is not accessible when the processor is operating in a non-secure mode. The processor is responsive to one or more exception conditions for triggering exception processing using an exception handler. The processor is operable to select the exception handler from among a plurality of possible exception handlers in dependence upon whether the processor is operating in the secure domain or the non-secure domain.
摘要翻译：一种用于处理数据的装置包括可以以多种模式操作的处理器，包括至少一种安全模式，即安全域中的模式，以及至少一种非安全模式是非安全域中的模式。当处理器以安全模式执行程序时，程序可以访问当处理器以非安全模式运行时无法访问的安全数据。处理器响应于一个或多个异常条件，以使用异常处理程序触发异常处理。处理器可操作以依赖于处理器是否在安全域或非安全域中操作从多个可能的异常处理程序中选择异常处理程序。

9. 发明授权

US07448050B2 Handling multiple interrupts in a data processing system utilising multiple operating systems 有权
标题翻译：在使用多个操作系统的数据处理系统中处理多个中断
公开(公告)号：US07448050B2
公开(公告)日：2008-11-04
申请号：US10714484
申请日：2003-11-17
申请人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier , Michael Robert Nonweiler , Dominic Hugo Symes
发明人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier , Michael Robert Nonweiler , Dominic Hugo Symes
IPC分类号： G06F9/54 , G06F9/46
CPC分类号： G06F9/4812 , G06F9/45558 , G06F9/466 , G06F9/4843 , G06F21/6281 , G06F2009/45587
摘要： In a data processing system using multiple operating systems, an interrupt which itself may be interrupted by a subsequent interrupt which will be serviced in a different operating system, guards itself against being overlooked when that subsequent interrupt has been handled by starting a stub interrupt handling routine in that other operating system before executing the main handling routine in the originating operating system. Thus, the stub interrupt handling routine will be recognised in the other operating system irrespective of other interrupt events which may occur and accordingly the interrupted interrupt handling may be restarted.
摘要翻译：在使用多个操作系统的数据处理系统中，本身可能由将在不同的操作系统中被服务的后续中断中断的中断防止当通过启动存根中断处理程序来处理后续中断时被忽视在该起始操作系统中执行主处理例程之前的其他操作系统中。因此，在其他操作系统中将识别存根中断处理程序，而不管可能发生的其他中断事件如何，因此中断中断处理可能会重新启动。

10. 发明申请

US20090320048A1 TASK FOLLOWING BETWEEN MULTIPLE OPERATING SYSTEMS 有权
标题翻译：在多个操作系统之间的任务
公开(公告)号：US20090320048A1
公开(公告)日：2009-12-24
申请号：US10714482
申请日：2003-11-17
申请人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier , David Hennah Mansell , Dominic Hugo Symes
发明人： Simon Charles Watt , Christopher Bentley Dornan , Luc Orion , Nicolas Chaussade , Lionel Belnet , Stephane Eric Sebastien Brochier , David Hennah Mansell , Dominic Hugo Symes
IPC分类号： G06F9/46 , G06F9/44
CPC分类号： G06F9/4812 , G06F9/526
摘要： A processor may utilise two operating systems (Non-Secure, Secure) between which calls may be made. In order that a second operating system can track task switches made by a first operating system, each time a call is made to the second operating system, this call includes an identifier to enable discrimination between the task which was executing on the first operating system when that call was made. The identifier can be a call identifier and/or a target thread identifier and may include further parameters.
摘要翻译：处理器可以利用两个可以进行呼叫的操作系统（非安全的，安全的）。为了使第二操作系统能够跟踪由第一操作系统进行的任务切换，每次对第二操作系统进行呼叫时，该呼叫包括标识符，以便能够在第一操作系统上执行的任务之间进行区分，那个电话是做的。标识符可以是呼叫标识符和/或目标线程标识符，并且可以包括其他参数。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式