TW202334827A - Electronic device including access control identifiers for controlling access to peripherals - Google Patents

Abstract

An electronic device includes a transaction host, a first peripheral, a second peripheral, a first access controller connected to the first peripheral, a second access controller connected to the second peripheral, and an access control register storing a first access control identifier for the first peripheral and a second access control identifier for the second peripheral. The first access controller to receive an access request for access to the first peripheral by the transaction host, perform an access determination for the first peripheral based at least on the first access control identifier for the first peripheral, and allow or prevent the transaction host access to the first peripheral based on the access determination.

Description

Electronic devices including access control identification codes for controlling access to peripheral devices

[Related patent applications]

This application claims priority from commonly owned U.S. Provisional Patent Application No. 63/295,962, filed on January 3, 2022, the entire contents of which are incorporated herein by reference for all purposes.

The present invention relates to an electronic device including a peripheral device, and more particularly, to an electronic device including an access control identification code for controlling access to the peripheral device.

A system on a chip (also known as system-on-chip or SoC) is an integrated circuit (IC) that integrates an electronic system or computer system on a single chip. SoC usually includes at least one processor, such as a central processing unit (CPU), a microcontroller or a microprocessor (MPU) and various peripheral devices, such as input/output ports, internal memory, and analog input and output blocks. For example, a radio modem, a graphics processing unit (GPU), and/or one or more co-processors, all on a single substrate or microchip. SoCs can be designed for a variety of functions, such as signal processing, wireless communications, or artificial intelligence.

In some SoCs, the firmware running on the processor has full access to all peripherals on the SoC, regardless of the current operating mode of the processor, such as privileged mode or user mode. This can lead to malfunctions or other undesirable consequences. For example, a faulty or malicious firmware device driver corresponding to one peripheral device can mistakenly (or maliciously) access and damage another peripheral device, for example, by changing the temporary storage set in the other peripheral device. device.

There is a need for improved, low-cost access control of peripheral devices provided in SoCs or other electronic devices, such as to protect peripheral devices from malfunctions or malicious firmware.

Systems and methods are provided for controlling access to peripheral devices in an electronic device (eg, SoC or other electronic device), such as to protect peripheral devices from erroneous or malicious access. Some examples provide programmable (e.g., updateable) access control identifiers corresponding to respective peripheral devices and respective access controllers for controlling access to the respective peripheral devices based at least on the access control identifiers. access. The access control identification code may include one or more bits, referred to herein as access control bits. Access control identifiers may be used to protect peripheral devices during the execution of user-space tasks (eg, device driver operations associated with selected peripheral devices). For example, to perform respective tasks associated with selected peripheral devices (e.g., device driver operations), a transaction host (e.g., processor) may execute supervisory firmware or other supervisory code to program (e.g., configure or Update the respective access control identifiers in the access control register to (a) allow the respective tasks to access the selected peripheral device, and (b) prevent the respective tasks from accessing other peripheral devices, e.g., prevent each A specific task may mistakenly or maliciously access registers in any of the other peripheral devices. In some examples, the access controller may enable a transaction host (e.g., a processor) to program (e.g., set or update) individual access control identifiers to allow operation in a privileged mode (e.g., within associated supervisory firmware). Supervise the code's access to all peripheral devices during execution).

In some examples, separate bit masks are stored for respective tasks (e.g., device driver operations), where the bit masks for respective tasks indicate the use of respective peripheral devices to perform the respective tasks individual access settings. Prior to executing the respective tasks, the transaction host may access the bit mask associated with the respective tasks and program (eg, set or update) the respective access control identifiers in the access control register. The programmed individual access control identifiers can be accessed and used by the access controller associated with the respective peripheral device to control access to the respective peripheral device during execution of the respective task.

In some applications, access control identifiers and access controllers can eliminate the need for complex software, thus allowing smaller or less expensive processors (eg, in SoCs).

One aspect provides an electronic device, which includes: a transaction host; a first peripheral device; a second peripheral device; a first access controller connected to the first peripheral device; and a second access controller connected to the first peripheral device. two peripheral devices; and an access control register that stores a first access control identification code for the first peripheral device and a second access control identification code for the second peripheral device. The first access controller is configured to receive an access request from the transaction host to access the first peripheral device, and make an access determination to the first peripheral device based at least on the first access control identification code for the first peripheral device; And based on the access determination, the transaction host is allowed or prevented from accessing the first peripheral device.

In some examples, the trading host includes a processor or direct memory access (DMA) engine.

In some examples, the transaction host includes a bridge to receive a request to access the first peripheral device from an external host separate from the electronic device.

In some examples, the first access control identification code includes one or more first access control bits, and the second access control identification code includes one or more second access control bits.

In some examples, the electronic device includes firmware executable by the transaction host to program at least one of the first access control identifier and the second access control identifier based on an operating mode of the transaction host.

In some examples, the electronic device includes firmware executable by the transaction host to (a) allow access by the transaction host to the respective peripheral device and (b) prevent access by the transaction host to the respective peripheral device. At least one of a first access control identification code for the first peripheral device and a second access control identification code for the second peripheral device is programmed between the access prevention settings of the device.

In some examples, the electronic device includes firmware executable by the transaction host to program the first access control identifier and the second access control identifier, including: (a) for privileged mode operation of the transaction host, using Programming the first access control identification code and the second access control identification code into access permission settings to allow the transaction host to access both the first peripheral device and the second peripheral device; (b) for the user operating in a first user mode of the transaction host for performing operations related to the first peripheral device, for programming the first access control identification code into an access permission setting to allow access to the first peripheral device, and for Programming the second access control identifier into an access prevention setting to prevent access to the second peripheral device; and (c) second user mode operation of the transaction host for performing operations related to the second peripheral device , for programming the first access control identification code into an access prevention setting to prevent access to the first peripheral device, and for programming the second access control identification code into an access permission setting to allow access to the third peripheral device. 2. Peripheral equipment.

In some examples, the access controller is configured to operate based on at least (a) a peripheral-specific access control identifier for the first peripheral device and (b) an operating mode indicative of a privileged mode of the transaction host and a user mode of the transaction host. The signal is used to determine access to the first peripheral device.

In some examples, the first access control identification code for the first peripheral device and the second access control identification code for the second peripheral device respectively indicate any of the following: (a) restricted access settings, This is used to allow access to the respective peripheral only in the privileged mode of the trading host, or (b) an open access setting, which is used to allow access in both the privileged mode of the trading host and the user mode of the trading host Each peripheral device.

In some examples, the electronic device includes firmware executable by the transaction host to program at least one of the first access control identifier and the second access control identifier between the restricted access setting and the open access setting. One.

In some examples, the access controller is configured to (a) determine to allow access to the first peripheral device if the first access control identification code for the first peripheral device indicates an open access setting and the operating mode signal indicates a privileged mode of the transaction host; A peripheral device; (b) If the first access control identification code for the first peripheral device indicates an open access setting and the operating mode signal indicates the user mode of the transaction host, it is determined that access to the first peripheral device is allowed; ( c) If the first access control identification code for the first peripheral device indicates a restricted access setting and the operating mode signal indicates a privileged mode of the transaction host, it is determined that access to the first peripheral device is allowed; and (d) if with When the first access control identification code of the first peripheral device indicates a restricted access setting and the operation mode signal indicates a user mode of the transaction host, it is determined that access to the first peripheral device is prevented.

In some examples, the transaction host can selectively operate in privileged mode and user mode; and at least one of the first access control identifier and the second access control identifier only operates in the privileged mode of the transaction host is programmable.

In some examples, the electronic device includes firmware running on the transaction host, and wherein allowing or preventing access to the first peripheral device includes allowing or preventing access to the first peripheral device by the firmware running on the transaction host.

In some examples, the access control register is provided in a specific peripheral device among the plurality of peripheral devices.

In some examples, the electronic device includes an additional transaction host, wherein the first access control identification code and the second access control identification code are associated with the transaction host, and wherein the access control register is stored for the first peripheral device and is associated with the transaction host. a third access control identifier associated with the additional transaction host, and a fourth access control identifier for the second peripheral device associated with the additional transaction host. The access controller is configured to receive an additional access request from an additional transaction host to access the first peripheral device; and perform matching based on (a) the access request identification code identifying the additional transaction host and (b) the third access control identification code. an additional access determination of the first peripheral device; and allowing or preventing access to the first peripheral device by an additional transaction host based on the additional access determination.

In some examples, the electronic device is a system-on-chip (SoC) device.

Another aspect provides a method, which includes: in an electronic device including a transaction host, a first peripheral device and a second peripheral device, and an access control register, using (a) a first step for the first peripheral device. The access control identification code and (b) the second access control identification code for the second peripheral device are stored in the access control register. A first access controller associated with the first peripheral device receives a request from the transaction host to access the first peripheral device. The first access controller makes an access determination to allow or prevent access to the first peripheral device based on at least a first access control identification code for the first peripheral device, and allows or prevents access to the first peripheral device based on the access determination. Peripheral equipment.

In some examples, the method includes executing firmware by the transaction host to program at least one of the first access control identifier and the second access control identifier based on an operating mode of the transaction host.

In some examples, methods include executing, by the transaction host, firmware to configure (a) an access permission setting that allows access by the transaction host to the respective peripheral device and (b) preventing access by the transaction host to the respective peripheral device. At least one of a first access control identification code for the first peripheral device and a second access control identification code for the second peripheral device is dynamically programmed between access prevention settings.

In some examples, the method includes executing firmware by the transaction host to program the first access control identifier and the second access control identifier, including: (a) for privileged mode operation of the transaction host, respectively An access control identification code and a second access control identification code are both set to allow the transaction host to access both the first peripheral device and the second peripheral device; (b) for performing the transaction with the first peripheral device; A first user mode operation of the transaction host for a peripheral device-related operation, setting the first access control identification code to the access permission setting, and setting the second access control identification code to prevent access to the second peripheral device the access prevention setting; and (c) for the second user mode operation of the transaction host used to perform operations related to the second peripheral device, set the first access control identification code as the access prevention setting, and The second access control identification code is set as the access permission setting.

In some examples, the method includes making an access determination by the first access controller based on at least (a) a first access control identification code for the first peripheral device and (b) a privileged mode indicating the transaction host and the operation mode signal of the user mode of the transaction host to allow or prevent access to the first peripheral device.

In some examples, the first access control identification code for the first peripheral device and the second access control identification code for the second peripheral device respectively indicate any of the following: (a) restricted access settings, which prevents access to the respective peripheral device in the user mode of the trading host, or (b) an open access setting which allows access to the respective peripheral device in both the privileged mode of the trading host and the user mode of the trading host .

In some examples, the method includes executing firmware by the transaction host to dynamically program at least one of the first access control identifier and the second access control identifier between a restricted access setting and an open access setting. .

In some examples, making an access determination to allow or prevent access to the first peripheral device includes: (a) if the peripheral device-specific access control identification code for the first peripheral device indicates an open access setting and the operating mode signal indicates The privileged mode of the trading host allows access to the first peripheral device; (b) if the first access control identification code for the first peripheral device indicates an open access setting and the operating mode signal indicates the user mode of the trading host, then allow access to the first peripheral device; (c) if the first access control identification code for the first peripheral device indicates a restricted access setting and the operating mode signal indicates a privileged mode of the transaction host, then allow access to the first peripheral device peripheral device; and (d) preventing access to the first peripheral device if the first access control identification code for the first peripheral device indicates a restricted access setting and the operating mode signal indicates a user mode of the transaction host.

In some examples, methods include allowing the first access control identifier to be programmed in a privileged mode of the transaction host and preventing the first access control identifier from being programmed in a user mode of the transaction host.

Another aspect provides a method, which includes: in an electronic device including a transaction host, a first peripheral device and a second peripheral device, and an access control register, using the first access control for the first peripheral device The identification code and the second access control identification code for the second peripheral device are stored in the access control register. The transaction host sets the first access control identification code and the second access control identification code to allow access to the first peripheral device and the second peripheral device respectively, and the transaction host performs a privileged mode operation at the first time. Subsequently, the transaction host sets (a) a first access control identifier to allow access by the transaction host to the first peripheral device and (b) a second access control identifier to prevent access by the transaction host to the second peripheral device, and A user mode operation related to the first peripheral device is performed at a second time.

In some examples, the transaction host sets (a) a first access control identifier to prevent access by the transaction host to the first peripheral device and (b) a second access control identifier to allow access by the transaction host to the second peripheral device. device, and performs a user mode operation related to the second peripheral device at a third time.

Another aspect provides an electronic device, which includes a first peripheral device, a second peripheral device, a non-transitory memory, an access control register, a transaction host, a first access controller and a second access controller. . Non-transitory memory stores: (a) supervisory firmware including access control identifier management instructions, (b) computer-readable code including a first task associated with the first peripheral device, and (c) associated with the first peripheral device. The first element mask corresponding to the task, the first element mask instruction is used to perform respective access settings of the first peripheral device and the second peripheral device of the first task. The access control register includes a first access control identification code for the first peripheral device and a second access control identification code for the second peripheral device. The transaction host is configured to execute the access control identifier management instructions in the supervision firmware to program the first and second access controls in the access control register based on the first bit mask corresponding to the first task. an identification code, and after masking the first and second access control identification codes in the programmed access control register based on the first element mask, performing a first task related to the first peripheral device. The first access controller is configured to control access to the first peripheral device based on at least a first access control identification code programmed based on the first element mask in the access control register, and the second access controller The controller is configured to control access to the second peripheral device based on at least a second access control identification code based on the first element mask programming in the access control register.

In some examples, the electronic device is a system-on-chip (SoC) device.

In some examples, the trading host includes a processor or direct memory access (DMA) engine.

In some examples, the first bit mask and the second bit mask are stored in a bit mask data structure in non-transitory memory.

In some examples, the first element mask includes one or more first element mask bits indicating access settings of the first peripheral device for performing the first task and indicating that the first element mask bit is used for performing the first task. One or more second bit mask bits of the access setting of the second peripheral device, and the first access control identification code includes one or more first access control bits, and the second access control identification code The code includes one or more second first access control bits.

In some examples, the computer-readable code includes a second task associated with the second peripheral device; the non-transitory memory stores a second bit mask corresponding to the second task, and the second bit mask instructions are used to Perform respective access settings of the first peripheral device and the second peripheral device of the second task; and the transaction host is used to (a) execute the access control identification code management instructions in the supervisory firmware based on the access control identifier corresponding to the second task The second bit mask is used to program the first and second access control identification codes in the access control register, and (b) the second bit mask is used to program the first and second access control identification codes in the access control register. After the first and second access control identification codes, a second task related to the second peripheral device is performed.

In some examples, the non-transitory memory includes an unprivileged portion and a privileged portion, the unprivileged portion stores computer readable codes including the first task and the second task, and the privileged portion stores supervision including access control identifier management instructions. Firmware and first-dimensional mask corresponding to the first task.

In some examples, the access controller is configured to receive an access request from the transaction host to access the first peripheral device for performing a first task; at least based on a bit mask programming corresponding to the first task. The first access control identification code is used to perform an access determination on the first peripheral device; and based on the access determination, the transaction host is allowed or prevented from accessing the first peripheral device.

In some examples, the first access controller is configured to instruct the transaction host based on at least (a) a first access control identifier programmed by the transaction host based on a bitmask corresponding to the first task and (b) Access to the first peripheral device is determined based on the operation mode signal of the privileged mode or the user mode of the transaction host.

In some examples, the bitmask corresponding to the first task indicates that (a) the first task is assigned peripheral access permission of the first peripheral device, and (b) the first task is not assigned a second peripheral device Peripheral access permission.

In some examples, the bitmask corresponding to the first task indicates that (a) the first task is assigned peripheral access permission of the first peripheral device, and (b) the first task is not assigned a second peripheral device Peripheral access permission. The access control ID management instruction is used to program the first and second access control IDs in the access control register based on the first element mask before executing the first task, including (a) changing the first the access control identity code is programmed to allow access to the access permission value of the first peripheral device during performance of the first task, and (b) the second access control identity code is programmed to prevent access to the first peripheral device during performance of the first task. Get the access protection value of the second peripheral device. The first access controller is used to allow access to the first peripheral device during execution of the first task based on the access permission value of the first access control identification code, and the second access controller is configured to allow access to the first peripheral device based on the second access control identification code. The access prevention value prevents access to the second peripheral device during execution of the first task.

In some examples, the transaction host selectively operates in a privileged mode and a user mode; and the first element mask corresponding to the first task indicates that (a) the first task is assigned peripheral access of the first peripheral device permission, and (b) the first task is not assigned a peripheral access permission for the second peripheral device. The access control ID management instruction is used to program the first and second access control IDs in the access control register based on the first element mask before executing the first task, including (a) changing the first The access control identifier is programmed into an open access setting of the first peripheral device that allows access to the first peripheral device in both privileged mode and user mode of the transaction host; and (b) converting the first peripheral device to The second access control identifier is programmed into a restricted access value for the second peripheral device that allows access to the second peripheral device in privileged mode but not in user mode of the transaction host.

In some examples, the access control register is provided in the third peripheral device.

Another aspect provides a method. The method includes: storing a transaction host, a first peripheral device, a second peripheral device, and a storage device including a first access control identification code for the first peripheral device and a second access control identification code for the second peripheral device. In an electronic device that obtains a control register, (a) a computer-readable program code including a first task related to a first peripheral device and (b) a first element mask corresponding to the first task, the first The bit mask indicates respective access settings of the first peripheral device and the second peripheral device for performing the first task. Before executing the first task, the transaction host executes the access control identifier management instructions to program the first and second access controls in the access control register based on the first bit mask corresponding to the first task. Identification code. After masking the first and second access control identification codes in the programmed access control register based on the first element mask, the transaction host performs a first task related to the first peripheral device. During execution of the first task: the first access controller associated with the first peripheral device controls based on at least a first access control identification code based on the first element mask programming in the access control register. Access to the first peripheral device; and a second access controller associated with the second peripheral device based on at least a second access control identification based on the first element mask programming in the access control register code to control access to the second peripheral device.

In some examples, the method includes: storing computer readable code including a second task associated with the second peripheral device; and storing a second bit mask corresponding to the second task, the second bit mask indicating Separate access settings for the first peripheral device and the second peripheral device performing the second task. Before executing the second task, the transaction host executes the access control ID management instructions to program the first and second access controls in the access control register based on the second bit mask corresponding to the second task. Identification code. After programming the first and second access control identification codes in the access control register based on the second bit mask, the transaction host performs a second task related to the second peripheral device. During execution of the second task: the first access controller associated with the first peripheral device controls based on at least the first access control identification code based on the second bit mask programming in the access control register. Access to the first peripheral device; and a second access controller associated with the second peripheral device based on at least a second access control identification based on the second bit mask programming in the access control register code to control access to the second peripheral device.

In some examples, the first access controller that controls access to the first peripheral device based on at least a first access control identification code programmed based on a first element mask includes a first access controller: Receive an access request from the transaction host to access the first peripheral device for performing the first task; and perform access to the first peripheral device based on at least a first access control identification code programmed based on the first element mask. an access determination; and allowing or preventing the transaction host from accessing the first peripheral device based on the access determination.

In some examples, the method includes the first access controller based on at least (a) a first access control identifier programmed based on a first element mask and (b) instructing a privileged mode of the transaction host or use of the transaction host According to the operation mode signal of the other mode, the access determination to the first peripheral device is performed.

In some examples, the bitmask corresponding to the first task indicates that (a) the first task is assigned peripheral access permission of the first peripheral device, and (b) the first task is not assigned a second peripheral device Peripheral access permission. Executing the access control ID management instructions to program the first and second access control IDs in the access control register based on the first bit mask corresponding to the first task includes (a) converting the first the access control identity code is programmed to allow access to the access permission value of the first peripheral device during performance of the first task, and (b) the second access control identity code is programmed to prevent access to the first peripheral device during performance of the first task. Get the access protection value of the second peripheral device. During execution of the first task: the first access controller associated with the first peripheral device allows access to the first peripheral device based on the access permission value of the first access control identification code, and communicates with the second peripheral device The associated second access controller prevents access to the second peripheral device based on the access prevention value of the second access control identification code.

In some examples, the transaction host selectively operates in a privileged mode and a user mode, and the first bit mask corresponding to the first task indicates that (a) the first task is assigned peripheral access of the first peripheral device permission, and (b) the first task is not assigned a peripheral access permission for the second peripheral device. Executing access control identifier management instructions to program the first and second access control identifiers in the access control register based on the first bit mask corresponding to the first task includes (a) converting the first access control identifier to an access control identifier programmed into an open access value of the first peripheral device that allows access to the first peripheral device in both privileged mode and user mode of the transaction host; and (b) The second access control identifier is programmed as a restricted access value for the second peripheral device that allows access to the second peripheral device in privileged mode but not in user mode of the transaction host. During execution of the first task: the first access controller associated with the first peripheral device allows storage in both the privileged mode and the user mode of the transaction host based on the open access value of the first access control identification code. Access the first peripheral device; and a second access controller associated with the second peripheral device prevents use in a privileged mode of the transaction host but not on the transaction host based on the restricted access value of the second access control identification code access the second peripheral device in user mode.

1 illustrates an example electronic device 100 utilizing access control identifiers to control access to peripheral devices, according to one example. The access control identifiers may be programmable. For example, individual access control identifiers may Set and/or updated over time. The electronic device 100 includes a transaction host 102, peripheral devices 104, an access controller 106, and an access control register 110 that stores an access control identification code 112. The components of electronic device 100 may be communicatively connected to each other via any type of communication link 114 (eg, bus, wire, or other type of link). In some examples, the access controller 106 may be connected between the bus and the respective peripheral device 104 , or alternatively may be indirectly connected to the bus and operable to interface with peripheral devices 104 a - 104 n connected to the bus. Select the communication for access determination.

In some examples, electronic device 100 is a system-on-chip (SoC) device. In other examples, the electronic device 100 may be a multi-chip system including a transaction host 102 disposed on one chip and peripheral devices 104 disposed on separate chips. The transaction host 102 may include any device capable of initiating the execution of tasks associated with the respective peripheral device 104 (eg, accessing registers disposed in the respective peripheral device 104). For example, the transaction host 102 may include a processor such as a microprocessor, microcontroller, central processing unit (CPU), processor core, direct memory access (DMA) engine, or any other type of computer processor. As another example, transaction host 102 may include a bridge connected to external host 116 (eg, including a processor separate from electronic device 100) to allow external host 116 to access at least one peripheral device 104.

Peripheral devices 104 (eg, including input/output devices and/or other peripheral devices) may include any device that provides input, output, or data storage functions for the electronic device 100, such as one or more PCI Express interfaces, Ethernet interfaces , USB interface, I ² C (inter-integrated circuit) interface, direct memory access (DMA) controller, interrupt controller, analog-to-digital converter (ADC), WI-FI interface, Bluetooth interface, global mobile communications System (GSM) interface, General Packet Radio Service (GPRS) interface, Global Positioning System (GPS) interface, 3G interface, 4G interface, 5G interface, Universal Asynchronous Receiver-Transmitter (UART), Controller Area Network Flexible data rate (CAN-FD) interface, general purpose input/output (GPIO) interface, display device interface, modem, graphics processing unit (GPU) or co-processor.

Electronic device 100 may include any number of peripheral devices 104 . The example electronic device 100 shown in Figure 1 includes peripheral devices 104a-104n, although it is understood that the electronic device 100 may include any number of one or more peripheral devices.

A respective access controller 106 may be connected to the corresponding peripheral device 104 for controlling (eg, allowing or preventing) access to the respective peripheral device 104 by a device driver (firmware), such as executed by the transaction host 102 . For example, as discussed below with reference to FIG. 2 , the transaction host 102 may execute firmware to perform various tasks related to the peripheral device 104 . For example, the transaction host 102 may execute a device driver corresponding to the respective peripheral device 104a-104n to perform tasks (eg, device driver tasks) associated with the respective peripheral device 104a-104n. Access controller 106 may control (eg, allow or prevent) access to respective peripheral devices 104 for respective tasks performed by transaction host 102 .

As shown, electronic device 100 may include respective access controllers 106a-106n corresponding to respective peripheral devices 104a-104n. For example, the first access controller 106a can be connected between the transaction host 102 and the first peripheral device 104a to control the access of the transaction host 102 to the first peripheral device 104a, and the second access controller 106b can be connected between the transaction host 102 and the first peripheral device 104a. between the transaction host 102 and the second peripheral device 104b to control the access of the transaction host 102 to the second peripheral device 104b, and so on. For example, first access controller 106a may allow a first task (e.g., associated with a first device driver corresponding to first peripheral device 104a) to access first peripheral device 104a, and prevent a second task (e.g., associated with a first device driver corresponding to first peripheral device 104a) from accessing first peripheral device 104a. For example, the first peripheral device 104a is accessed in conjunction with a second device driver corresponding to the second peripheral device 104b. Similarly, the second access controller 106b may allow a second task (associated with the second device driver corresponding to the second peripheral device 104b) to access the second peripheral device 104b and prevent the first task (associated with the second device driver corresponding to the second peripheral device 104b) from accessing the second peripheral device 104b. The first device driver associated with the first peripheral device 104a accesses the second peripheral device 104b.

Respective access controllers 106a - 106n may include electronic circuitry to control ( For example, allowing or preventing access to respective peripheral devices 104a-104n by transaction host 102. As discussed below, additional access control input data may include, for example, (a) an operating mode signal (OMS) 120 indicating the operating mode of the transaction host 102 and/or (b) identifying individual requests for access to respective peripheral devices 104 The access request identification code of the transaction host 102 (discussed below with reference to FIG. 3 with respect to an example including multiple transaction hosts 102).

In some examples, the access control identifiers (also referred to herein as "AC identifiers") 112 stored in the access control register 110 include respective registers corresponding to respective peripheral devices 104a-104n. The access control identification codes 112a to 112n include a first access control identification code 112a corresponding to the first peripheral device 104a, a second access control identification code 112b corresponding to the second peripheral device 104b, and so on. Respective access control identification codes 112a - 112n for respective peripheral devices 104a - 104n may include one bit, multiple bits, or other data indicative of access settings for respective peripheral devices 104a - 104n. For example, the first access control identification code 112a may include one or more bits indicating the access setting of the first peripheral device 104a, and the second access control identification code 112a may include one or more bits indicating the access setting of the second peripheral device 104b. Access one or more bits of a setting. The access control register 110 may include a single register or multiple registers of any suitable size, such as one or more 8-bit registers, 32-bit registers, or 64-bit registers. .

As discussed below with reference to FIG. 2, the transaction host 102 may program (eg, configure or update) individual accesses before performing individual tasks (eg, firmware tasks) based on peripheral access permissions assigned to the individual tasks. Control the values of identification codes 112a to 112n. As discussed below, the electronic device 100 may store separate bit masks for respective tasks, the bit masks being used to indicate peripheral access permissions for the respective tasks, such as where the respective bit masks for the respective tasks A bitmask indicates whether each task is assigned a peripheral access grant for a respective peripheral device 104a through 104n (or is not assigned a peripheral access grant for a respective peripheral device 104a through 104n). For example, the electronic device 100 may store a first bit mask for a first task and a second bit mask for a second task, the first bit mask indicating that the first task is assigned a first bit mask. The second bitmask indicates that the second task is assigned the peripheral access permission of the second peripheral device 104b but is not assigned the peripheral access permission of the second peripheral device 104b. Peripheral access permission is assigned to the first peripheral device 104a. In some examples, peripheral access permissions may be assigned to individual tasks by a code developer (e.g., a firmware developer), such as based on selected peripherals that the individual tasks may require or utilize. individual bit masks). In some examples, the respective access controllers 106a - 106n associated with the respective peripheral devices 104a - 104n perform access control based on the respective access control identification codes 112a - 112n corresponding to the respective peripheral devices 104a - 104n. Access decisions are taken for respective peripheral devices 104a to 104n. In other examples, the respective access controllers 106a - 106n associated with the respective peripheral devices 104a - 104n are based on (a) the respective access control identification codes 112a - 112n corresponding to the respective peripheral devices 104a - 104n and (b) The operating mode signal 120 indicates the current operating mode (eg, privileged mode or user mode) of the transaction host 102 to make access determinations for accessing the respective peripheral devices 104a to 104n.

In other examples, multiple processing hosts 102 are provided, and respective access controllers 106a - 106n are associated with respective peripheral devices 104a - 104n based on (a) a transaction host identification code that identifies the requesting transaction host 102 and (b) ) respective access control identification codes 112a - 112n corresponding to the peripheral devices 104a - 104n and corresponding to the respective requesting transaction host 102 (e.g., where the access control register 110 stores for the respective transaction host 102 for the peripheral device The respective sets of access control identification codes 112a to 112n of 104a to 104n) are used to perform access determinations on access to respective peripheral devices 104a to 104n by the requesting transaction host 102 (or multiple transaction hosts 102). In other examples, multiple processing hosts 102 are provided, with respective access controllers 106a - 106n associated with respective peripheral devices 104a - 104n based on (a) a transaction host identification code identifying the requesting transaction host 102, and (b) ) respective access control identification codes 112a - 112n corresponding to respective peripheral devices 104a - 104n and corresponding to the requesting transaction host 102 (e.g., where the access control register 110 stores for the respective transaction host 102 for the peripheral device (respective sets of access control identification codes 112a through 112n 104a through 104n), and (c) an operating mode signal 120 indicating the current operating mode of the requesting transaction host 102 (e.g., privileged mode or user mode). Access determinations requesting transaction host 102 (or multiple transaction hosts 102) to access respective peripheral devices 104a-104n.

Generally speaking, when the transaction host 102 attempts to access a respective peripheral device 104, such as the first peripheral device 104a, the first access controller 106a may (a) receive an access request from the transaction host 102 for accessing a third peripheral device 104a. a peripheral device 104a; (b) access the access control identifier 112 for the first peripheral device 104a from the access control register 110; (c) based on the first access control identifier 112a (and in some examples (in which additional access control input data) is used to perform an access determination; and (d) in response to the access determination, allowing or preventing the transaction host 102 from accessing the first peripheral device 104a.

In a first example, as shown in Table 1 below, respective access control IDs 112a through 112n are programmable between the following access control ID (AC_ID) values: (a) Access permission settings (e.g., AC_ID value=[0]), which allows access by the transaction host 102 to the respective peripheral devices 104a-104n (e.g., executing device drivers or other firmware) and (b) access-preventing settings (e.g., AC_ID value=[ 1]), which prevents access by transaction host 102 to respective peripheral devices 104a-104n (eg, execution of device drivers or other firmware). Table 1. Access control identification code scheme of the first example AC_ID value Allow access to peripherals? 0 (access allowed) yes 1 (access prevention) no

In some examples, respective access controllers 106a - 106n may store or access a lookup table (LUT) including the data of Table 1 that the respective access controllers 106a - 106n may access for accessing determination. In some examples, respective access controllers 106a-106n may store respective LUTs in memory 107, such as a read-only memory (ROM) device (where respective instances of memory 107 may be located in respective access controllers 106a through 106n, or where memory 107 may otherwise be accessible by respective access controllers 106a through 106n). In other examples, respective access controllers 106a - 106n may implement the decisions specified in Table 1 using appropriate examples of logic circuitry 108 . For example, as discussed below with reference to FIG. 4A , respective access controllers 106a - 106n may include logic circuitry 108 including logic for processing accesses input to respective access controllers 106a - 106n NOT gate (or inverter) that controls the identification code. (In another example, the meaning of the AC_ID values may be reversed, for example, where AC_ID=0 indicates an access-prevent setting, and AC_ID=1 indicates an access-allowing setting, and the NOT gate may be omitted.)

In a first example (i.e., implementing the solution shown in Table 1), the transaction host 102 may execute respective firmware (e.g., access control identifier management instructions 214 disposed in the computer-readable supervisory code 206 , such as implemented in firmware, as shown in Figure 2 discussed below) according to the scheme described above, for example based on the current operating mode of the trading host (e.g., privileged mode or user mode) and/or in Access control identifiers 112a - 112n are dynamically programmed on the fly (eg, using a device driver corresponding to the particular peripheral 104a - 104n ) prior to initiating a task associated with the particular peripheral 104a - 104n . For example: (a) Before initiating a privileged mode task associated with any peripheral device 104a through 104n, the transaction host 102 can program the AC identification code 112a through 112n to 0 (allowing the transaction host 102 to access the peripheral device 104a through 104n); (b) Before initiating the user mode task associated with the first peripheral device 104a, the transaction host 102 may program the AC identification code 112a to 0 and the AC identification codes 112b...112n to 1 (allowing the transaction host 102 accesses the first peripheral device 104a and prevents access to the peripheral devices 104b...104n); and (c) Before initiating the user mode task associated with the second peripheral device 104b, the transaction host 102 can program the AC identification code 112b to 0 and the AC identification codes 112a, 112c...112n to 1 (allow The transaction host 102 accesses the second peripheral device 104b and prevents access to the peripheral devices 104a, 104c...104n).

In a first example, the respective access controllers 106a - 106n associated with the particular peripherals 104a - 104n are based on the current value of the respective access control identification code 112a - 112n corresponding to the particular peripheral 104a - 104n, e.g. , making access determinations for accessing specific peripheral devices 104a to 104n without additionally requiring an operating mode signal indicating the current operating mode of transaction host 102. For example, when the first access controller 106a associated with the first peripheral 104a receives an access request to the first peripheral 104a from the transaction host 102, the first access controller 106a accesses the first peripheral 104a. The respective AC identification code 112a corresponding to the peripheral device 104a, and based on the AC identification code 112a, if the AC_ID value=0, the transaction host 102 is allowed to access the first peripheral device 104a, and if the AC_ID value=1, the transaction host 102 is prevented Access the first peripheral device 104a.

According to the solution of the first example described above, in one example, the transaction host 102 may use the first peripheral device driver corresponding to the first peripheral device 104a to perform the first use related to the first peripheral device 104a. or - space task, and the AC ID 112a can therefore be programmed to 0 before executing the first task (eg, using the access control ID management instructions 214 shown in Figure 2). If the first access controller 106a receives a request to access the first peripheral device 104a from the first peripheral device driver, the first access controller 106a may access the AC identification code 112a and respond with the AC identification code 112a value = 0, allowing access to the first peripheral device 104a. In another example, transaction host 102 may use a second peripheral device driver corresponding to second peripheral device 104b to perform a second user-space task associated with second peripheral device 104b, and thus may identify the AC Code 112b is programmed to 0 to allow access to the second peripheral device 104b and AC identification code 112a is programmed to 1 to prevent access to the first peripheral device 104a. If the first access controller 106a receives a request to access the first peripheral device 104a from the second peripheral device driver (eg, receives an error or malicious request from the second peripheral device driver), the first access controller 106a The AC identification code 112a is accessible, and in response to the AC identification code 112a value=1, access to the first peripheral device 104a is prevented. In yet another example, the transaction host 102 may perform privileged tasks associated with the first peripheral device 104a or the second peripheral device 104b (e.g., included in supervisory firmware), and may therefore perform such privileged tasks before The AC identification code 112a is programmed to 0 or the AC identification code 112b is programmed to 0, respectively, thereby allowing the first peripheral device driver corresponding to the first peripheral device 104a or the second peripheral device corresponding to the second peripheral device 104b to be used. The device driver accesses the first peripheral device 104a.

In a second example, as shown in Table 2 below, respective access control identifiers 112a through 112n are programmable between the following access control identifier (AC_ID) values: (a) Open access settings, (e.g. , AC_ID value=[0]), which allows access to respective peripheral devices 104a through 104n by the transaction host 102 (e.g., executing device drivers or other firmware) regardless of the current operating mode of the transaction host 102 (e.g., privileged mode or user mode), and (b) a restricted access setting (e.g., AC_ID value = [1]) that allows access to the respective peripheral devices 104a through 104n by the transaction host 102 only in the privileged mode of the transaction host 102 (e.g., executing device drivers or other firmware). Table 2. Access control identification code scheme of the second example AC_ID value Trading host operating mode Allow access to peripherals? 0 (open access) 0 (user mode) yes 0 (open access) 1 (privileged mode) yes 1 (restricted access) 0 (user mode) no 1 (restricted access) 1 (privileged mode) yes

In some examples, respective access controllers 106a - 106n may store or access a LUT including the data of Table 2, which the respective access controllers 106a - 106n may access for use in making access decisions. In some examples, respective access controllers 106a-106n may store respective LUTs in respective instances of memory 107, such as read-only memory (ROM) devices (wherein the instance of memory 107 may be configured in respective access controllers 106a through 106n, or memory 107 may otherwise be accessible by respective access controllers 106a through 106n). In other examples, respective access controllers 106a - 106n may implement the decisions specified in Table 2 using respective instances of appropriate logic circuitry 108 . For example, as discussed below with reference to FIG. 4B , respective access controllers 106a - 106n may include logic circuitry 108 that includes logic circuitry for processing accesses input to respective access controllers 106a - 106n Control the NOT gate and OR gate of the identification code.

In a second example (i.e., implementing the solution shown in Table 2), the transaction host 102 may execute respective firmware (eg, the access control ID management instructions 214 shown in FIG. 2) to execute the Solutions are described, such as dynamically programming access control identifiers 112a-112n in real-time based on the transaction host's current operating mode (e.g., privileged mode or user mode), and/or activating access control identifiers associated with specific peripheral devices 104a-104n. Task (e.g., using a device driver corresponding to a particular peripheral device 104a through 104n). For example: (a) To initiate tasks associated with the first peripheral device 104a (regardless of the operating mode of the transaction host 102), the transaction host 102 can program the AC identification code 112a to 0 and program the AC identification codes 112b, 112c...112n to 1 (allowing the transaction host 102 to access the first peripheral device 104a in both privileged mode and user mode of the transaction host 102, as discussed below, while preventing the transaction host 102 from accessing the first peripheral device 104a in both the user mode and the user mode of the transaction host 102) Take peripheral devices 104b, 104c...104n); and (b) To initiate tasks associated with the second peripheral device 104b (regardless of the operating mode of the transaction host 102), the transaction host 102 can program the AC identification code 112b to 0 and the AC identification codes 112a, 112c...112n to 1 (Allows the transaction host 102 to access the second peripheral device 104b in both privileged mode and user mode of the transaction host 102, as discussed below, while preventing the transaction host 102 from accessing the peripheral device in the user mode of the transaction host 102 Devices 104a, 104c...104n).

In a second example, the respective access controllers 106a through 106n associated with the particular peripheral devices 104a through 104n are based on (a) the current access control identification codes 112a through 112n corresponding to the particular peripheral devices 104a through 104n. The value and (b) the operating mode signal 120 indicating the operating mode (privileged mode or user mode) of the transaction host 102 to make an access determination for accessing the specific peripheral devices 104a to 104n. For example, when the first access controller 106a associated with the first peripheral 104a receives an access request to the first peripheral 104a from the transaction host 102, the first access controller 106a accesses (a) AC identification code 112a and (b) operating mode signal 120 corresponding to the first peripheral device 104a, and based on the scheme defined in Table 2, it is determined whether the transaction host 102 is allowed to access the first peripheral device 104a. Specifically, the first access controller 106a determines that the transaction host 102 is allowed to access the first peripheral device 104a unless (a) the AC_ID value=1 (restricted access setting) and (b) the operating mode signal value=0 (using or mode) both.

According to the solution of the second example described above, in one example, the transaction host 102 can initiate a user mode task related to the first peripheral device 104a, and can therefore program the AC identification code 112a to 0 to Start such tasks. If the first access controller 106a receives a request to access the first peripheral device 104a from the first peripheral device driver, the first access controller 106a may (a) access the AC identification code 112a; (b) access the Operation mode signal 120; (c) If the operation mode signal 120 indicates user mode (operation mode signal value=0) or privileged mode (operation mode signal value=1), then allow the first peripheral device driver to access the first an access determination of the peripheral device 104a that otherwise prevents the first peripheral device driver from accessing the first peripheral device 104a; and (d) allowing or preventing the first peripheral device driver from accessing the first peripheral device 104a based on the access determination.

In another example, the transaction host 102 may use a second peripheral device driver corresponding to the second peripheral device 104b to initiate a user mode task associated with the second peripheral device 104b, and thus may program the AC identification code 112b be programmed to 0 (ie, open access to second peripheral device 104b) and AC identification code 112a may be programmed to 1 (ie, restricted access to first peripheral device 104a). If the first access controller 106a receives a request to access the first peripheral device 104a from the second peripheral device driver, the first access controller 106a may (a) access the AC identification code 112a; (b) access the operating mode signal 120; and (c) making an access determination to allow or prevent access to the first peripheral device 104a by the second peripheral device driver, in particular, if the operating mode signal 120 indicates a privileged mode (operating mode signal value = 1), then it is determined that access is allowed, and if the operation mode signal 120 indicates the user mode (operation mode signal value = 0), then it is determined that access is prevented; and (d) based on the access, it is determined that access is allowed or prevented by the second peripheral device The driver accesses the first peripheral device 104a.

As shown in Figure 1, respective access controllers 106a-106n may receive (a) access requests (ACRs) from respective peripheral devices 104a-104n, (b) respective AC identification codes 112a-112n, and (optional) Required) (c) The operating mode signal 120 is taken as input and the received input is processed to make an access determination for the respective peripheral device 104a to 104n. For simplicity, the access request (ACR shown in Figures 1 to 2 and TH_id shown in Figure 3) and the selectable operating mode signal (120 in Figures 1 to 2 and 120a in Figure 3 to 120n) are illustrated in Figures 1-3 as being transmitted only to access controller 106a; it is understood that the access request and selectable operating mode signals may be similar for operations associated with respective access controllers 106b-106n are transmitted to access controllers 106b to 106n.

As discussed above, in some examples, respective access controllers 106a - 106n of example electronic device 100 may include (or access) respective lookup tables (LUTs) stored in memory 107 (eg, ROM) , the lookup table defines a separate access decision for each AC_ID value (e.g., according to the scheme defined in Table 1 above), or defines a separate access decision for each combination of AC_ID value and operating mode signal value (e.g., according to the above Schemes defined in Table 2). In other examples, for example, as shown in FIGS. 4A and 4B discussed below, respective access controllers 106a - 106n may include examples of logic circuitry 108 that includes one or more logic gates. , such as NOT gate (e.g., implement the plan defined by Table 1 above) or NOT gate and OR gate (e.g., implement the plan defined by Table 2 above).

In some examples, the electronic device 100 may include AC identification code programmed firmware that is executed by the transaction host 102 to, for example, based on the operating mode of the transaction host and/or based on the respective peripheral devices 104a-104n selected for access ( Referred to herein as access requesting peripherals 104a - 104n ), one, some, or all AC identifiers 112a - 112n are dynamically programmed, such as to initiate tasks associated with the respective peripherals 104a - 104n . In addition, in some examples, as discussed below with reference to FIG. 2, the access control register 110 is provided in a dedicated peripheral device, and the peripheral device (such as peripheral devices 104a to 104n) may also be stored by a respective access controller. Access control, e.g., where the AC identifier programmed firmware may access the access control register 110 only in the privileged mode of the transaction host 102 and not in the user mode of the transaction host 102 (e.g., the programmed AC identifier 112a to 112n).

Figure 2 illustrates additional features and aspects of the electronic device (eg, SoC) 100 of Figure 1, according to one example. As discussed above, the electronic device 100 includes a transaction host 102, peripheral devices 104a to 104n, access controllers 106a to 106n, and an access control register 110 that stores access control identification codes 112a to 112n. The components of electronic device 100 may be communicatively connected to each other via any type of communication link 114 (eg, bus, wire, or other type of link). As discussed above, the respective access controllers 106a - 106n utilize the respective access control identifiers 112a - 112n (and optionally additional input data), for example based on the operating mode of the transaction host 102 (e.g., privileged mode or using mode) and/or controls access to the respective peripherals 104a - 104n based on the peripheral device 104a - 104n requesting access (ie, the peripheral device 104a - 104n requesting access). Access controllers 106a - 106n may implement any of the various example schemes discussed above, for example, using the access control identification scheme shown in Table 1 or Table 2 described above.

As shown in FIG. 2, the access control register 110 including the access control identification codes 112a to 112n may be provided in the dedicated peripheral device 104ac, and the corresponding access controller 106ac may be provided to control access to the peripheral device 104ac. Access, for example, is similar to access controllers 106a through 106n that control access to peripheral devices 104a through 102n, respectively. For example, access controller 106ac may control access to peripheral device 104ac based on operating mode signal 120 from transaction host 102 and (optionally) respective AC identification code 112ac. In some examples, access controller 106ac may control access to peripheral device 104ac based on operating mode signal 120 from transaction host 102. In other examples, access controller 106ac may be similar, such as based on respective AC identifiers 112ac and/or operating mode signals 120 and using an access control identifier scheme as shown in Table 1 or Table 2 described above. Operates on access controllers 106a to 106n.

As shown in FIG. 2 , the electronic device 100 may also include non-transitory memory 202 that stores various firmware and other data. Non-transitory memory 202 (also referred to as memory 202) may include one or more read-only memory (ROM), such as flash ROM, erasable programmable ROM (EPROM), electronically erasable programmable ROM (EPROM), Programmable ROM (EEPROM), flash memory, or any other suitable type and number of memory devices.

As shown, memory 202 may include a privileged section 202a and a non-privileged section (or user section) 202b. The non-privileged section 202b may store computer-readable user-space code 208, such as implemented in firmware, such as device drivers associated with respective peripheral devices 104a-104n and/or other user-space firmware. . User-space code (eg, user-space firmware) 208 may include functionality that requires or may take advantage of access to only selected resources (eg, selected resources in peripheral devices 104a-104n). For example, user-space code 208 may include device drivers or other firmware that may be required by respective tasks 220a - 220n or may exploit access to selected peripherals 104a - 104n , such as to access settings stored in Data in respective registers 214a through 214n in respective peripheral devices 104a through 104n. Therefore, a device driver conventionally operating as a supervisory firmware may operate as a user-space firmware with access only to selected resources (e.g., selected peripheral devices 104a through 104n), thereby providing increased security. As described in this article.

Privileged section 202a may store supervisory code (eg, supervisory firmware) 206 and bitmask data structure 230. Bit mask data structure 230 may include bit masks 232a through 232n respectively corresponding to tasks 220a through 220n, where respective bit masks 232n for respective tasks 220n indicate respective storage locations of respective peripheral devices 104a through 104n. Settings are obtained, for example, indicating whether respective tasks 220n are assigned peripheral access permissions for respective peripheral devices 104a-104n. For example, referring to FIG. 2, the task 1 bit mask 232a corresponding to "task 1" 220a may indicate that "task 1" 220a is assigned the peripheral access permission of the first peripheral device 104a but not the second peripheral device 104b; And the task 2 bit mask 232b corresponding to "task 2" 220b may indicate that "task 2" 220b is assigned the peripheral access permission of the second peripheral device 104b instead of the first peripheral device 104a.

In some examples, the respective bit masks 232a - 232n of the respective tasks 220a - 220n may include one of the peripheral access permissions indicating whether the respective tasks 220a - 220n are assigned respective ones of the peripheral devices 104a - 104n A bit or bits (also referred to herein as "bitmask bits") or other data. For example, task 1 bitmask 232a corresponding to "task 1" 220a may include one or more first bit masks indicating that "task 1" 220a is assigned peripheral access permissions of first peripheral device 104a bits or other data, and one or more second bit mask bits or other data indicating that "Task 1" 220a is not assigned a peripheral access permission for the second peripheral device 104b.

Supervision code (eg, supervision firmware) 206 may include sequencers 212 and access control ID management instructions 214 . Sequencer 212 is executed by transaction host 102 to manage the execution of user-space code (eg, user-space firmware) 208, including, for example, tasks 220a through 220n. Access control ID management instructions 214 may be executed by transaction host 102 to (a) access bit masks 232a through 232n and (b) based on respective bit masks 232a corresponding to respective tasks 220a through 220n to be performed. to 232n the values of the access control identification codes 112a to 112n in the programmed access control register 110. In some examples, such as certain implementations of the first example access control ID scheme described above (see Table 1), transaction host 102 may use bit masks 232a through 232n for user mode operations (see Table 1). For example, respective tasks 220a through 220n are executed in user mode) but not for privileged mode operation (eg, respective tasks 220a through 220n are executed in privileged mode). (In other implementations of the first example access control ID scheme (shown in Table 1), transaction host 102 may use bit masks 232a through 232n for both user mode and privileged mode operations).

For example, before executing "Task 1" 220a, the transaction host 102 may execute the access control ID management instructions 214 to configure the access control identifier based on the task 1 bit mask 232a and/or based on the operating mode of the transaction host 102 (e.g., privileged mode or user mode) to program the values of the access control identification codes 112a to 112n in the access control register 110. Example implementations are provided under both the first example access control identification code scheme described above (see Table 1) and the second example access control identification code scheme described above (see Table 2).

Example 1: First example access control identification code scheme (Table 1). Under the first example access control ID scheme described above (see Table 1), the transaction host 102 can use the task 1 bit mask 232a to perform "task 1" 220a in user mode, but does not Not used to execute "Task 1" 220a in privileged mode. For example, before executing "Task 1" 220a in the user mode, the transaction host 102 may execute the access control identifier management instruction 214 to (a) identify that "Task 1" is to be executed in the user mode of the transaction host 102 220a; (b) the access indication "Task 1" 220a is assigned the first element mask 232a of the peripheral access permission of the first peripheral device 104a but not the second peripheral device 104b; and (c) based on the first element Mask 232a and the current operating mode (user mode) program the first access control identification code 112a into an access permission value (AC_ID value=0), which allows use in "Task 1" 220a access the first peripheral device 104a during execution of the user mode; and (b) program the second access control identification code 112b to an access prevention value (AC_ID value=1) that prevents access to the first peripheral device 104a during "Task 1" The second peripheral device 104b is accessed during user mode execution of 220a. In contrast, before executing "Task 1" 220a in privileged mode (under the first example access control ID scheme shown in Table 1 above), the transaction host 102 may execute access control ID management instructions. 214 to program both the first access control identification code 112a and the second access control identification code 112b into an access permission value (AC_ID value=0) that allows privileges in "Task 1" 220a Both the first peripheral device 104a and the second peripheral device 104b are accessed during execution of the mode. In this case, the transaction host 102 can ignore the task 1 bit mask 232a because for privileged mode operation, all peripheral devices 104a-104n are accessible.

As mentioned above, in other examples utilizing the first example access control ID scheme (shown in Table 1), the transaction host 102 may use bit masks 232a-232n for user mode and privileged mode operations. Both.

Example 2: Second example access control identification code scheme (Table 2). Under the second example access control ID scheme described above (see Table 2), before executing "Task 1" 220a (in user mode or privileged mode), the transaction host 102 may perform control bit management Instructions 214 (a) program the first access control identifier 112a to a public access setting (AC_ID value=0) for the first peripheral device 104a that allows privileged mode on the transaction host 102 and user mode to access the first peripheral device 104a. and (b) program the second access control identification code 112b to a restricted access setting (AC_ID value=1) for the second peripheral device 104b that allows for privileged mode of the transaction host 102 in but not in user mode to access the second peripheral device 104b.

3 illustrates another example electronic device 300 utilizing access control identification codes to control access to peripheral devices, according to one example. Electronic device 300 may be generally similar to example electronic device 100 discussed above, except that peripheral devices 104a through 104n and 104ac, access controllers 106a through 106n and 106ac, and peripheral device 104ac storing access control identification code 112. In addition to the access control register 110, a plurality of transaction hosts 102a to 102n are included. The components of electronic device 100 may be communicatively connected to each other via any type of communication link 114 (eg, bus, wire, or other type of link).

Respective access controllers 106a - 106n and 106ac may utilize respective access control identifiers 112 (and optionally additional input data) to, for example, request peripheral devices 104a - 104n based on (a) access requests, (b) requests Access requesting peripherals 104a - 104n and (c) operating modes of respective transaction hosts 102a - 102n (referred to herein as access requesting transaction hosts 102a - 102n ) and (c) access requesting transaction hosts 102a - 102n Signals 120a - 120n (eg, privileged mode or user mode) control access to respective peripheral devices 104a - 104n and 104ac.

The access control register 110 may store an AC identifier array 113 including a respective set of AC identifiers 112 for respective transaction hosts 102a through 102n, where the AC identifiers 112 for respective transaction hosts 102a through 102n The set of includes respective AC identification codes 112 for respective peripheral devices 104a through 104n and, optionally, for peripheral device 104ac. Table 3 below shows an example AC identification code array 113 for a plurality of transaction hosts 102a-102n and a plurality of peripheral devices 104a-104n and 104ac. Table 3. Example AC identification code array 113, such as electronic device 300, including a plurality of transaction hosts 102a to 102n and a plurality of peripheral devices 104a to 104n and 104ac. Peripheral equipment Trading host 104a 104b 104c … 104n 104ac 102a 1 1 1 … 1 1 102b 1 0 1 … 1 1 … … … … … … … 102n 1 1 1 … 1 1

The value of AC ID 112 in AC ID array 113 may be used by respective access controllers 106a through 106n and 106ac to determine access to respective peripheral devices 104a through 104n and 104ac by respective transaction hosts 102a through 102n.

In one example, the value of AC identification code 112 in AC identification code array 113 may indicate an access allowed state (AC_ID value=0) or an access prevented state (AC_ID value=1), for example, as discussed above with respect to Table 1 . In this example, when the access requesting transaction host 102a to 102n attempts to access the access requesting peripheral device 104a to 104n or 104ac, the access controller 106a to 106n corresponding to the access requesting peripheral device 104a to 104n or 104ac Or 106ac may (a) receive an access request including a transaction host identification code (TH_id) from the access requesting transaction hosts 102a to 102n; (b) identify from the AC identification code array 113 stored in the access control register 110 The value of the AC identification code 112 corresponding to the access requesting transaction host 102a to 102n (based on the received TH_id) and the access requesting peripheral device 104a to 104n or 104ac; and (c) granting based on the identified AC identification code 112 or Prevent access by the access requesting transaction host 102a to 102n from accessing the access requesting peripheral device 104a to 104n or 104ac (that is, if the AC_ID value=0, then the access is allowed, and if the AC_ID value=1, then prevent access); and (d) allow or prevent access to the peripheral device 104a to 104n or 104ac of the access request based on the access determination.

In another example, the value of the AC identification code 112 in the AC identification code array 113 may indicate an open access state (AC_ID value=0) or a restricted access state (AC_ID value=1), for example, as described above with respect to Table 2 discussed. In this example, when the access requesting transaction host 102a to 102n attempts to access the access requesting peripheral device 104a to 104n or 104ac, the access controller 106a to 106a corresponding to the access requesting peripheral device 104a to 104n or 104ac 106n or 106ac may (a) receive an access request including TH_id from the access request transaction hosts 102a to 102n; (b) receive respective operation mode signals 120a to 120n from the access request transaction hosts 102a to 102n, which operation modes Signal indicating the operating mode (privileged mode or user mode) of the access requesting transaction hosts 102a to 102n; (c) identifying and accessing the access requesting transaction host 102a from the AC identification code array 113 stored in the access control register 110 to 102n (based on the received TH_id) and the value of the AC identification code 112 corresponding to the peripheral device 104a to 104n or 104ac of the access request; (d) based on the value of the AC identification code 112 and the access request transaction host 102a to 102n The operating mode, for example, according to the scheme discussed above with respect to Table 2, makes an access determination that allows or prevents the access requesting peripheral device 104a to 104n or 104ac from being accessed by the access requesting transaction host 102a to 102n; and (e ) allows or prevents access to the peripheral device 104a to 104n or 104ac of the access request based on the access decision.

As discussed above, in some examples, respective access controllers 106a - 106n of example electronic device 100 may include respective instances of memory 107 that store look-up tables (LUTs), or alternatively may include logic circuitry Each instance of 108 implements the access determination scheme defined in Table 1 or Table 2 above.

Regarding the latter, Figures 4A-4D show circuit diagrams of example logic circuitry 108 disposed in respective access controllers 106a-106n (and, optionally, access controller 106ac), according to some examples.

First, FIGS. 4A and 4B show example logic circuitry 108 of an example electronic device (eg, the example electronic device 100 shown in FIGS. 1 and 2 ) including a transaction host 102 .

4A shows example logic circuitry 108a according to the first example as discussed above, that is, implementing the access control ID scheme shown in Table 1 above. Logic circuitry 108a includes a NOT gate (or inverter) 402 that inverts the value of the respective access control identification code 112 and outputs a value that defines the access decision.

4B shows example logic circuitry 108b according to the second example as discussed above, that is, implementing the access control ID scheme shown in Table 2 above. The logic circuitry 108b includes a NOT gate (or inverter) 402 that inverts the value of the respective access control identification code 112, and processes the value output by the NOT gate 402 and the operating mode signal 120 and outputs a value that defines the access decision. OR gate 404.

Next, FIGS. 4C and 4D show example logic circuitry 108 for an example electronic device including a plurality of transaction hosts 102 (eg, the example electronic device 300 shown in FIG. 3 ).

4C shows example logic circuitry 108c according to the first example as discussed above, that is, using multiple transaction hosts 102 to implement the access control ID scheme shown in Table 1 above. Logic circuitry 108c includes a multiplexer (MUX) 406 that receives (a) the value of the AC identification code 112 for the respective transaction host 102 and (b) identifies each request to access the respective peripheral device 104 The access request identification code (TH_id) of the respective transaction host 102 is selected, and the value of the respective AC identification code 112 associated with the respective transaction host 102 is selected in response to the access request identification code (TH_id). The selected AC_ID value is Passed to NOT gate (or inverter) 402 which inverts the AC_ID value and outputs a value defining the access decision.

In other examples, the meanings of the example AC_ID values set forth in Table 1, Table 2, and/or Table 3 may be reversed, for example, where AC_ID=0 indicates access prevention or restricted access settings, and AC_ID=1 indicates access allowed. or open access settings. In these examples, NOT gate (inverter) 402 may be omitted from the logic circuitry 108a - 108d shown in Figures 4A - 4D.

4D shows example logic circuitry 108d according to the second example as discussed above, that is, implementing the access control ID scheme shown in Table 2 above. Logic circuitry 108d includes a multiplexer (MUX) 406 that receives (a) the value of the AC identification code 112 for the respective transaction host 102 and (b) identifies each request to access the respective peripheral device 104 The access request identification code (TH_id) of the respective transaction host 102 is selected, and the value of the respective AC identification code 112 associated with the respective transaction host 102 is selected in response to the access request identification code (TH_id). The selected AC_ID value is Forwarded to NOT gate 402 which inverts AC_ID value. The logic circuitry 108d further includes an OR gate 404 that processes the value output by the NOT gate 402 and the operating mode signal 120 of the respective transaction host 102 and outputs a value that defines an access decision.

Figure 5 is a flowchart of an example method 500 for controlling access to peripherals in an electronic device including a transaction host, a first peripheral, a second peripheral, and an access control register. In some examples, the electronic device may be example electronic device 100 or electronic device 300 discussed above. At 502, a first access control identification code for the first peripheral device and a second access control identification code for the second peripheral device are stored in the access control register. For example, the first access control identifier and the second access control identifier may be determined by the transaction host before performing respective tasks (eg, device driver tasks), for example based on the transaction host's operating mode and/or based on the pending Programmed with respective peripheral devices (eg, a first peripheral device, a second peripheral device, or another peripheral device) for performing respective tasks.

At 504, during execution of the respective tasks, a first access controller associated with the first peripheral device receives a request from the transaction host to access the first peripheral device. For example, the transaction host may execute a device driver task corresponding to the first peripheral device. In some examples, the access request from the transaction host optionally includes an operating mode signal indicating a privileged mode or a user mode of the transaction host.

At 506, the first access controller accesses the first access control identification code for the first peripheral device from the access control register. At 508, the first access controller is based on at least the accessed first access control identification for the first peripheral device, such as using a respective LUT stored in memory or using, for example, Figures 4A-4 Respective logic circuitry shown in any of 4D makes access decisions that alternately allow or prevent access to the first peripheral device by the transaction host. For example, the first access controller may make the access determination according to the access control identification code scheme described above with respect to Table 1. In some examples, the first access controller may also use the selectively received operating mode signal (see 504 above) as another input for the access determination. For example, the first access controller may perform access according to the access control identification scheme described above with respect to Table 2 based on the first access control identification code and the operating mode indicated by the selectable operating mode signal. determination.

At 510, the first access controller allows or prevents access to the first peripheral device based on the access decision. For example, to prevent access to the first peripheral, the first access controller may force the "chip select" signal (also referred to as the "peripheral select" signal) associated with the requested transaction to have a value of =1 ( indicating the first peripheral is targeted/selected) to value=0 (indicating the first peripheral is not targeted/selected), causing the first peripheral to ignore the transaction. Alternatively, to allow access to the first peripheral, the first access controller may leave the chip select signal value unchanged (value = 1), causing the first peripheral to process the transaction, or force the transaction associated with the requested transaction. The chip select signal ranges from value=0 to value=1. (In alternative examples, other die select signal values may be defined to indicate whether the respective peripheral device is targeted/selected. For example, the system may define a die select signal value = 0 to indicate that the peripheral device is targeted/selected. , while a chip select signal value = 1 indicates that the peripheral is not targeted/not selected).

Figure 6 is a flow diagram of an example method 600 for controlling access to peripheral devices in an electronic device including a transaction host, a plurality of peripheral devices, and storing respective access control identities for the plurality of peripheral devices. Access control register of code (AC identification code). In some examples, the electronic device may be example electronic device 100 or electronic device 300 discussed above, and method 600 may correspond to the access control identification code scheme discussed above with respect to Table 1.

At 602, the transaction host programs AC identification codes for the plurality of peripheral devices, such as based on the transaction host's planned operation. In this example, for privileged mode operation, the transaction host sets the AC ID of the respective peripheral device to an access permission setting (AC_ID value = 0) that allows access to the respective peripheral device by the transaction host. In some examples, the transaction host may execute access control identifier management instructions provided in supervisory firmware to access and program AC identifiers. In some instances, when setting the AC ID for privileged mode operation, the transaction host can ignore the bit mask because all peripheral devices are accessible during privileged mode operation.

At 604, the transaction host operates in a privileged mode, for example, by executing relevant supervisory code, such as supervisory firmware. At 606, when the transaction host operates in a privileged mode, a respective access controller corresponding to a respective one of the plurality of peripheral devices grants access based on a respective AC identification code for the respective peripheral device. Setting (AC_ID value = 0), such as using separate LUTs stored in memory or using separate logic circuit systems (for example, as shown in Figure 4A (single trading host scenario) or Figure 4C (multiple trading host scenarios) display), allowing access to individual peripheral devices.

At 608, when the transaction host is operating in privileged mode (where the AC ID is programmed to 0), supervisory firmware identification performed by the transaction host is associated with the selected peripheral device to be performed in user mode ("Peripheral Device"). N") related individual tasks. At 610, prior to performing respective tasks associated with peripheral device N, the transaction host accesses respective bit masks associated with the respective tasks, the respective bit masks indicating multiple peripheral devices (including peripheral Device N) is used to perform access settings for individual tasks and program AC identification codes for multiple peripheral devices based on individual bit masks. In this example, transaction host (a) programs the AC ID for peripheral device N into an access permission setting (AC_ID value = 0) that is allowed during user mode execution of the respective task. Access peripheral device N, and (b) program the AC identifiers for other peripheral devices of the plurality of peripheral devices into an access prevention setting (AC_ID value = 1) that prevents access between separate tasks. Access each individual peripheral device during user mode execution.

At 612, the transaction host transitions from privileged mode to user mode and performs respective tasks related to peripheral device N. At 614, in order to perform respective tasks related to peripheral device N, the access controller corresponding to peripheral device N sets the access permission based on the AC identification code for peripheral device N (AC_ID value = 0) (such as based on Programmed with individual bit masks associated with individual tasks), such as using individual LUTs stored in memory or using individual logic circuits (e.g., as shown in Figure 4A (single trading host scenario) or Figure 4C (multiple transaction hosts scenario)), allowing access to peripheral device N (eg, access to the registers in peripheral device N). If the transaction host attempts to access any of the other peripheral devices, the access controller corresponding to the respective other peripheral device has an access prevention setting based on the respective AC identification code for the other peripheral device (AC_ID value = 1), such as using separate LUTs or logic circuitry (eg, as shown in Figure 4A or Figure 4C) to prevent access to other peripheral devices.

At 616, the transaction host completes the respective tasks associated with peripheral device N. At 618, the transaction host may identify the next transaction host activity to be performed in user mode. For example, as indicated at 620, if the supervisory firmware executed by the transaction host identifies a next peripheral-related task to be performed in user mode (either related to the same peripheral or another peripheral), the method may Return to 610 where the transaction host programs the AC identification code accordingly for use in performing the next task (eg, based on the respective bit mask associated with the next task). As another example, as indicated at 622, if supervisory firmware executed by the transaction host identifies a supervisory or privileged operation to be performed, the method may return to 602, where the transaction host will (optionally) be used for multiple peripheral devices. The AC ID is programmed into an access permission setting (AC_ID value = 0) (ie, regardless of individual bit masks) to allow access to individual peripherals by the transaction host during supervisory or privileged operations, as discussed above. In some instances or scenarios, programming AC identifiers for supervisory or privileged operations may be redundant (since all registers are accessible to the trading host running the supervisory code), and thus may be omitted or optionally included at 602 AC identification code stylization.

Figure 7 is a flow diagram of an example method 700 for controlling access to peripheral devices in an electronic device including a transaction host, a plurality of peripheral devices, and storing respective access control identities for the plurality of peripheral devices. Access control register of code (AC identification code). In some examples, the electronic device may be example electronic device 100 or example electronic device 300 discussed above, and method 700 may correspond to the access control identification code scheme discussed above with respect to Table 2.

At 702, the transaction host programs AC identification codes for the plurality of peripheral devices, such as based on the transaction host's planned operation. In this example, for privileged mode operation, the transaction host sets the AC ID for the respective peripheral device to the restricted access setting (AC_ID value = 1). In some examples, the transaction host may execute access control identifier management instructions provided in supervisory firmware to access and program AC identifiers.

At 704, the trading host operates in a privileged mode, for example, by executing relevant supervisory firmware. At 706, when the transaction host is operating in a privileged mode (where the AC identification code is programmed to 1), a respective access controller corresponding to a respective one of the plurality of peripheral devices, such as using stored in memory Individual LUTs in the LUT may use separate logic circuitry (for example, as shown in Figure 4B (single transaction host scenario) or Figure 4D (multiple transaction host scenarios)) to allow access to individual peripheral devices. Each request by the trading host to access a respective peripheral device may include an operating mode signal indicating a privileged mode of the trading host (eg, operating mode signal value = 1 according to the control bit scheme shown in Table 2). For respective requests by the transaction host to access respective peripheral devices, the respective access controllers corresponding to the respective peripheral devices may be based on the control bit scheme shown above in Table 2, based on (a) for the respective AC identification code of the respective peripheral device and (optionally, in the case of multiple trading hosts) the respective trading host, and (b) an operating mode signal indicating privileged mode (e.g., operating mode signal value = 1), Determines whether to allow or prevent access to individual peripheral devices. More specifically, the respective access controller allows access to the respective peripheral device based on the privileged mode of the respective transaction host (eg, operating mode signal value = 1).

At 708, while the transaction host is operating in privileged mode, supervisory firmware executed by the transaction host identifies pending transactions associated with a selected peripheral device ("Peripheral Device N") among the plurality of peripheral devices in user mode. Separate tasks. At 710, prior to performing respective tasks associated with peripheral device N in user mode, the transaction host accesses respective bit masks associated with the respective tasks, the respective bit masks indicating multiple peripherals Devices (including peripheral device N) are configured for access to individual tasks, and AC identification codes for multiple peripheral devices associated with the transaction host are programmed based on individual bit masks. In this example, the transaction host (a) programs the AC ID for peripheral device N to the open permission setting (AC_ID value = 0) according to the control bit scheme shown above in Table 2, and ( b) Program the AC IDs for other peripheral devices in the plurality of peripheral devices connected to the transaction host to a restricted access setting (AC_ID value = 1).

At 712, the transaction host transitions from privileged mode to user mode and performs various tasks related to peripheral device N. At 714, in order to perform respective tasks related to peripheral device N, the access controller corresponding to peripheral device N is based on (a) the open access setting (AC_ID value = 0), such as using each stored in the memory. Different LUTs or using separate logic circuitry (e.g., as shown in Figure 4B (single transaction host scenario) or Figure 4D (multiple transaction host scenario)), allow access to peripheral device N (e.g., access peripheral device N register). If the transaction host attempts to access any of the other peripheral devices, the respective access controller corresponding to the other peripheral device is based on (a) the restricted access setting (AC_ID value = 1) and (b) according to Table 2 ) User mode of the transaction host (operating mode signal value = 0), such as using separate LUTs or logic circuits (for example, as shown in Figure 4B or Figure 4D) to prevent access to other peripheral devices.

At 716, the transaction host completes respective tasks associated with peripheral device N in user mode. At 718, the transaction host can identify the next transaction host activity to proceed. For example, as indicated at 720, if the supervisory firmware executed by the transaction host identifies a next peripheral-related task to be performed in user mode (either related to the same peripheral or another peripheral), the method may Returning to 710, the transaction host programs the AC identification code accordingly for use in performing the next task (eg, based on the respective bit mask associated with the next task). As another example, as indicated at 722, if supervisory firmware executed by the transaction host identifies supervisory or privileged operations to be performed in privileged mode, the method may return to 702, where the transaction host will be used for multiple peripheral devices. The AC ID is programmed into a restricted access setting (AC_ID value = 1), as discussed above.

8 is a flow diagram of an example method 800 for controlling access to peripherals in an electronic device including a transaction host, a first peripheral, a second peripheral and storing respective access control identification codes ( AC identification code) access control register. In some examples, the electronic device may be the example electronic device 100 or the electronic device 300 discussed above, and the method 800 may be as described above with respect to any of Table 1, Table 2, or Table 3 described above, for example. Corresponds to the access control ID scheme discussed.

At 802, a first access control identification code for the first peripheral device and a second access control identification code for the second peripheral device are stored in the access control register. The transaction host can dynamically program the first access control identifier and the second access control identifier over time to perform different types of operations, such as privileged mode operations and user mode operations, including those related to the first and second access control identifiers. 2. Operations related to peripheral equipment. In some examples, the transaction host may execute access control identifier management instructions provided in the supervisory firmware to dynamically program the first and second access controls before performing respective tasks (e.g., device driver tasks) Identification code.

For example, at 804, for privileged mode operation, the transaction host sets a first access control identifier and a second access control identifier to allow access to the first peripheral device and the second peripheral device, respectively. In some instances or scenarios, programming the AC identifier for privileged mode operations may be redundant (since the trading host running the supervision code has access to all registers), and therefore the AC at 804 may be omitted or selected Identifier stylization. In some examples, the transaction host sets the first and second access control identification codes according to the access bit scheme as discussed above with respect to any of Table 1, Table 2, or Table 3 described above. At 806, the transaction host operates in privileged mode for the first time, so at 806, the operating mode signal indicates privileged mode.

At 808, for a user mode operation associated with the first peripheral device (user mode task), the transaction host accesses the respective bit mask associated with the user mode task, the bit mask instructions for Access settings for at least first and second peripheral devices, and AC identification codes for at least first and second peripheral devices programmed based on respective bit masks. In this example, the transaction host (a) sets a first access control identifier to allow access to the first peripheral device by the transaction host in user mode, and (b) sets a second access control identifier to prevent access by the transaction host to the first peripheral device in user mode. The transaction host accesses the second peripheral device in user mode. In some examples, the transaction host sets the first and second access control identification codes according to the access bit scheme as discussed above with respect to any of Table 1, Table 2, or Table 3 described above. At 810, the transaction host performs user mode tasks associated with the first peripheral device at a second time, and therefore, at 810, the operating mode signal indicates user mode.

The transaction host may continue to dynamically program the first and second access control identifiers in this manner over time for different types of operations, such as privileged mode operations and user mode operations, including those associated with the first and second access control identifiers. Operations related to peripheral equipment.

9 is a flowchart of an example method 900 for controlling access to peripheral devices using task-related bit masks in an electronic device including a transaction host, a first peripheral device, a second peripheral device, and a device including Access control registers for the first access control identification code of the first peripheral device and the second access control identification code of the second peripheral device. At 902, store computer-readable program code including a first task related to the first peripheral device and a first element mask corresponding to the first task, wherein the first element mask indicates the first peripheral device and the first element mask. The two peripheral devices are used to perform separate access settings for the first task. At 904, prior to executing the first task, the transaction host executes the access control identifier management instructions based on (a) the bit mask corresponding to the first task, and in some implementations (b) the transaction host's operating mode and program the first and second access control identification codes in the access control register. At 906, after updating the first and second access control identification codes in the access control register, the transaction host performs a first task related to the first peripheral device. At 908, during execution of the first task, the first access controller associated with the first peripheral device is based on at least the first access control based on the first element mask programming in the access control register. The identification code controls access to the first peripheral device. At 910, also during execution of the first task, the second access controller associated with the second peripheral device is based on at least the second access based on the first element mask programming in the access control register. The control identification code controls access to the second peripheral device.

100,300: Electronic devices 102,102a,102b...102n: Transaction host 104,104a,104b,104c...104n,104ac: Peripheral equipment 106,106a,106b,106c...106n,106ac: Access controller 107:Memory 108,108a,108b,108c,108d: Logic circuit system 110: Access control register 112,112a,112b,112c...112n,112ac: access control identification code 113:AC identification code array 114: Communication link 116:External host 120,120a,120b...120n: Operation mode signal 202: Non-transitory memory 202a: Privileged section 202b: Unprivileged section 206: Supervision code 208:User-space code 212: Sequencing program 214: Access control identification code management command 214a, 214b, 214c…214n: temporary register 220a,220b…220n: Task 230: Bit mask data structure 232a,232b…232n: bit mask 402:NOT gate 404:OR gate 406:Multiplexer 500,600,700,800,900:Method 502,504,506,508,510,602,604,606,608,610,612,614,616,618,620,622,702,704,706,708,710,712,714,716,718,720,722,802,804,806,8 08,810,902,904,906,908,910: Steps ACR, TH_id: access request

Example aspects of the present invention are described below with reference to the drawings, in which: 1 illustrates an example electronic device (e.g., SoC) utilizing access control identification codes to control access to peripheral devices, according to one example; FIG. 2 illustrates additional aspects of the example electronic device of FIG. 1 according to one example; 3 illustrates another example electronic device utilizing an access control identification code to control access to a peripheral device, according to one example; 4A-4D show circuit diagrams of example logic circuit systems disposed in respective access controllers according to some examples; 5 is a flowchart of an example method for controlling access to peripheral devices in an electronic device using access control identification codes stored in an access control register; 6 is a flowchart of an example method for controlling access to peripheral devices in an electronic device using a first example access control identification code scheme; 7 is a flowchart of an example method for controlling access to peripheral devices in an electronic device using a second example access control identification code scheme; 8 is a flowchart of an example method for controlling access to peripherals in an electronic device for both privileged mode operations and user mode operations, according to one example; and Figure 9 is a flowchart of an example method for controlling access to peripheral devices using task-related bit masks.

It will be understood that the reference symbols of any illustrated element appearing in multiple different figures have the same meaning across the multiple figures, and that any reference or discussion herein to any illustrated element in the context of any particular figure also applies. Each other drawing, if any, shows the same illustrated elements.

100: Electronic devices

102:Trading host

104,104a,104b,104c...104n: Peripheral equipment

106,106a,106b,106c...106n: Access controller

107:Memory

108: Logic circuit system

110: Access control register

112,112a,112b,112c...112n: access control identification code

114: Communication link

116:External host

120: Operation mode signal

Claims (22)

An electronic device containing: a trading host; a first peripheral device; a second peripheral device; a first access controller connected to the first peripheral device; a second access controller connected to the second peripheral device; an access control register that stores a first access control identification code for the first peripheral device and a second access control identification code for the second peripheral device; Wherein, the first access controller is used for: Receive an access request from the transaction host to access the first peripheral device; making an access determination to the first peripheral device based at least on the first access control identification code for the first peripheral device; and The transaction host is allowed or prevented from accessing the first peripheral device based on the access determination. The electronic device of claim 1, wherein the transaction host includes a processor or a direct memory access (DMA) engine. The electronic device of claim 1, wherein the transaction host includes a bridge, the bridge is used to receive a request from an external host separate from the electronic device to access the first peripheral device. The electronic device of claim 1, wherein the first access control identification code includes one or more first access control bits, and the second access control identification code includes one or more second first memory bits. Get the control bit. As claimed in claim 1, the electronic device includes firmware executable by the transaction host for programming the first access control identification code and the second access control identification code based on an operating mode of the transaction host. At least one. The electronic device of claim 1, comprising firmware executable by the transaction host for: (a) allowing access by the transaction host to an access permission setting of the respective peripheral device and (b) preventing access by the transaction host to the respective peripheral device; The first access control identifier for the first peripheral device and the second access control identifier for the second peripheral device are programmed between the transaction host's access to the respective peripheral devices. At least one of the control identifiers. For example, the electronic device of claim 1 includes firmware executable by the transaction host for programming the first access control identification code and the second access control identification code, including: For a privileged mode operation of the transaction host, the first access control identifier and the second access control identifier are programmed into an access permission setting to allow the transaction host to access the third access control identifier. Both a peripheral device and the second peripheral device; For a first user mode operation of the transaction host for performing operations related to the first peripheral device, program the first access control identifier to the access permission setting to allow access to the a first peripheral device to program the second access control identification code into an access prevention setting to prevent access to the second peripheral device; and For a second user mode operation of the transaction host for performing operations related to the second peripheral device, the first access control identifier is programmed into the access prevention setting to prevent access to the The first peripheral device is used to program the second access control identification code into an access permission setting to allow access to the second peripheral device. The electronic device of claim 1, wherein the access controller is configured to at least be based on (a) the first access control identification code for the first peripheral device and (b) instructing a privileged mode of the transaction host or An operation mode signal of a user mode of the transaction host is used to determine access to the first peripheral device. The electronic device of claim 1, wherein the first access control identification code for the first peripheral device and the second access control identification code for the second peripheral device respectively indicate any of the following: (a) a restricted access setting that allows access to the respective peripheral device only in a privileged mode of the transaction host, or (b) An open access setting for allowing access to the respective peripheral device in both the privileged mode of the transaction host and the user mode of the transaction host. As claimed in claim 9, the electronic device includes firmware executable by the transaction host for dynamically programming the first access control identifier and the first access control identifier between the restricted access setting and the open access setting. At least one of the second access control identification codes. The electronic device of claim 9, wherein the access controller is used to perform the access determination: If the first access control identification code for the first peripheral device indicates the open access setting and the operating mode signal indicates the privileged mode of the transaction host, determining that access to the first peripheral device is allowed; If the first access control identification code for the first peripheral device indicates the open access setting and the operating mode signal indicates the user mode of the transaction host, it is determined that access to the first peripheral device is allowed; If the first access control identification code for the first peripheral device indicates the restricted access setting and the operating mode signal indicates the privileged mode of the transaction host, it is determined that access to the first peripheral device is allowed; and If the first access control identification code for the first peripheral device indicates the restricted access setting and the operating mode signal indicates the user mode of the transaction host, it is determined that access to the first peripheral device is prevented. The electronic device of claim 1, wherein, The trading host can selectively operate in a privileged mode and a user mode; and At least one of the first access control identifier and the second access control identifier is programmable only in the privileged mode of the transaction host. For example, the electronic device of claim 1 includes an additional transaction host; Wherein, the first access control identification code and the second access control identification code are associated with the transaction host; Wherein, the access control register stores a third access control identification code for the first peripheral device and associated with the additional transaction host, and a third access control identification code for the second peripheral device associated with the additional transaction host. The fourth access control identification code of the link; Among them, the access controller is used to: Receive an additional access request from the additional transaction host to access the first peripheral device; Making an additional access determination to the first peripheral device based on (a) identifying the access request identification code of the additional transaction host and (b) the third access control identification code; and Access to the first peripheral device by the additional transaction host is allowed or prevented based on the additional access determination. A method that contains: In an electronic device including a transaction host, a first peripheral device, a second peripheral device and an access control register, (a) a first access control identification of the first peripheral device is used code and (b) a second access control identification code for the second peripheral device is stored in the access control register; receiving a request from the transaction host to access the first peripheral device by a first access controller associated with the first peripheral device; An access decision is made by the first access controller to allow or prevent access to the first peripheral device based at least on the first access control identification code for the first peripheral device; and Access to the first peripheral device is allowed or prevented based on the access determination. The method of claim 14, including executing firmware by the transaction host to program at least one of the first access control identifier and the second access control identifier based on an operating mode of the transaction host. By. The method of claim 14, comprising executing firmware by the transaction host to (a) allow access to the respective peripheral device by the transaction host and (b) prevent access by the transaction host to an access permission setting The first access control identifier for the first peripheral device and the second access control for the second peripheral device are dynamically programmed between access prevention settings for the respective peripheral devices At least one of the identification codes. The method of claim 14 includes executing firmware by the transaction host to program the first access control identification code and the second access control identification code, including: For a privileged mode operation of the transaction host, the first access control identification code and the second access control identification code are respectively set to allow the transaction host to access the first peripheral device and the second peripheral device. Either device access permission settings; For a first user mode operation of the transaction host for performing operations related to the first peripheral device, the first access control identification code is set to the access permission setting, and the second access control identification code is set to the access permission setting. The control identifier is set to an access prevention setting that prevents access to the second peripheral device; and For a second user mode operation of the transaction host for performing operations related to the second peripheral device, the first access control identification code is set to the access prevention setting, and the second access control identification code is set to the access prevention setting. The control ID is set to an access permission setting. The method of claim 14, including performing the access determination by the first access controller based on at least (a) the first access control identification code for the first peripheral device and (b) An operating mode signal indicating a privileged mode of the transaction host or a user mode of the transaction host allows or prevents access to the first peripheral device. The method of claim 14, wherein the first access control identification code for the first peripheral device and the second access control identification code for the second peripheral device respectively indicate any of the following: (a) a restricted access setting that prevents access to the respective peripheral device in the user mode of the transaction host, or (b) An open access setting that allows access to the respective peripheral device in both the privileged mode of the transaction host and the user mode of the transaction host. The method of claim 19, wherein performing the access determination to allow or prevent access to the first peripheral device includes: Allow access to the first peripheral device if the peripheral device-specific access control identification code for the first peripheral device indicates the open access setting and the operating mode signal indicates the privileged mode of the transaction host; If the first access control identification code for the first peripheral device indicates the open access setting and the operating mode signal indicates the user mode of the transaction host, allowing access to the first peripheral device; If the first access control identification code for the first peripheral device indicates the restricted access setting and the operating mode signal indicates the privileged mode of the transaction host, then allowing access to the first peripheral device; and If the first access control identification code for the first peripheral device indicates the restricted access setting and the operating mode signal indicates the user mode of the transaction host, access to the first peripheral device is prevented. A method that contains: In an electronic device including a transaction host, a first peripheral device, a second peripheral device and an access control register, a first access control identification code and a username for the first peripheral device are used. A second access control identification code in the second peripheral device is stored in the access control register; The transaction host sets the first access control identification code and the second access control identification code to allow access to the first peripheral device and the second peripheral device respectively; The trading host performs a privileged mode operation at a first time; This trading host: setting the first access control identification code to allow access to the first peripheral device by the transaction host; and setting the second access control identification code to prevent access to the second peripheral device by the transaction host; and The transaction host performs a user mode operation related to the first peripheral device at a second time. For example, the method of request item 21 includes: This trading host: setting the first access control identification code to prevent access to the first peripheral device by the transaction host; and setting the second access control identification code to allow access to the second peripheral device by the transaction host; and The transaction host performs a user mode operation related to the second peripheral device at a third time.