公开(公告)号：US11194485B2

公开(公告)日：2021-12-07

申请号：US16624039

申请日：2018-06-08

Applicant: ARM LIMITED

Inventor： Jason Parker ,  Matthew Lucien Evans ,  Gareth Rhys Stockwell ,  Djordje Kovacevic

IPC: G06F3/06 ,  G06F12/0804

Abstract: Memory access circuitry enforces ownership rights for memory regions. A given memory region is associated with an owner realm specified from multiple realms, each realm corresponding to a portion of at least one software process executed by processing circuitry 8. In response to a realm switch from a source realm to a target realm at a more privileged exception level, state masking of a subset of architectural state associated with a source realm is performed to make the state inaccessible to a target realm. In response to a flush command following the realm switch, any of the subset of architectural state data not already saved to at least one realm execution context memory region is ensured to be saved.

公开(公告)号：US10558590B2

公开(公告)日：2020-02-11

申请号：US15574938

申请日：2016-04-26

Applicant: ARM LIMITED

Inventor： Jason Parker ,  Richard Roy Grisenthwaite ,  Andrew Christopher Rose ,  Matthew Lucien Evans

IPC: G06F12/14 ,  G06F12/06

Abstract: A data processing system for processing data using a memory having a plurality of memory regions, a given memory region within said plurality of memory regions having an associated owning process having exclusive rights to control access to said given memory region, said system comprising: a security controller to: receive a request to initialise a guest execution environment; claim one or more regions of memory to be owned by said security controller; store executable program code of said guest execution environment within said one or more regions of memory; and transfer ownership of said one or more regions to said guest execution environment.

公开(公告)号：US09798565B2

公开(公告)日：2017-10-24

申请号：US14682313

申请日：2015-04-09

Applicant: ARM Limited

Inventor： Hakan Persson ,  Matt Evans ,  Jason Parker ,  Marc Zyngier

IPC: G06F9/455 ,  G06F9/50

CPC classification number: G06F9/45558 ,  G06F9/50 ,  G06F2009/45579 ,  G06F2009/45583

Abstract: A data processing system includes one or more processors that each execute one or more operating systems. Each operating system includes one or more applications. An accelerator provides a shared resource for a plurality of the applications and has one or more input/output interfaces for the submission of tasks to the accelerator from an application. A hypervisor manages the allocation of the input/output interfaces to the one or more operating systems and a hypervisor interface enables communication between the hypervisor and the accelerator. The system is capable of being configured such that an operating system that has been allocated an input/output interface is capable of communicating with the accelerator via the input/output interface independently of the hypervisor. A memory management unit is capable of providing an isolated region of a memory for use by the operating system while the operating system retains its allocated input/output interface.

公开(公告)号：US20150293776A1

公开(公告)日：2015-10-15

申请号：US14682313

申请日：2015-04-09

Applicant: ARM Limited

Inventor： Hakan Persson ,  Matt Evans ,  Jason Parker ,  Marc Zyngier

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F9/50 ,  G06F2009/45579 ,  G06F2009/45583

Abstract: A data processing system includes one or more processors that each execute one or more operating systems. Each operating system includes one or more applications. An accelerator provides a shared resource for a plurality of the applications and has one or more input/output interfaces for the submission of tasks to the accelerator from an application. A hypervisor manages the allocation of the input/output interfaces to the one or more operating systems and a hypervisor interface enables communication between the hypervisor and the accelerator. The system is capable of being configured such that an operating system that has been allocated an input/output interface is capable of communicating with the accelerator via the input/output interface independently of the hypervisor. A memory management unit is capable of providing an isolated region of a memory for use by the operating system whilst the operating system retains its allocated input/output interface.

Abstract translation: 数据处理系统包括一个或多个处理器，每个处理器执行一个或多个操作系统。 每个操作系统包括一个或多个应用程序。 加速器为多个应用提供共享资源，并具有用于从应用程序向加速器提交任务的一个或多个输入/输出接口。 虚拟机管理程序管理对一个或多个操作系统的输入/输出接口的分配，管理程序接口实现管理程序和加速器之间的通信。 该系统能够被配置为使得已经被分配了输入/输出接口的操作系统能够经由独立于管理程序的输入/输出接口与加速器通信。 存储器管理单元能够提供存储器的隔离区域，以供操作系统使用，同时操作系统保留其分配的输入/输出接口。

公开(公告)号：US11669467B2

公开(公告)日：2023-06-06

申请号：US15768909

申请日：2016-09-06

Applicant: ARM LIMITED

Inventor： Jason Parker ,  Richard Roy Grisenthwaite

IPC: G06F12/14 ,  G06F9/30 ,  G06F21/60 ,  G06F21/79 ,  G06F12/08 ,  G06F9/54 ,  G06F12/084

CPC classification number: G06F12/1441 ,  G06F9/30043 ,  G06F9/30145 ,  G06F9/544 ,  G06F12/084 ,  G06F12/14 ,  G06F12/1408 ,  G06F12/1475 ,  G06F12/1491 ,  G06F21/60 ,  G06F21/79 ,  G06F2212/1052

Abstract: Processing circuitry performs processing operations specified by program instructions, and a decoder decodes memory access instructions to generate control signals to control the processing circuitry to perform memory access operations. The memory access instructions have respective encodings specifying protected memory access instructions corresponding to protected memory access operations and less-protected memory access instructions corresponding to less-protected memory access operations. The less-protected memory access operations are associated with less restrictive memory access conditions than the protected memory access operations.

公开(公告)号：US11461248B2

公开(公告)日：2022-10-04

申请号：US16648901

申请日：2018-11-09

Applicant: ARM Limited

Inventor： Jason Parker ,  Martin Weidmann ,  Gareth Rhys Stockwell ,  Matthew Lucien Evans

IPC: G06F12/00 ,  G06F13/00 ,  G06F13/28 ,  G06F12/14 ,  G06F21/62 ,  G06F21/78

Abstract: A realm management unit (RMU) manages ownership of memory regions by realms, each realm corresponding to at least a portion of a software process executed by processing circuitry. Memory access circuitry enforces ownership rights for the regions, with the owner realm having a right to exclude other realms from accessing data stored within its owned region. The memory access circuitry permits execution, from within a current realm, of program code stored in a target memory region having an owner realm other than the current realm, when the target memory region is owned by a code realm and a code realm authorisation table 908 stored in at least one memory region owned by the current realm indicates that execution of program code from the target memory region is permitted by the current realm.

公开(公告)号：US11347660B2

公开(公告)日：2022-05-31

申请号：US16623528

申请日：2018-06-11

Applicant: ARM LIMITED

Inventor： Jason Parker ,  Matthew Lucien Evans ,  Gareth Rhys Stockwell ,  Martin Weidmann

IPC: G06F12/00 ,  G06F12/14 ,  G06F9/455

Abstract: Memory access circuitry enforces ownership rights for memory regions. A given memory region is associated with an owner realm specified from multiple realms, each realm corresponding to a portion of at least one software process executed by processing circuitry. A realm management unit initialises the realms. The realm management unit is configured to initialise realms including a full realm which corresponds to a given software process and a sub-realm corresponding to a given address range within the given software process.

公开(公告)号：US11294676B2

公开(公告)日：2022-04-05

申请号：US16625912

申请日：2018-06-08

Applicant: ARM LIMITED

Inventor： Matthew Lucien Evans ,  Jason Parker ,  Gareth Rhys Stockwell ,  Martin Weidmann

IPC: G06F9/30 ,  G06F9/38 ,  G06F9/46 ,  G06F9/48 ,  G06F11/07

Abstract: Memory access circuitry enforces ownership rights for memory regions. A given memory region is associated with an owner realm specified from multiple realms, each realm corresponding to a portion of at least one software process executed by processing circuitry. In response to a first variant of an exception return instruction the processing circuitry returns from processing of an exception while staying within the same realm. In response to a second variant of the exception return instruction the processing circuitry switches processing from a current realm to a destination realm.

公开(公告)号：US10802729B2

公开(公告)日：2020-10-13

申请号：US15574549

申请日：2016-04-26

Applicant: ARM LIMITED

Inventor： Jason Parker ,  Richard Roy Grisenthwaite ,  Andrew Christopher Rose

IPC: G06F3/06 ,  G06F9/455 ,  G06F12/1009 ,  G06F12/14

Abstract: A data processing system comprises ownership circuitry to enforce ownership rights of memory regions within a physical memory address space. A given memory region has a given owning process specified from among a plurality of processes and independently of privilege level. The given owning process has rights to control access to the given memory region. The given owning process designates the given memory region as one of: private to the given owning process and shared between the given owning process and at least one further source of memory access requests. A given owning process may deny access to the given memory region to a process having a greater level of privilege than the given owning process. Data stored within the given memory region may be destructively overwritten, and completion of the overwriting may be tracked by overwrite tracking hardware to ensure completion of the overwriting before the new owner obtains rights to control access.

公开(公告)号：US09830294B2

公开(公告)日：2017-11-28

申请号：US14579316

申请日：2014-12-22

Applicant: ARM Limited

Inventor： Bruce James Mathewson ,  Daren Croxford ,  Jason Parker

IPC: G06F13/00 ,  G06F13/40 ,  G06F13/364 ,  G06F13/42 ,  G06F12/0831

CPC classification number: G06F13/4068 ,  G06F12/0831 ,  G06F13/364 ,  G06F13/4022 ,  G06F13/4221 ,  G06F2212/1016 ,  Y02D10/13 ,  Y02D10/14 ,  Y02D10/151

Abstract: A data processing system having a master device and a plurality of slave devices uses interconnect circuitry to couple the master device with the plurality of slave devices to enable transactions to be performed by the slave devices upon request from the master device. The master device issues a multi-transaction request identifying multiple transactions to be performed, the multi-transaction request providing a base transaction identifier, a quantity indication indicating a number of transactions to be performed, and address information. Request distribution circuitry within the interconnect circuitry analyses the address information and the quantity indication in order to determine, for each of the multiple transactions, the slave device that is required to perform that transaction. Transaction requests are then issued from the request distribution circuitry to each determined slave device to identify which transactions need to be performed by each slave device. Each determined slave device provides a response to the master device to identify completion of each transaction performed by that determined slave device. Each determined slave device provides its responses independently of the responses from any other determined slave device, and each response includes a transaction identifier determined from the base transaction identifier and transaction specific information. This enables the master device to identify completion of each transaction identified within the multi-transaction request. In an alternative arrangement, the same multi-transaction request approach can be used by a master device to initiate cache maintenance operations within a plurality of cache storage devices. This approach can give rise to significant improvements in efficiency and power consumption within the data processing system.