CN115688089A - Method, system and medium for safely extending PCIE protocol - Google Patents
Method, system and medium for safely extending PCIE protocol Download PDFInfo
- Publication number
- CN115688089A CN115688089A CN202211476721.0A CN202211476721A CN115688089A CN 115688089 A CN115688089 A CN 115688089A CN 202211476721 A CN202211476721 A CN 202211476721A CN 115688089 A CN115688089 A CN 115688089A
- Authority
- CN
- China
- Prior art keywords
- target terminal
- pcie
- cpu
- terminal device
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method, a system and a medium for safely expanding a PCIE protocol, wherein the method for safely expanding the PCIE protocol comprises the following steps: s101, generating a PCIE message carrying security information by an access request issued by a CPU and sending the PCIE message to a target terminal device; and S102, after the target terminal equipment receives the PCIE message carrying the security information, implementing security access control of the CPU to the target terminal equipment according to the security information, wherein the security access control can adopt access permission and denial of resource granularity or equipment granularity according to requirements. The method, the system and the medium for safely expanding the PCIE protocol introduce safety information into a PCIE protocol message, so that the PCIE protocol is safely sensed, terminal equipment is brought into a trusted execution environment of a processor end in the PIO direction, and safety protection of data unloaded to an off-chip PCIE equipment end is realized.
Description
Technical Field
The invention belongs to the field of computer security, and particularly relates to a method, a system and a medium for security extension of a PCIE protocol.
Background
Currently, hardware security is gaining more and more attention. The system safety is enhanced from the perspective of bottom hardware safety, and a safer information system can be formed only by preventing safety holes. In the existing international mainstream CPU architecture, mechanisms related to hardware resource isolation are defined. Based on the mechanisms, an isolation area can be constructed in the system, the isolation area has independent computing, storage and IO resources, data in the isolation area cannot be accessed by resources outside the isolation area from the hardware, and software executed in the isolation area cannot be tampered maliciously, so that a safe trusted execution environment is constructed.
Conventional hardware resource isolation mechanisms are typically built around the inside of the processor. However, as the computational power of the off-chip accelerator is increasing, heterogeneous frames using main processing chips and off-chip acceleration chips are increasingly used in new application fields. Under such heterogeneous architectures, a large amount of user data needs to be offloaded to an acceleration chip for execution. Generally, an acceleration chip is connected to a main processor through a PCIE bus, and under a current mainstream CPU hardware resource isolation architecture, the PCIE bus is not brought into an isolation region. Therefore, from the security perspective of the CPU, the data unloaded to the acceleration chip is unsafe, is located outside the trusted execution environment, and has a large hardware security risk.
In a typical CPU + accelerator heterogeneous computing system, an RC (Root Complex) device of a PCIE protocol is located between a CPU and a PCIE topology, is connected to the CPU through a bus upward, and manages nodes in each PCIE tree topology downward. The PCIE node includes a switch device (switch), an EP (terminal) device, and the like. The root complex device and the CPU are interconnected through an AXI (Advanced eXtensible Interface) bus, the AXI bus is a fourth-generation on-chip bus protocol developed and promoted by ARM company, is an on-chip bus oriented to high performance, high bandwidth and low delay, and distinguishes whether the request is a safety request or not by using an AxPROT signal.
Fig. 1 is a System On Chip (SOC) framework diagram of a typical host processor plug-in PCIE acceleration device. The topology structure of the PCIE bus system is a tree topology structure, and mainly includes PCIE devices such as Root Complex (RC) devices, switch devices (Switch), and terminal (EP) devices. The terminal device is a device capable of supporting various application functions, and mainly comprises a display card, a network card and the like. The switching device is a PCIE switch, and the expansion of the PCIE link can be realized under the condition that the PCIE link cannot meet the requirement. There are two data transmission modes in PCIE devices: DMA (Direct Memory Access)) and PIO (programmable Input-Output). In the DMA mode, data transmission between the memory and the PCIE device may be implemented, for example, the terminal device sends an access request to the memory, and the memory returns requested data to the terminal device; in the PIO mode, data transmission between the processor and the terminal device may be implemented, for example, the processor sends an access request to the terminal device, and the terminal device returns the requested data to the processor. At present, a PCIE interface is generally applied to communication between a current processor and a high-speed peripheral, but a PCIE protocol is developed to date, and there is no targeted design for data security in a message format all the time. Thus, security holes inevitably occur when data is involved in off-chip transmission at the processor. Therefore, PCIE protocol extension is required to be performed, so that the security control request of the CPU is transmitted to the peripheral device, which becomes a key technical problem to be solved urgently.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: the invention introduces safety information into a PCIE protocol message, so that the PCIE protocol is safely perceived, and terminal equipment is brought into a trusted execution environment of a processor end in the PIO direction, so that a safety control request of a CPU is transmitted to an external device, and the safety protection of data unloaded to an off-chip PCIE equipment end is realized.
In order to solve the technical problems, the invention adopts the technical scheme that:
a security extension method of a PCIE protocol comprises the following steps:
s101, generating a PCIE message carrying security information by an access request issued by a CPU and sending the PCIE message to a target terminal device;
and S102, after the target terminal equipment receives the PCIE message carrying the safety information, implementing safety access control of the CPU to the target terminal equipment according to the safety information.
Optionally, the step S102 of performing the secure access control on the target terminal device by the CPU means that the CPU is allowed to access all resources of the target terminal device, or only the CPU is allowed to access a part of resources, which are set to be non-secure, of the target terminal device, and the all resources of the target terminal device are divided into a non-secure part of resources and a secure part of resources.
Optionally, the value of the security information carried in the PCIE packet in step S102 is one of a first value and a second value, and implementing security access control of the CPU to the target terminal device in step S102 includes: if the safety information is a first value, only allowing the CPU to access the non-safety partial resource of the target terminal equipment; and if the safety information is the second value, allowing the CPU to access all resources of the target terminal equipment.
Optionally, the step S102 of performing the security access control on the target terminal device by the CPU means to allow the CPU to access the target terminal device or deny the CPU from accessing the target terminal device.
Optionally, the value of the security information carried in the PCIE packet in step S102 is one of a first value and a second value, and implementing security access control of the CPU to the target terminal device in step S102 includes: when the safety information is a first value, comparing the equipment information of the target terminal equipment with a preset safety terminal equipment information list to determine whether the target terminal equipment is the safety terminal equipment, and allowing the CPU to access the target terminal equipment only when the target terminal equipment is the safety terminal equipment; and directly allowing the CPU to access the target terminal equipment when the safety information is the second value.
Optionally, step S101 includes:
s201, a root complex device receives an AXI request issued by a CPU through an AXI bus;
s202, the root complex device analyzes and obtains an AxPROT signal in the AXI request, generates safety information according to the AxPROT signal, and codes the safety information into a PCIE message;
s203, the root complex device judges the connection mode with the target terminal device, if the root complex device is directly connected with the target terminal device, the PCIE message is directly sent to the target terminal device, otherwise, the PCIE message is sent to the switching device connected with the target terminal device;
and S204, forwarding the PCIE message to the target terminal equipment through the switching equipment connected with the target terminal equipment, and simultaneously transmitting the safety information coded in the PCIE message, and finally sending the PCIE message to the target terminal equipment.
Optionally, when the secure information is generated according to the AxPROT signal in step S202, the generated secure information is an identifier bit indicating that access is safe or unsafe in the AxPROT signal from the AXI request, if the identifier bit indicating that access is safe or unsafe in the AxPROT signal indicates safe, the value of the secure information is a first value, otherwise, the value of the secure information is a second value, where the first value is used to allow only the CPU to access to a non-safe part of resources of the target terminal device, and the second value is used to allow the CPU to access to all resources of the target terminal device, or the first value is used to allow only the CPU to access to the target terminal device when the target terminal device is a secure terminal device, and the second value is used to directly allow the CPU to access to the target terminal device.
Optionally, the step S202 of encoding the security information into the PCIE packet specifically means encoding the security information into a reserved field of the PCIE packet to implement compatibility with a standard PCIE packet protocol.
In addition, the invention also provides a security extension system of the PCIE protocol, which comprises a microprocessor and a memory which are connected with each other, wherein the microprocessor is programmed or configured to execute the security extension method of the PCIE protocol.
In addition, the present invention also provides a computer-readable storage medium, in which a computer program is stored, the computer program being programmed or configured by a microprocessor to execute the security extension method of the PCIE protocol.
Compared with the prior art, the invention mainly has the following advantages: the security extension method of the PCIE protocol comprises the following steps: issuing a PCIE message carrying safety information to target terminal equipment by a CPU; the method comprises the steps that after receiving a PCIE message carrying safety information, a target terminal device selects all resources allowing a CPU to access the target terminal device or partial resources set as non-safety according to the safety information.
Drawings
Fig. 1 is a schematic diagram of an architecture of a conventional PCIE application system.
Fig. 2 is a schematic diagram of a basic flow of a method according to a first embodiment of the present invention.
Fig. 3 is a schematic flowchart of a specific implementation process of security access control according to an embodiment of the present invention.
Fig. 4 is a flowchart illustrating the step S101 according to the first embodiment of the present invention.
Fig. 5 is a format definition of a header of a third generation standard PCIE packet protocol (PCIE Gen 3).
Fig. 6 is a schematic flowchart of a specific implementation of security access control in the second embodiment of the present invention.
Detailed Description
The first embodiment is as follows:
as shown in fig. 2, the security extension method of the PCIE protocol of this embodiment includes:
s101, generating a PCIE message carrying security information by an access request issued by a CPU and sending the PCIE message to a target terminal device;
and S102, after the target terminal equipment receives the PCIE message carrying the safety information, implementing safety access control of the CPU to the target terminal equipment according to the safety information.
And the CPU is used for carrying out the security access control on the target terminal equipment according to the security information, and a feasible implementation mode of the security access control can be selected according to the requirement. For example, as an optional implementation manner, the implementation of the security access control of the CPU on the target terminal device in step S102 in this embodiment means that the CPU is allowed to access all resources of the target terminal device, or only the CPU is allowed to access a part of resources, which are set as non-secure resources, of the target terminal device, and all resources of the target terminal device are divided into a non-secure part of resources and a secure part of resources.
As shown in fig. 3, in this embodiment, the value of the security information carried in the PCIE packet in step S102 is one of a first value and a second value, and the implementation of the security access control of the CPU to the target terminal device in step S102 includes: if the safety information is a first value, only allowing the CPU to access the non-safety partial resource of the target terminal equipment; and if the safety information is the second value, allowing the CPU to access all resources of the target terminal equipment. The first value or the second value is only used for distinguishing two security access control manners, and a required definition may be adopted as needed, for example, as an optional implementation manner, in this embodiment, the first value is defined as 1, and the second value is defined as 0.
The access request issued by the CPU in step S101 may be a configuration request, an IO request, a MEM request, and the like, and the method of this embodiment depends on a specific request type. A topology structure corresponding to a PCIE protocol of a computer includes a root complex device and a target terminal device, and the root complex device and the target terminal device may be directly connected to each other or may be connected to each other through an exchange device (specifically, a PCIE exchange device). The root complex device is configured to receive an access request issued by the CPU, and a bus supporting security control may be used between the root complex device and the CPU as needed. For example, a bus supporting security control commonly used between the root complex device and the CPU is an AXI bus, and the following describes in further detail an implementation manner of step S101 in this embodiment by taking the AXI bus as an example between the root complex device and the CPU.
As shown in fig. 4, step S101 of this embodiment includes:
s201, a root complex device receives an AXI request issued by a CPU through an AXI bus;
s202, the root complex device analyzes and obtains an AxPROT signal in the AXI request, generates safety information according to the AxPROT signal, and codes the safety information into a PCIE message;
s203, the root complex device judges the connection mode with the target terminal device, if the root complex device is directly connected with the target terminal device, the PCIE message is directly sent to the target terminal device, otherwise, the PCIE message is sent to the switching device connected with the target terminal device;
s204, forward the PCIE packet to the target terminal device through the switch device connected to the target terminal device, and simultaneously transmit security information encoded in the PCIE packet, and finally send the PCIE packet to the target terminal device.
In this embodiment, when the secure information is generated from the AxPROT signal in step S202, the generated secure information is an identification bit in the AxPROT signal from the AXI request indicating whether the access is secure or non-secure (the AxPROT signal is 3 bits wide, axPROT 0 identifies the access as non-privileged or privileged, axPROT [1] identifies the access as secure or non-secure, axPROT [2] indicates whether the access is data or instruction access, but is not accurate in all cases, e.g., a transaction contains a mixture of instructions and data items), if the identification bit in the AxPROT signal indicating that the access is secure or non-secure indicates secure, the secure information is taken as a first value, otherwise the secure information is taken as a second value, wherein the first value is used to allow the CPU to access only a non-secure part of the resources of the target terminal device, and the second value is used to allow the CPU to access all of the resources of the target terminal device.
As an optional implementation manner, in this embodiment, the encoding of the security information into the PCIE packet in step S202 specifically means encoding the security information into a reserved field of the PCIE packet to implement compatibility with a standard PCIE packet protocol. Fig. 5 shows a format definition of a header of a third generation standard PCIE packet protocol (PCIE Gen 3), where the header has a size of 32 bits in total of four bytes, and the fields include a reserved field R with 1 bit respectively set between a Type and a transmission level TC, between the transmission level TC and a packet attribute Attr, and between the packet attribute Attr and a packet processing hint information tag TH. Since the first value is defined as 1 and the second value is defined as 0 in this embodiment, one of the reserved fields R of 1 bit may be occupied. The security extension of the protocol can be performed by using any one of the reserved fields R with 1 bit, and the security information AxPROT inside the processor is transmitted to the external device through the reserved field R encoded into the PCIE message. After receiving the packets, the external terminal device also needs to decode the reserved field R in the TLP, and convert the decoded reserved field R into the security information inside the terminal device, and then can implement the security access control of the CPU to the target terminal device according to the security information.
To sum up, in this embodiment, security information is introduced into a PCIE protocol packet, so that the PCIE protocol is security aware, and an EP device (terminal device) is brought into a trusted execution environment of a processor side in a PIO direction (a direction from a CPU to a read/write direction of the EP device), thereby implementing security protection on data offloaded to an off-chip PCIE device side. In particular, in order to implement compatibility with the existing PCIE protocol, in this embodiment, the security attribute field segment of the security information is introduced into the standard PCIE protocol message, so that the security control request of the CPU is transmitted to the peripheral device, and the security extension of the PCIE standard protocol under the compatible precursor to the existing PCIE protocol can be implemented.
In addition, this embodiment also provides a security extension system of a PCIE protocol, which includes a microprocessor and a memory that are connected to each other, where the microprocessor is programmed or configured to execute the security extension method of the PCIE protocol, and the security extension system of the PCIE protocol may be a heterogeneous system formed by a CPU and an accelerator, or may not include a system of an accelerator. In addition, the present embodiment also provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute the security extension method of the PCIE protocol.
Example two:
the present embodiment is basically the same as the first embodiment, and the main differences are as follows: in this embodiment, the step S102 of implementing the security access control of the CPU on the target terminal device means that the CPU is allowed to access the target terminal device, or the CPU is denied to access the target terminal device, that is, the security access control with the terminal device as the granularity is implemented.
Similarly, in this embodiment, the value of the security information carried in the PCIE packet in step S102 is one of the first value and the second value, but as shown in fig. 6, implementing security access control on the target terminal device by the CPU in step S102 in this embodiment includes: when the security information is a first value, comparing the device information of the target terminal device with a preset security terminal device information list to determine whether the target terminal device is a security terminal device, and allowing the CPU to access the target terminal device only when the target terminal device is the security terminal device (namely if the non-security terminal device CPU accesses the target terminal device, the CPU will be rejected); and directly allowing the CPU to access the target terminal equipment when the safety information is the second value.
Correspondingly, when the secure information is generated according to the AxPROT signal in step S202 of this embodiment, the generated secure information is an identifier bit indicating that access is safe or unsafe in the AxPROT signal from the AXI request, if the identifier bit indicating that access is safe or unsafe in the AxPROT signal indicates safe, the value of the secure information is a first value, otherwise, the value of the secure information is a second value, which is different from the embodiment in that the first value is used to allow the CPU to access the target terminal device only when the target terminal device is a secure terminal device, and the second value is used to directly allow the CPU to access the target terminal device. Similarly, the first value or the second value is only used for distinguishing two security access control manners, and a required definition may be adopted as needed, for example, as an optional implementation manner, in this embodiment, the first value is defined as 1, and the second value is defined as 0.
In addition, this embodiment further provides a security extension system of a PCIE protocol, which includes a microprocessor and a memory that are connected to each other, where the microprocessor is programmed or configured to execute the security extension method of the PCIE protocol, and the security extension system of the PCIE protocol may be a heterogeneous system formed by a CPU and an accelerator, or may not include a system of an accelerator. In addition, the present embodiment also provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute the security extension method of the PCIE protocol.
Example three:
the present embodiment is substantially the same as the first embodiment, and the main differences are as follows: in this embodiment, in step S202, the root complex device parses and acquires the AxPROT signal in the AXI request, generates the security information according to the AxPROT signal, and encodes the security information into the PCIE message, where the security information is not encoded in the header of the PCIE protocol, but encoded in the data of the PCIE message. The target terminal device can also extract the security information by decoding the data of the PCIE packet. In addition, not only can the security information be encoded into the data of the PCIE packet, but also other feasible valid information domains can be selected to write the security information according to the format definition of the PCIE packet, which is not listed here one by one.
In addition, this embodiment also provides a security extension system of a PCIE protocol, which includes a microprocessor and a memory that are connected to each other, where the microprocessor is programmed or configured to execute the security extension method of the PCIE protocol, and the security extension system of the PCIE protocol may be a heterogeneous system formed by a CPU and an accelerator, or may not include a system of an accelerator. In addition, the present embodiment also provides a computer-readable storage medium, in which a computer program is stored, where the computer program is used to be programmed or configured by a microprocessor to execute the security extension method of the PCIE protocol.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-readable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.
Claims (10)
1. A method for secure extension of a PCIE protocol is characterized by comprising the following steps:
s101, generating a PCIE message carrying security information by an access request issued by a CPU and sending the PCIE message to a target terminal device;
and S102, after the target terminal equipment receives the PCIE message carrying the safety information, implementing safety access control of the CPU to the target terminal equipment according to the safety information.
2. The method according to claim 1, wherein the step S102 of implementing the security access control of the CPU on the target terminal device means that the CPU is allowed to access all resources of the target terminal device, or only allowed to access a part of resources, which are set as non-secure resources, of the target terminal device, and all resources of the target terminal device are divided into a non-secure part of resources and a secure part of resources.
3. The security extension method of a PCIE protocol according to claim 2, wherein the value of the security information carried in the PCIE packet in step S102 is one of a first value and a second value, and implementing the security access control of the CPU to the target terminal device in step S102 includes: if the safety information is a first value, only allowing the CPU to access the non-safety partial resource of the target terminal equipment; and if the safety information is the second value, allowing the CPU to access all resources of the target terminal equipment.
4. The security extension method of a PCIE protocol of claim 1, wherein the implementation of the security access control of the CPU to the target terminal device in step S102 is to allow the CPU to access the target terminal device or to deny the CPU from accessing the target terminal device.
5. The security extension method of a PCIE protocol according to claim 4, wherein the value of the security information carried in the PCIE packet in step S102 is one of a first value and a second value, and implementing the security access control of the CPU to the target terminal device in step S102 includes: when the safety information is a first value, comparing the equipment information of the target terminal equipment with a preset safety terminal equipment information list to determine whether the target terminal equipment is the safety terminal equipment, and allowing the CPU to access the target terminal equipment only when the target terminal equipment is the safety terminal equipment; and directly allowing the CPU to access the target terminal equipment when the safety information is the second value.
6. The method for securely extending a PCIE protocol according to any one of claims 1 to 5, wherein the step S101 includes:
s201, a root complex device receives an AXI request issued by a CPU through an AXI bus;
s202, the root complex device analyzes and obtains an AxPROT signal in the AXI request, generates safety information according to the AxPROT signal, and codes the safety information into a PCIE message;
s203, the root complex device judges the connection mode with the target terminal device, if the root complex device is directly connected with the target terminal device, the PCIE message is directly sent to the target terminal device, otherwise, the PCIE message is sent to the switching device connected with the target terminal device;
and S204, forwarding the PCIE message to the target terminal equipment through the switching equipment connected with the target terminal equipment, and simultaneously transmitting the safety information coded in the PCIE message, and finally sending the PCIE message to the target terminal equipment.
7. The method according to claim 6, wherein when the security information is generated according to the AxPROT signal in step S202, the generated security information is an identifier bit indicating that access is safe or unsafe in the AxPROT signal from the AXI request, if the identifier bit indicating that access is safe or unsafe in the AxPROT signal indicates safe, the value of the security information is a first value, otherwise, the value of the security information is a second value, where the first value is used to allow only the CPU to access the non-safe part of the target terminal device, the second value is used to allow the CPU to access all the resources of the target terminal device, or the first value is used to allow only the CPU to access the target terminal device when the target terminal device is a safe terminal device, and the second value is used to directly allow the CPU to access the target terminal device.
8. The method according to claim 6, wherein the step S202 of encoding the security information into the PCIE message specifically means encoding the security information into a reserved field of the PCIE message to achieve compatibility with a standard PCIE message protocol.
9. A security extension system of PCIE protocol, comprising a microprocessor and a memory, which are connected to each other, wherein the microprocessor is programmed or configured to execute the security extension method of PCIE protocol according to any one of claims 1 to 8.
10. A computer-readable storage medium having a computer program stored thereon, wherein the computer program is configured or programmed by a microprocessor to perform the method for security extension of a PCIE protocol as defined in any one of claims 1 to 8.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211476721.0A CN115688089A (en) | 2022-11-23 | 2022-11-23 | Method, system and medium for safely extending PCIE protocol |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211476721.0A CN115688089A (en) | 2022-11-23 | 2022-11-23 | Method, system and medium for safely extending PCIE protocol |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115688089A true CN115688089A (en) | 2023-02-03 |
Family
ID=85056419
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211476721.0A Pending CN115688089A (en) | 2022-11-23 | 2022-11-23 | Method, system and medium for safely extending PCIE protocol |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115688089A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116932274A (en) * | 2023-09-19 | 2023-10-24 | 苏州元脑智能科技有限公司 | Heterogeneous computing system and server system |
-
2022
- 2022-11-23 CN CN202211476721.0A patent/CN115688089A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116932274A (en) * | 2023-09-19 | 2023-10-24 | 苏州元脑智能科技有限公司 | Heterogeneous computing system and server system |
CN116932274B (en) * | 2023-09-19 | 2024-01-09 | 苏州元脑智能科技有限公司 | Heterogeneous computing system and server system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8103869B2 (en) | Distributed (modular) internal architecture | |
US9489328B2 (en) | System on chip and method for accessing device on bus | |
CN108491727B (en) | Safety processor integrating general calculation, trusted calculation and password calculation | |
CN115102780B (en) | Data transmission method, related device, system and computer readable storage medium | |
JP2008539484A (en) | Universal serial bus function delegation | |
CN106127059B (en) | The realization of credible password module and method of servicing on a kind of ARM platform | |
WO2013095411A1 (en) | INCORPORATING ACCESS CONTROL FUNCTIONALITY INTO A SYSTEM ON A CHIP (SoC) | |
CN103558812B (en) | Based on the MVB network four kind equipment network interface card of FPGA and ARM | |
CN115688089A (en) | Method, system and medium for safely extending PCIE protocol | |
WO2022020225A1 (en) | Methods and apparatus for in-memory device access control | |
KR101559089B1 (en) | Communication protocol for sharing memory resources between components of a device | |
CN104834874A (en) | Establishing physical locality between secure execution environments | |
CN115632976A (en) | PCIE transaction layer message generation method, device and storage medium | |
US9882737B2 (en) | Network system | |
CN110321725A (en) | A kind of method and device for preventing from distorting system data and clock | |
CN114925386B (en) | Data processing method, computer device, data processing system and storage medium | |
CN114915499B (en) | Data transmission method, related device, system and computer readable storage medium | |
CN115587348A (en) | Configurable security control method, device and medium for memory access of PCIE (peripheral component interface express) equipment | |
CN115102701B (en) | Multi-chip data encryption and decryption processing method and device | |
CN115065966B (en) | Terminal and communication method | |
CN112910910B (en) | Method, device, equipment and storage medium for processing OPCDA protocol message | |
CN112463357B (en) | Method and equipment for safe interaction of server in-band data | |
ES2744525T3 (en) | Gateway server with micro-core | |
CN116257368A (en) | Communication method in computer system and related product | |
CN100517290C (en) | Method for realizing universal series bus key compound equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |